diff options
| author | Stonewall Jackson <stonewall@sacredheartsc.com> | 2023-02-05 00:09:09 -0500 |
|---|---|---|
| committer | Stonewall Jackson <stonewall@sacredheartsc.com> | 2023-02-05 00:09:09 -0500 |
| commit | 826fb015570ac7f26f350bfff00f49afd4ab67b8 (patch) | |
| tree | 1fb19e9b91f3e77e41ae476e19970e4d622449b5 /playbooks | |
| parent | 74f84ed897950289a99f0c11a35220a55590a9a0 (diff) | |
| download | selfhosted-826fb015570ac7f26f350bfff00f49afd4ab67b8.tar.gz selfhosted-826fb015570ac7f26f350bfff00f49afd4ab67b8.zip | |
fix permissions error in archive-freeipa script
The mv command attempts to preserve the original file's permissions,
which thwarts the default ACL we have in place for the archive spool
directory.
Switch to a more convoluted cp/chmod.
Diffstat (limited to 'playbooks')
| -rw-r--r-- | playbooks/freeipa.yml | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/playbooks/freeipa.yml b/playbooks/freeipa.yml index b8ecc85..ede053b 100644 --- a/playbooks/freeipa.yml +++ b/playbooks/freeipa.yml @@ -12,8 +12,11 @@ archive_on_calendar: 'Sat *-*-* 02:00:00' archive_shell: >- ipa-backup && - mv -v /var/lib/ipa/backup/* . && + find {{ freeipa_backup_dir | quote }} -mindepth 1 -maxdepth 1 -type d + -exec cp --preserve=timestamps -vr {} . \; + -exec rm -vrf {} \; && find . -mindepth 1 -type d -exec chmod -v 770 {} + + tags: archive - name: configure freeipa replicas |