Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
ansible/roles/bkernel/tasks/main.yml
Kevin Fenzi b08a95a1d6 bkernel: we can't use the kojibuilder group because it uses mock group in the chroot 
So, instead we need to user the kojibuilder user on the acl. That should
match up to the mockbuild user in the chroot.
Hopefully.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2023-02-01 12:15:30 -08:00

65 lines
1.7 KiB
YAML
Raw Blame History

---
- name: add pkgs for bkernel boxes
package:
state: present
name:
- pesign
- ccid
- pcsc-lite
- pcsc-lite-libs
- opensc
- nss-tools
tags:
- bkernel
- name: enable pcscd
service: name=pcscd state=started enabled=true
tags:
- bkernel
- name: setup opensc in pcscd
shell: modutil -dbdir /etc/pki/pesign -list | grep -q Fedora || modutil -force -dbdir /etc/pki/pesign -add opensc -libfile /usr/lib64/pkcs11/opensc-pkcs11.so
check_mode: no
changed_when: "1 != 1"
tags:
- bkernel
- name: setup pesign users config
copy: src=pesign-users dest=/etc/pesign/users mode=0600 owner=root group=root
tags:
- bkernel
- name: enable pesign
service: name=pesign state=started enabled=true
tags:
- bkernel
- name: /var/run/pesign directory perms (kojibuilder)
acl: path=/var/run/pesign entity=kojibuilder etype=user permissions=rwx recursive=true state=present
tags:
- bkernel
- name: /var/run/pesign directory perms (pesign)
acl: path=/var/run/pesign default=true entity=pesign etype=group permissions=rwx recursive=true state=present
tags:
- bkernel
- name: /var/run/pesign socket perms (kojibuilder)
acl: path=/var/run/pesign/socket entity=kojibuilder etype=user permissions=rwx recursive=true state=present
tags:
- bkernel
- name: /var/run/pesign socket perms (pesign)
acl: path=/var/run/pesign/socket default=true entity=pesign etype=group permissions=rwx recursive=true state=present
tags:
- bkernel
- name: when you awake you will remember nothing
copy: src=history_off.sh dest=/etc/profile.d/history_off.sh mode=0644
tags:
- bkernel
- name: mock site-defaults.cfg
copy: src=bkernel-site-defaults.cfg dest=/etc/mock/site-defaults.cfg mode=0644 owner=root group=mock
tags:
- bkernel
Reference in a new issue View git blame Copy permalink