Chmod temp dirs created on localhost

After remove become:no statements on local_action tasks,
we need to ensure that the proper file permssions are
applied to local temp directories.

This reason for this is that the 'fetch' module
does not use 'become' for the localhost, just the remote
host.

Additionally, users may not wish for the localhost to
become during a fetch.  local_action will execute with
whatever permissions are specified in inventory or via
cli.

4 files changed, 16 insertions, 6 deletions

diff --git a/roles/openshift_examples/tasks/main.yml b/roles/openshift_examples/tasks/main.yml
index ff04cdf9c..7787da4f0 100644
--- a/roles/openshift_examples/tasks/main.yml
+++ b/roles/openshift_examples/tasks/main.yml
@@ -16,8 +16,8 @@
   register: copy_examples_mktemp
   run_once: True
 
-- name: Create local temp dir for OpenShift examples copy
-  local_action: command chmod 755 "{{ copy_examples_mktemp.stdout }}"
+- name: Chmod local temp dir for OpenShift examples copy
+  local_action: command chmod 777 "{{ copy_examples_mktemp.stdout }}"
   run_once: True
 
 - name: Create tar of OpenShift examples
@@ -27,7 +27,7 @@
     # Consider using unarchive module rather than running tar
     warn: no
 
-- name: Create local temp dir for OpenShift examples copy
+- name: Chmod local temp dir for OpenShift examples copy
   local_action: command chmod 744 "{{ copy_examples_mktemp.stdout }}/openshift-examples.tar"
   run_once: True
 
diff --git a/roles/openshift_hosted_templates/tasks/main.yml b/roles/openshift_hosted_templates/tasks/main.yml
index 672d25b4d..34d39f3a5 100644
--- a/roles/openshift_hosted_templates/tasks/main.yml
+++ b/roles/openshift_hosted_templates/tasks/main.yml
@@ -6,8 +6,8 @@
   # AUDIT:changed_when: not set here because this task actually
   # creates something
 
-- name: Create local temp dir for OpenShift examples copy
-  local_action: command chmod 755 "{{ copy_hosted_templates_mktemp.stdout }}"
+- name: Chmod local temp dir for OpenShift examples copy
+  local_action: command chmod 777 "{{ copy_hosted_templates_mktemp.stdout }}"
   run_once: True
 
 - name: Create tar of OpenShift examples
@@ -17,7 +17,7 @@
     # Consider using unarchive module rather than running tar
     warn: no
 
-- name: Create local temp dir for OpenShift examples copy
+- name: Chmod local tar of OpenShift examples
   local_action: command chmod 744 "{{ copy_hosted_templates_mktemp.stdout }}/openshift-hosted-templates.tar"
   run_once: True
 
diff --git a/roles/openshift_logging/tasks/main.yaml b/roles/openshift_logging/tasks/main.yaml
index 1d8f2c53a..60cc399fa 100644
--- a/roles/openshift_logging/tasks/main.yaml
+++ b/roles/openshift_logging/tasks/main.yaml
@@ -18,6 +18,11 @@
   changed_when: False
   check_mode: no
 
+- name: Chmod local temp directory for doing work in
+  local_action: command chmod 777 "{{ local_tmp.stdout }}"
+  changed_when: False
+  check_mode: no
+
 - include_tasks: install_logging.yaml
   when:
     - openshift_logging_install_logging | default(false) | bool
diff --git a/roles/openshift_master_certificates/tasks/main.yml b/roles/openshift_master_certificates/tasks/main.yml
index a80950cde..649a4bc5d 100644
--- a/roles/openshift_master_certificates/tasks/main.yml
+++ b/roles/openshift_master_certificates/tasks/main.yml
@@ -121,6 +121,11 @@
   changed_when: False
   when: master_certs_missing | bool
 
+- name: Chmod local temp directory for syncing certs
+  local_action: command chmod 777 "{{ g_master_certs_mktemp.stdout }}"
+  changed_when: False
+  when: master_certs_missing | bool
+
 - name: Create a tarball of the master certs
   command: >
     tar -czvf {{ openshift_master_generated_config_dir }}.tgz