ceph
/
ceph-ansible
mirror of https://github.com/ceph/ceph-ansible.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
ceph-ansible/roles/ceph-mon/tasks
History
Benoît Knecht 0d76826bbb ceph-mon: Don't set monitor directory mode recursively 
After rolling updates performed with
`infrastructure-playbooks/rolling_updates.yml`, files located in
`/var/lib/ceph/mon/{{ cluster }}-{{ monitor_name }}` had mode 0755 (including
the keyring), making them world-readable.

This commit separates the task that configured permissions recursively on
`/var/lib/ceph/mon/{{ cluster }}-{{ monitor_name }}` into two separate tasks:

1. Set the ownership and mode of the directory itself;
2. Recursively set ownership in the directory, but don't modify the mode.

Signed-off-by: Benoît Knecht <bknecht@protonmail.ch>
 		2020-11-02 17:36:37 +01:00
..
ceph_keys.yml Fix Ansible check mode for site.yml.sample playbook 2020-10-07 00:29:44 +02:00
deploy_monitors.yml ceph-mon: Don't set monitor directory mode recursively 2020-11-02 17:36:37 +01:00
main.yml ceph-handler: set handler on xxx_stat result 2020-09-29 07:32:10 +02:00
secure_cluster.yml rename docker_exec_cmd variable 2019-05-16 16:39:13 +02:00
start_monitor.yml add missing boolean filter 2020-09-28 20:45:01 +02:00
systemd.yml container: isolate systemd tasks 2019-10-01 10:27:51 -04:00