From b55f56811ff3fa1973515dbdec32d6bad5abc72d Mon Sep 17 00:00:00 2001 From: Jonathan Rosser Date: Thu, 16 Mar 2023 14:44:18 +0000 Subject: [PATCH] Add `acl` package to all hosts and containers Ansible will use setfacl if it is present for managing tmp file access on a remote node, if the executable is present - see [1]. This patch ensures that the acl package is installed on all hosts and containers. [1] https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_privilege_escalation.html#risks-of-becoming-an-unprivileged-user Change-Id: Ia76ebbafb0a7dfdc65364b4c374fc04cc05bfe7e --- vars/debian.yml | 3 ++- vars/redhat-9.yml | 1 + vars/ubuntu-20.04.yml | 1 + vars/ubuntu-22.04.yml | 1 + 4 files changed, 5 insertions(+), 1 deletion(-) diff --git a/vars/debian.yml b/vars/debian.yml index e85783ce..7984336e 100644 --- a/vars/debian.yml +++ b/vars/debian.yml @@ -45,7 +45,8 @@ openstack_host_kernel_modules: - name: x_tables ## Base packages -_openstack_host_distro_packages: [] +_openstack_host_distro_packages: + - acl ## Bare metal base packages _openstack_host_metal_distro_packages: diff --git a/vars/redhat-9.yml b/vars/redhat-9.yml index 7f946131..f66f79f2 100644 --- a/vars/redhat-9.yml +++ b/vars/redhat-9.yml @@ -48,6 +48,7 @@ openstack_host_kernel_modules: _openstack_host_distro_packages: - python3-devel - python3-six + - acl ## Bare metal base packages _openstack_host_metal_distro_packages: diff --git a/vars/ubuntu-20.04.yml b/vars/ubuntu-20.04.yml index 1bcd5a38..3730ea7d 100644 --- a/vars/ubuntu-20.04.yml +++ b/vars/ubuntu-20.04.yml @@ -46,6 +46,7 @@ openstack_host_kernel_modules: ## Base packages _openstack_host_distro_packages: + - acl - apt-utils ## Bare metal base packages diff --git a/vars/ubuntu-22.04.yml b/vars/ubuntu-22.04.yml index c83965b0..6bc8da5e 100644 --- a/vars/ubuntu-22.04.yml +++ b/vars/ubuntu-22.04.yml @@ -46,6 +46,7 @@ openstack_host_kernel_modules: ## Base packages _openstack_host_distro_packages: + - acl - apt-utils ## Bare metal base packages