-
Notifications
You must be signed in to change notification settings - Fork 153
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add umask option for mount module #209
base: main
Are you sure you want to change the base?
Conversation
Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for adding this feature!
plugins/modules/mount.py
Outdated
# Set permissions to the newly created mount point. | ||
if mode is not None: | ||
try: | ||
changed = module.set_mode_if_different(name, mode, changed) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This does not work on non-Linux operating systems? I've seen you run integration tests only on Linux systems when it was using chmod
, I don't know about this function.
If so, please also mention this on parameter notes, and maybe warn user when the target os is not Linux?
@@ -332,3 +332,44 @@ | |||
- /tmp/myfs.img | |||
- /tmp/myfs | |||
when: ansible_system in ('Linux') | |||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please add a integration test which uses something like u+rw,g-wx,o-rwx
or u=rw,g=r,o=r
.
Hi @satken2, thanks for your contribution ! IMHO, this PR doesn't fix #163, as said in its description: the new parameter only applies to the mountpoint itself, not its parents, even if they're created by the module, that means that if |
I think there is a confusion here. |
@quidame Thank you for your advice. Certainly, when creating directories recursively, I have to set permissions on all directories to resolve #163, as you point out. So I will fix my code.
The |
loop: | ||
- /tmp/myfs.img | ||
- /tmp/myfs | ||
when: ansible_system in ('Linux') |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why this restriction ? Does the new mode
parameter not support other OSes ?
There is no need to create files to use umask. It applies to almost any file (regular files, directories, unix sockets, named pipes or fifos, character devices...) except symlinks, at creation time. Even if at the end it doesn't change anything to your code, please consider For me, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please update the changelog fragment - at least the name of the new parameter :); also, I don't understand the consecutive calls to os.umask(umask)
. All the rest looks good to me.
plugins/modules/mount.py
Outdated
except ValueError as e: | ||
module.fail_json(msg="umask must be an octal integer: %s" % (to_native(e))) | ||
old_umask = os.umask(umask) | ||
os.umask(umask) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what's the purpose of calling os.umask(umask)
twice ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry, it's my mistake.
Co-authored-by: quidame <quidame@poivron.org>
@quidame Thank you for your polite explanation and suggestion. |
I think this will solve the problem I recently saw when creating |
If the mount point already exists, this parameter is not used. | ||
- Note that after running this task and the device being successfully mounted, | ||
the mode of the original directory will be hidden by the target device. | ||
type: raw |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would change this to a 'strict string' to avoid all the 'octal/int' issues as we had to go through with mode in other modules.
SUMMARY
I added
mode
option for mount module.When this module creates new directories for mount point, this value is used as permission of the directory.
Fixes #163, #178
ISSUE TYPE
COMPONENT NAME
ADDITIONAL INFORMATION
When we want to set specific permission to the mount point directory, we can use
file
module.However once the filesystem is mounted, the underlying directory is nearly inaccessible, and cannot be modified by
file
module.This is a bit inconvenient, so I added
mode
option so that permission can be set before actual mount operation.In #163, author requests to add
umask
option but when the mount point does not exist, this module creates directories, not files. So I thinkmode
is more appropriate thanumask
.