fix idempotence for this command

Nicola_L · May 27, 2021, 2:02pm

Hi,
this task breaks the idempotence of my role:

name: Set directories permissions for production installation
command: find /opt/tomcat -type d -exec chmod -c 2750 {} ;
register: find_chmod_result
changed_when: ‘find_chmod_result.stdout | length > 0’

The command is selecting all the folders (and not the files) located under /opt/tomcat and it applies them the permissions 2750.

Is there a way to express the same thing without breaking the idempotence?

Nicola

sivel · May 27, 2021, 2:03pm

Instead of running the find command via command, switch to using the find module, register the result, then use the file module, looping the previous results, to set permissions on the directories.

Nicola_L · May 27, 2021, 3:56pm

Thank you!! That’s indeed the solution!
Now it looks like this:

name: Set directories permissions - select
find:
paths: "/opt/tomcat
file_type: directory
register: find_chmod_result
name: Set directories permissions - apply
file:
path: “{{ item.path }}”
owner: “{{ tomcat_user }}”
group: “{{ tomcat_group }}”
mode: ‘02775’
loop: “{{ find_chmod_result.files }}”

Nicola

Topic		Replies	Views
issue faced while changing permission of files and directories using file module in ansible 2.3.0 Ansible Project	2	44	May 10, 2017
Change files permissions with loop Ansible Project	6	68	June 7, 2022
read multiarray with find module Ansible Developer	0	4	August 14, 2019
Find register directory seems to not registered Ansible Project	4	7	November 16, 2016
Is there any Alternative of command/shell module Ansible Project	2	7	July 19, 2019

fix idempotence for this command

Related topics