From 2d8c1e06e86a45cff145fde21a3ce91df2ae35f7 Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <puiterwijk@redhat.com>
Date: Thu, 21 May 2015 09:16:15 +0000
Subject: [PATCH] Replace chown with file and set current acl

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
---
 roles/pagure/frontend/tasks/main.yml | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/roles/pagure/frontend/tasks/main.yml b/roles/pagure/frontend/tasks/main.yml
index 599c2026a1..5ecb3da87a 100644
--- a/roles/pagure/frontend/tasks/main.yml
+++ b/roles/pagure/frontend/tasks/main.yml
@@ -70,13 +70,13 @@
   - pagure
 
 - name: Adjust owner of /srv/git
-  command: chown git:git -R /srv/git/
+  file: name=/srv/git state=directory recurse=yes owner=git group=git
   tags:
   - gitolite
   - pagure
 
 - name: Adjust permissions of /srv/git/.gitolite
-  command: chown git:git -R /srv/git/.gitolite
+  file: name=/srv/git/.gitolite state=directory recurse=yes owner=git group=git
   tags:
   - gitolite
   - pagure
@@ -217,12 +217,18 @@
   tags:
   - pagure
 
-- name: Manually fix current ACLs since Ansible doesnt know recursive acls
+- name: Manually fix current default ACLs since Ansible doesnt know recursive acls
   when: acl_updates.changed
   command: /usr/bin/setfacl -Rdm user:apache:rx /srv/git
   tags:
   - pagure
 
+- name: Manually fix current ACLs since Ansible doesnt know recursive acls
+  when: acl_updates.changed
+  command: /usr/bin/setfacl -Rm user:apache:rx /srv/git
+  tags:
+  - pagure
+
 - name: set sebooleans so pagure can talk to the db
   action: seboolean name=httpd_can_network_connect_db
                     state=true