From c1ad9a95abd67c74dbd25c0e5e76d89fd84127ee Mon Sep 17 00:00:00 2001
From: caoyuan <cao.yuan@99cloud.net>
Date: Mon, 22 Jan 2018 17:11:19 +0800
Subject: [PATCH] Add the missing permission setting for external-ceph

when non-root (become), the permission changed is necessary,
but some roles is missing, the patch to add it.

Change-Id: I987becde489f4b509b32edc1deceabfa2d2e1b74
---
 ansible/roles/cinder/tasks/external_ceph.yml  | 12 ++++++++++++
 ansible/roles/gnocchi/tasks/external_ceph.yml | 13 +++++++++++++
 ansible/roles/manila/tasks/external_ceph.yml  | 11 +++++++++++
 3 files changed, 36 insertions(+)

diff --git a/ansible/roles/cinder/tasks/external_ceph.yml b/ansible/roles/cinder/tasks/external_ceph.yml
index b0ff3b22ce..90f1c6fb6e 100644
--- a/ansible/roles/cinder/tasks/external_ceph.yml
+++ b/ansible/roles/cinder/tasks/external_ceph.yml
@@ -57,3 +57,15 @@
     - cinder_services['cinder-backup'].enabled | bool
   notify:
     - Restart cinder-backup container
+
+- name: Ensuring config directory has correct owner and permission
+  become: true
+  file:
+    path: "{{ node_config_directory }}/{{ item }}"
+    recurse: yes
+    owner: "{{ config_owner_user }}"
+    group: "{{ config_owner_group }}"
+  when: inventory_hostname in groups[item]
+  with_items:
+    - "cinder-volume"
+    - "cinder-backup"
diff --git a/ansible/roles/gnocchi/tasks/external_ceph.yml b/ansible/roles/gnocchi/tasks/external_ceph.yml
index 3ff59696d7..9dca91a30a 100644
--- a/ansible/roles/gnocchi/tasks/external_ceph.yml
+++ b/ansible/roles/gnocchi/tasks/external_ceph.yml
@@ -36,3 +36,16 @@
     - Restart gnocchi-api container
     - Restart gnocchi-metricd container
     - Restart gnocchi-statsd container
+
+- name: Ensuring config directory has correct owner and permission
+  become: true
+  file:
+    path: "{{ node_config_directory }}/{{ item }}"
+    recurse: yes
+    owner: "{{ config_owner_user }}"
+    group: "{{ config_owner_group }}"
+  when: inventory_hostname in groups[item]
+  with_items:
+    - "gnocchi-api"
+    - "gnocchi-metricd"
+    - "gnocchi-statsd"
diff --git a/ansible/roles/manila/tasks/external_ceph.yml b/ansible/roles/manila/tasks/external_ceph.yml
index 48cccd8b4f..f58b3ffa48 100644
--- a/ansible/roles/manila/tasks/external_ceph.yml
+++ b/ansible/roles/manila/tasks/external_ceph.yml
@@ -28,3 +28,14 @@
     - inventory_hostname in groups['manila-share']
   notify:
     - Restart manila-share container
+
+- name: Ensuring config directory has correct owner and permission
+  become: true
+  file:
+    path: "{{ node_config_directory }}/{{ item }}"
+    recurse: yes
+    owner: "{{ config_owner_user }}"
+    group: "{{ config_owner_group }}"
+  when: inventory_hostname in groups[item]
+  with_items:
+    - "manila-share"