From 517b3cf2041029429cf98086f27631b512e6c8f2 Mon Sep 17 00:00:00 2001
From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com>
Date: Thu, 22 Sep 2016 15:00:15 +0200
Subject: [PATCH] roles/archbuild: Try fixing perms to allow access from
 chroots

---
 roles/archbuild/tasks/main.yml | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/roles/archbuild/tasks/main.yml b/roles/archbuild/tasks/main.yml
index 680dac594..69c6f01e0 100644
--- a/roles/archbuild/tasks/main.yml
+++ b/roles/archbuild/tasks/main.yml
@@ -36,7 +36,7 @@
     path: '/var/lib/{{ "/".join(item) }}'
     owner: root
     group: root
-    mode: 0755
+    mode: 01777
   with_nested:
     - [archbuilddest]
     - [logdest, pkgdest, srcdest]
@@ -45,16 +45,15 @@
   acl:
     name: '/var/lib/archbuilddest/{{ item[0] }}'
     state: present
-    entry: '{{ item[1] }}{{ item[2] }}'
+    entry: 'default:{{ item[1] }}'
   with_nested:
     - [logdest, pkgdest, srcdest]
-    - ['', 'default:']
-    - ['mask::rwx',
-       'user::rwx',
+    - ['user::rwx',
+       'group::r-x',
        'group:dev:rwx',
        'group:tu:rwx',
-       'group::r-x',
-       'other::r-x']
+       'other::r-x',
+       'mask::rwx']
 
 - name: start and enable archbuild units
   service: name={{ item }} enabled=yes state=started
-- 
GitLab