Problem
-------
A machine has just been installed with a minimal RHEL8.1 distro.
Note that in /etc/login.defs there is the line
UMASK 0077
Installing the server from a shell works fine:
$ umask
0022
$ ipa-server-install <options>
...
OK
However, installing the server through Ansible (2.9.6) from
another host does *not* work.
Snippet from the Ansible script:
...
- name: Install ipa-server
shell: |
/usr/bin/umask 022 && /usr/bin/ipa-server-install <options>
...
=>
The installer complains about the umask being 0077 and that it
should be 0022. Removing the UMASK line from login.defs fixes the
immediate problem. There is really no Ansible configuration
Questions
---------
1) Is there a good way to fix this without opening up system umask?
2) If I comment out the UMASK line from login.defs for the
installation and reactivate it afterwards, will that cause
problems later?
(I think this is about access rights to the certificates of the
builtin dogtag.)
Ciao
Dominik ^_^ ^_^
--
Dominik Vogt
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
