From 086d297f508891775c1dddeddf911f8fa6fd316e Mon Sep 17 00:00:00 2001
From: Valentin Gologuzov <vgologuz@redhat.com>
Date: Tue, 3 Feb 2015 11:10:34 +0100
Subject: [PATCH] [copr] backend: set acl for nrpe to read
 /etc/copr/copr-be.conf

---
 roles/copr/backend/tasks/monitoring.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/roles/copr/backend/tasks/monitoring.yml b/roles/copr/backend/tasks/monitoring.yml
index dd37fc282d..938b7e7b9b 100644
--- a/roles/copr/backend/tasks/monitoring.yml
+++ b/roles/copr/backend/tasks/monitoring.yml
@@ -5,6 +5,12 @@
   tags:
   - nagios_client
 
+- name: set acl for nrpe on /etc/copr
+  acl: name=/etc/copr entity=nrpe etype=user permissions=rx state=present
+
+- name: set acl for nrpe on /etc/copr/copr-be.conf
+  acl: name=/etc/copr/copr-be.conf entity=nrpe etype=user permissions=r state=present
+
 # Three tasks for handling our custom selinux module
 - name: ensure a directory exists for our custom selinux module
   file: dest=/usr/local/share/copr state=directory