Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-84920

Directory .config/containers mode constantly changed

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • rhel-system-roles
    • 0
    • QE ack, Dev ack
    • False
    • False
    • Hide

      None

      Show
      None
    • Yes
    • Red Hat Enterprise Linux
    • None
    • Bug Fix
    • Hide
      .The `podman` RHEL system role does not report `changed: true` when managing authentication and configuration files

      Before this update, the `podman` RHEL system role changed the parent path mode every time it ran if it managed both authentication and configuration files because it used two different modes for the common parent path for various configuration and authentication files.

      With this fix, the role does not report `changed: true` unnecessarily because it uses a consistent mode for the parent path.
      Show
      .The `podman` RHEL system role does not report `changed: true` when managing authentication and configuration files Before this update, the `podman` RHEL system role changed the parent path mode every time it ran if it managed both authentication and configuration files because it used two different modes for the common parent path for various configuration and authentication files. With this fix, the role does not report `changed: true` unnecessarily because it uses a consistent mode for the parent path.
    • Done
    • Done
    • Done
    • Not Required
    • None

      I've use the podman role in user mode and set the following variables:

      ```yaml
      podman_run_as_user: user

      podman_storage_conf:
      storage:
      driver: overlay
      rootless_storage_path: /opt/user/podman/storage

      podman_credential_files:

      • file_content: |
        {
        "auths":
        Unknown macro: { "docker.xxx" }

        }

      ```

      The task `Ensure storage.conf parent dir exists` in the `handle_storage_conf.yml` file sets the mode from the directory `~/.config/containers` to `0755`
      See: https://github.com/linux-system-roles/podman/blob/main/tasks/handle_storage_conf.yml#L12

      Later the directory mode is changed again to `0700` from the task `Ensure the credentials directory is present` in the file `handle_credential_files.yml`
      See: https://github.com/linux-system-roles/podman/blob/main/tasks/handle_credential_files.yml#L51

      I expect that there's the same problem in the `handle_policy_json.yml`
      See: https://github.com/linux-system-roles/podman/blob/main/tasks/handle_policy_json.yml#L13

      At the end we see constand changes in the directory mode:
      ```
      TASK [fedora.linux_system_roles.podman : Ensure storage.conf parent dir exists] *************************************************************************************************************
      changed: [xxx]
      ...
      TASK [fedora.linux_system_roles.podman : Ensure the credentials directory is present] *******************************************************************************************************
      changed: [xxx]
      ```

              rmeggins@redhat.com Richard Megginson
              rmeggins@redhat.com Richard Megginson
              Richard Megginson Richard Megginson
              David Jez David Jez
              Mugdha Soni Mugdha Soni
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

                Created:
                Updated: