internet/community.general
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2026-05-07 05:42:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix permissions issue with 'cron' module

Browse Source 
I have a task like this in a playbook. The ansible_ssh_user is 'root'
for this host.

    - cron:
        hour: 00
        job: /home/backup/backup.sh
        name: baserock.org data backup
        user: backup

Running it gave me the following error:

    TASK: [backup cron job, runs every day at midnight] ***************************
    failed: [baserock-backup1] => {"failed": true}
    msg: crontab: can't open '/tmp/crontabvVjoZe': Permission denied
    crontab: user backup cannot read /tmp/crontabvVjoZe

The temporary file created by the 'cron' module is created with the
Python tempfile.mkstemp() function. This creates a file that is readable
only by 'root' (mode 600). The Busybox `crontab` program then checks if
the file is readable by the 'backup' user, and fails if it isn't. So we
need to make sure the file is world-readable before running `crontab`.
This commit is contained in:
Sam Thursfield
2015-03-23 15:07:02 +00:00
committed by Matt Clay
parent 7d85477acb
commit cad0adc691
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
lib/ansible/modules/system/cron.py
View File

@@ -228,6 +228,7 @@ class CronTab(object):
fileh = open(self.cron_file, 'w')
else:
filed, path = tempfile.mkstemp(prefix='crontab')
os.chmod(path, 0o644)
fileh = os.fdopen(filed, 'w')
fileh.write(self.render())