4e23d73129
We have to use acls here because the mock chroot has it's own user/group files and it dynamically adds users, but if we use acls it will look up the user and do the right thing because the name is the same. (Hopefully) Signed-off-by: Kevin Fenzi <kevin@scrye.com>
50 lines
1.2 KiB
YAML
50 lines
1.2 KiB
YAML
---
|
|
- name: add pkgs for bkernel boxes
|
|
package:
|
|
state: present
|
|
name:
|
|
- pesign
|
|
- ccid
|
|
- pcsc-lite
|
|
- pcsc-lite-libs
|
|
- opensc
|
|
- nss-tools
|
|
tags:
|
|
- bkernel
|
|
|
|
- name: enable pcscd
|
|
service: name=pcscd state=started enabled=true
|
|
tags:
|
|
- bkernel
|
|
|
|
- name: setup opensc in pcscd
|
|
shell: modutil -dbdir /etc/pki/pesign -list | grep -q Fedora || modutil -force -dbdir /etc/pki/pesign -add opensc -libfile /usr/lib64/pkcs11/opensc-pkcs11.so
|
|
check_mode: no
|
|
changed_when: "1 != 1"
|
|
tags:
|
|
- bkernel
|
|
|
|
- name: setup pesign users config
|
|
copy: src=pesign-users dest=/etc/pesign/users mode=0600 owner=root group=root
|
|
tags:
|
|
- bkernel
|
|
|
|
- name: enable pesign
|
|
service: name=pesign state=started enabled=true
|
|
tags:
|
|
- bkernel
|
|
|
|
- name: /var/run/pesign directory perms
|
|
acl: path=/var/run/pesign default=true entity=kojibuilder etype=group permissions=rwx recursive=true state=present
|
|
tags:
|
|
- bkernel
|
|
|
|
- name: when you awake you will remember nothing
|
|
copy: src=history_off.sh dest=/etc/profile.d/history_off.sh mode=0644
|
|
tags:
|
|
- bkernel
|
|
|
|
- name: mock site-defaults.cfg
|
|
copy: src=bkernel-site-defaults.cfg dest=/etc/mock/site-defaults.cfg mode=0644 owner=root group=mock
|
|
tags:
|
|
- bkernel
|