diff options
author | Stonewall Jackson <stonewall@sacredheartsc.com> | 2023-02-05 00:09:09 -0500 |
---|---|---|
committer | Stonewall Jackson <stonewall@sacredheartsc.com> | 2023-02-05 00:09:09 -0500 |
commit | 826fb015570ac7f26f350bfff00f49afd4ab67b8 (patch) | |
tree | 1fb19e9b91f3e77e41ae476e19970e4d622449b5 /playbooks/freeipa.yml | |
parent | 74f84ed897950289a99f0c11a35220a55590a9a0 (diff) | |
download | selfhosted-826fb015570ac7f26f350bfff00f49afd4ab67b8.tar.gz selfhosted-826fb015570ac7f26f350bfff00f49afd4ab67b8.zip |
fix permissions error in archive-freeipa script
The mv command attempts to preserve the original file's permissions,
which thwarts the default ACL we have in place for the archive spool
directory.
Switch to a more convoluted cp/chmod.
Diffstat (limited to 'playbooks/freeipa.yml')
-rw-r--r-- | playbooks/freeipa.yml | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/playbooks/freeipa.yml b/playbooks/freeipa.yml index b8ecc85..ede053b 100644 --- a/playbooks/freeipa.yml +++ b/playbooks/freeipa.yml @@ -12,8 +12,11 @@ archive_on_calendar: 'Sat *-*-* 02:00:00' archive_shell: >- ipa-backup && - mv -v /var/lib/ipa/backup/* . && + find {{ freeipa_backup_dir | quote }} -mindepth 1 -maxdepth 1 -type d + -exec cp --preserve=timestamps -vr {} . \; + -exec rm -vrf {} \; && find . -mindepth 1 -type d -exec chmod -v 770 {} + + tags: archive - name: configure freeipa replicas |