From ed4f46169befecbbcbd646b5333d77add80e133f Mon Sep 17 00:00:00 2001
From: Scott Dodson <sdodson@redhat.com>
Date: Thu, 17 Sep 2015 15:56:44 -0400
Subject: Lookup ansible_ssh_user group for kubeconfig perms

Fixes #585
---
 roles/openshift_master/tasks/main.yml | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'roles/openshift_master/tasks')

diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index b57711b58..29b56656f 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -167,13 +167,17 @@
   shell: echo {{ openshift_master_cluster_password | quote }} | passwd --stdin hacluster
   when: install_result | changed
 
+- name: Lookup default group for ansible_ssh_user
+  command: "/usr/bin/id -g {{ ansible_ssh_user }}"
+  register: _ansible_ssh_user_gid
+
 - name: Create the client config dir(s)
   file:
     path: "~{{ item }}/.kube"
     state: directory
     mode: 0700
     owner: "{{ item }}"
-    group: "{{ item }}"
+    group: "{{ 'root' if item == 'root' else _ansible_ssh_user_gid.stdout  }}"
   with_items:
   - root
   - "{{ ansible_ssh_user }}"
@@ -194,7 +198,7 @@
     state: file
     mode: 0700
     owner: "{{ item }}"
-    group: "{{ item }}"
+    group: "{{ 'root' if item == 'root' else _ansible_ssh_user_gid.stdout  }}"
   with_items:
   - root
   - "{{ ansible_ssh_user }}"
-- 
cgit v1.2.3