openqa: make openQA and FAS credentials root.fedmsg 0640
with openQA jobs being scheduled and wiki results reported (well, when we get that working again) by fedmsg-hub consumers, we have to let the fedmsg user read these files.
This commit is contained in:
Adam Williamson
parent
2572860b30
commit
73da02a655
2 changed files with 10 additions and 7 deletions
|
|
@ -77,23 +77,23 @@
|
|||
when: "gittools|changed or not insttools.stat.exists"
|
||||
|
||||
- name: openQA client config
|
||||
template: src=client.conf.j2 dest=/etc/openqa/client.conf mode=0600
|
||||
template: src=client.conf.j2 dest=/etc/openqa/client.conf owner=root group=fedmsg mode=0640
|
||||
tags:
|
||||
- config
|
||||
|
||||
- name: Create fedora-openqa-schedule config directory
|
||||
file: path=/etc/fedora-qa state=directory owner=root group=root mode=0700
|
||||
file: path=/etc/fedora-qa state=directory owner=root group=root mode=0755
|
||||
|
||||
- name: Write schedule.conf
|
||||
template: src=schedule.conf.j2 dest=/etc/fedora-qa/schedule.conf owner=root group=root mode=0600
|
||||
template: src=schedule.conf.j2 dest=/etc/fedora-qa/schedule.conf owner=root group=root mode=0644
|
||||
tags:
|
||||
- config
|
||||
|
||||
- name: Create /root/.fedora (credentials files location)
|
||||
file: path=/root/.fedora state=directory owner=root group=root mode=0700
|
||||
- name: Create /etc/fedora (credentials files location)
|
||||
file: path=/etc/fedora state=directory owner=root group=fedmsg mode=0750
|
||||
|
||||
- name: Write wikitcms credentials file
|
||||
template: src=credentials.j2 dest=/root/.fedora/credentials owner=root group=root mode=0600
|
||||
template: src=credentials.j2 dest=/etc/fedora/credentials owner=root group=fedmsg mode=0640
|
||||
when: "wikitcms_user is defined and wikitcms_password is defined"
|
||||
tags:
|
||||
- config
|
||||
|
|
|
|||
|
|
@ -153,8 +153,11 @@
|
|||
pause: seconds=5
|
||||
when: "services is defined and services|changed"
|
||||
|
||||
# the 'dispatcher' role requires this to be root.fedmsg 0640. so we
|
||||
# don't enforce ownership here and set mode to 0640 so we don't wind
|
||||
# up ping-ponging it between server and dispatcher roles.
|
||||
- name: openQA client config
|
||||
template: src=client.conf.j2 dest=/etc/openqa/client.conf mode=0600
|
||||
template: src=client.conf.j2 dest=/etc/openqa/client.conf mode=0640
|
||||
tags:
|
||||
- config
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue