This stanza:
- name: Upload ‘macsecurity’ plugin
copy: src={{git_src}}/plugins/macsecurity
dest=/var/www/html/roundcube/plugins/
mode=0755
directory_mode=yes
group=roundcube
Fails with:
TASK: [roundcube-web | Upload ‘macsecurity’ plugin] ***************************
failed: [jedis-test] => {“details”: “invalid literal for int() with base 8: ‘yes’”, “failed”: true, “gid”: 500, “group”: “roundcube”, “md5sum”: “59043bc3af8a7a48361bb2034b28cae8”, “mode”: “0700”, “owner”: “root”, “path”: “/var/www/html/roundcube/plugins/macsecurity/lib”, “secontext”: “unconfined_u:object_r:httpd_sys_content_t:s0”, “size”: 4096, “state”: “directory”, “uid”: 0}
msg: mode needs to be something octalish
The error output just isn’t correct or useful. And the resulting permissions are wrong:
drwx-w----. root roundcube unconfined_u:object_r:httpd_sys_content_t:s0 macsecurity
It’s setting the permissions of files inside that directory to 755, which isn’t what I want, and:
[joliver@jedis-test ~]$ sudo ls -lZ /var/www/html/roundcube/plugins/macsecurity/
-rwxr-xr-x. root roundcube system_u:object_r:httpd_sys_content_t:s0 bootstrap_autoloader.php
-rwxr-xr-x. root roundcube system_u:object_r:httpd_sys_content_t:s0 composer.json
-rwxr-xr-x. root roundcube system_u:object_r:httpd_sys_content_t:s0 config.inc.php
drwx------. root roundcube unconfined_u:object_r:httpd_sys_content_t:s0 lib
-rwxr-xr-x. root roundcube system_u:object_r:httpd_sys_content_t:s0 macsecurity.php
-rwxr-xr-x. root roundcube system_u:object_r:httpd_sys_content_t:s0 phpunit-bootstrap.php
-rwxr-xr-x. root roundcube system_u:object_r:httpd_sys_content_t:s0 phpunit.xml
-rwxr-xr-x. root roundcube system_u:object_r:httpd_sys_content_t:s0 readme.txt
I’ve tried using seuser, but that isn’t reliably applied, and doesn’t make any difference (and nor should it). Once I get all of my files up I’ll set the context in one fell swoop, so I’m not worried about getting that correct during the transfer.
I can’t use ‘synchronize’ as it bombs out complaining there’s no tty, and I have to assume that’ll be required on my targets.
I could zip or tar up the files, but I’m doing it that way I’m doing it because this directory is in git and may change. I suppose I could create an archive every time the playbook is run, but that seems wasteful.
How can I reliably and correctly transfer a directory?
From "When doing a recursive copy set the mode for the directories. ", I inferred that the mode of the parent would be inherited and recursively pushed down.