From e54240aac37f98d4009e07cfd08f06485433960f Mon Sep 17 00:00:00 2001
From: ale <ale@incal.net>
Date: Sun, 9 Jun 2024 21:58:53 +0100
Subject: [PATCH] Fix permissions on mailman config dirs

---
 roles/mailman/tasks/main.yml | 11 +++++++----
 roles/noise/tasks/main.yml   |  9 ++++++---
 2 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/roles/mailman/tasks/main.yml b/roles/mailman/tasks/main.yml
index 97b8bef4..6f50a3a1 100644
--- a/roles/mailman/tasks/main.yml
+++ b/roles/mailman/tasks/main.yml
@@ -6,7 +6,7 @@
     state: directory
     owner: docker-mailman
     group: docker-mailman
-    mode: 0700
+    mode: "0700"
 
 - name: Create Mailman data subdirectories
   file:
@@ -14,7 +14,7 @@
     state: directory
     owner: docker-mailman
     group: docker-mailman
-    mode: 0700
+    mode: "0700"
   with_items:
     - archives
     - archives/public
@@ -30,6 +30,9 @@
   file:
     path: /etc/mailman
     state: directory
+    owner: root
+    group: root
+    mode: "0755"
 
 - name: Configure Mailman
   template:
@@ -45,7 +48,7 @@
   copy:
     src: forced_params
     dest: /etc/mailman/forced_params 
-    mode: 0644
+    mode: "0644"
 
 - name: Create placeholder domains file
   file:
@@ -62,7 +65,7 @@
   copy:
     src: node-exporter-scripts/mailman-qfiles.sh
     dest: /etc/prometheus/node-exporter-scripts/mailman-qfiles.sh
-    mode: 0755
+    mode: "0755"
 
 - name: Install Mailman qfiles exporter cron
   copy:
diff --git a/roles/noise/tasks/main.yml b/roles/noise/tasks/main.yml
index 55302b9d..76d91b58 100644
--- a/roles/noise/tasks/main.yml
+++ b/roles/noise/tasks/main.yml
@@ -6,7 +6,7 @@
     state: directory
     owner: docker-noise
     group: docker-noise
-    mode: 0700
+    mode: "0700"
 
 - name: Create Mailman data subdirectories
   file:
@@ -14,7 +14,7 @@
     state: directory
     owner: docker-noise
     group: docker-noise
-    mode: 0700
+    mode: "0700"
   with_items:
     - archives
     - archives/public
@@ -30,6 +30,9 @@
   file:
     path: /etc/mailman-noise
     state: directory
+    owner: root
+    group: root
+    mode: "0755"
 
 - name: Configure Mailman
   template:
@@ -44,7 +47,7 @@
   copy:
     src: forced_params
     dest: /etc/mailman-noise/forced_params 
-    mode: 0644
+    mode: "0644"
 
 - name: Install backup source
   template:
-- 
GitLab