saibotk-de/infrastructure
saibotk-de/infrastructure
1
0
Fork 0
Code Issues Pull requests Releases 42 Activity

luks_ssh: Specify directory permissions

Browse source 
This patch reduces the permissions on the install directory to just the root user and also fixes the ansible-lint issue by specifying the `mode`.
This commit is contained in:
saibotk 2020-09-26 21:35:26 +02:00
parent 228dc7516e
commit 6782cb8191
No known key found for this signature in database
GPG key ID: A3299C587D5DF523
1 changed files with 11 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
roles/luks_ssh/tasks/main.yml
View file

@ -22,6 +22,9 @@
file: file:
path: "{{ dracut_ssh_dir }}" path: "{{ dracut_ssh_dir }}"
state: directory state: directory
mode: '0755'
owner: 'root'
group: 'root'
become: true become: true
- name: Add SSH keys for grub2 - name: Add SSH keys for grub2
@ -41,6 +44,8 @@
src: "module-setup.sh" src: "module-setup.sh"
dest: "{{ dracut_ssh_dir }}/module-setup.sh" dest: "{{ dracut_ssh_dir }}/module-setup.sh"
mode: '0755' mode: '0755'
owner: 'root'
group: 'root'
become: true become: true
notify: Regenerate dracut notify: Regenerate dracut
@ -48,6 +53,9 @@
copy: copy:
src: "{{ item }}" src: "{{ item }}"
dest: "{{ dracut_ssh_dir }}/{{ item }}" dest: "{{ dracut_ssh_dir }}/{{ item }}"
mode: '0644'
owner: 'root'
group: 'root'
become: true become: true
with_items: with_items:
- "sshd.service" - "sshd.service"
@ -57,6 +65,9 @@
template: template:
src: "{{ item }}" src: "{{ item }}"
dest: "{{ dracut_ssh_dir }}/{{ item }}" dest: "{{ dracut_ssh_dir }}/{{ item }}"
mode: '0644'
owner: 'root'
group: 'root'
become: true become: true
with_items: with_items:
- "sshd_config" - "sshd_config"