Set proper file permisions when a file is created with atomic_move

Fixes #7196

Set proper file permisions when a file is created with atomic_move
Fixes #7196
9da06274 · Jiri Barton · James Cammarata · 9a6998aa · 9da06274
Commit 9da06274 authored Apr 29, 2014 by Jiri Barton Committed by James Cammarata Apr 29, 2014
Hide whitespace changes
Inline Side-by-side

Showing with 8 additions and 2 deletions

lib/ansible/module_utils/basic.py
+8 -2

No files found.
--- a/lib/ansible/module_utils/basic.py
+++ b/lib/ansible/module_utils/basic.py
@@ -1020,8 +1020,14 @@ class AnsibleModule(object):
                self.cleanup(tmp_dest.name)
                self.fail_json(msg='Could not replace file: %s to %s: %s' % (src, dest, e))

-        if creating and os.getenv("SUDO_USER"):
-            os.chown(dest, os.getuid(), os.getgid())
+        if creating:
+            # make sure the file has the correct permissions
+            # based on the current value of umask
+            umask = os.umask(0)
+            os.umask(umask)
+            os.chmod(dest, 0666 ^ umask)
+            if os.getenv("SUDO_USER"):
+                os.chown(dest, os.getuid(), os.getgid())

        if self.selinux_enabled():
            # rename might not preserve context