From 8256654ece81c5c7c4cf4edc170e5b4a2a07f741 Mon Sep 17 00:00:00 2001
From: Jesse Pretorius <jesse.pretorius@rackspace.co.uk>
Date: Thu, 4 Aug 2016 06:35:49 +0100
Subject: [PATCH] Allow swift log file permissions to be set

This patch adds the ability to configure the log file permissions.

This is primarily to address a gating issue where the jenkins does
not have access to the account, container and object service logs.

That said, it's generaly useful to have this option available.

Change-Id: Ibc3d66273a4494414dde1a95ec132ff83c235f9c
---
 defaults/main.yml                                           | 2 ++
 .../notes/swift-syslog-log-perms-5a116171a1adeae3.yaml      | 6 ++++++
 templates/swift-rsyslog.conf.j2                             | 2 ++
 3 files changed, 10 insertions(+)
 create mode 100644 releasenotes/notes/swift-syslog-log-perms-5a116171a1adeae3.yaml

diff --git a/defaults/main.yml b/defaults/main.yml
index 20719c02..ceafe0cd 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -47,9 +47,11 @@ swift_system_group_name: swift
 swift_system_shell: /bin/bash
 swift_system_comment: swift system user
 swift_system_home_folder: "/var/lib/{{ swift_system_user_name }}"
+
 ## Swift Syslog User / Group
 swift_syslog_user_name: syslog
 swift_syslog_group_name: syslog
+swift_syslog_log_perms: "0644"
 
 ## Auth token
 swift_delay_auth_decision: true
diff --git a/releasenotes/notes/swift-syslog-log-perms-5a116171a1adeae3.yaml b/releasenotes/notes/swift-syslog-log-perms-5a116171a1adeae3.yaml
new file mode 100644
index 00000000..f22a2bcd
--- /dev/null
+++ b/releasenotes/notes/swift-syslog-log-perms-5a116171a1adeae3.yaml
@@ -0,0 +1,6 @@
+---
+features:
+  - The os_swift role now allows the permissions for the log files created
+    by the swift account, container and object servers to be set. The
+    variable is ``swift_syslog_log_perms`` and is set to ``0644`` by
+    default.
diff --git a/templates/swift-rsyslog.conf.j2 b/templates/swift-rsyslog.conf.j2
index 05d1a8e1..8c858e24 100644
--- a/templates/swift-rsyslog.conf.j2
+++ b/templates/swift-rsyslog.conf.j2
@@ -7,6 +7,8 @@
 #$template HourlyProxyLog,"/var/log/swift/hourly/%$YEAR%%$MONTH%%$DAY%%$HOUR%"
 #local1.*;local1.!notice ?HourlyProxyLog
 
+$FileCreateMode {{ swift_syslog_log_perms }}
+
 local1.*;local1.!notice /var/log/swift/proxy.log
 local1.notice           /var/log/swift/proxy-error.log
 local1.*                ~