fix idempotence for this command

Hi,
this task breaks the idempotence of my role:

  • name: Set directories permissions for production installation
    command: find /opt/tomcat -type d -exec chmod -c 2750 {} ;
    register: find_chmod_result
    changed_when: ‘find_chmod_result.stdout | length > 0’

The command is selecting all the folders (and not the files) located under /opt/tomcat and it applies them the permissions 2750.

Is there a way to express the same thing without breaking the idempotence?

Nicola

Instead of running the find command via command, switch to using the find module, register the result, then use the file module, looping the previous results, to set permissions on the directories.

Thank you!! That’s indeed the solution!
Now it looks like this:

  • name: Set directories permissions - select
    find:
    paths: "/opt/tomcat
    file_type: directory
    register: find_chmod_result

  • name: Set directories permissions - apply
    file:
    path: “{{ item.path }}”
    owner: “{{ tomcat_user }}”
    group: “{{ tomcat_group }}”
    mode: ‘02775’
    loop: “{{ find_chmod_result.files }}”

Nicola