8000 User home default access rights differ when full path doesn't exist (Ubuntu 22) · Issue #85354 · ansible/ansible · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
User home default access rights differ when full path doesn't exist (Ubuntu 22) #85354
New issue
New issue
Open
Open
User home default access rights differ when full path doesn't exist (Ubuntu 22)#85354
Labels
affects_2.16bugThis issue/PR relates to a bug.moduleThis issue/PR relates to a module.needs_verifiedThis issue needs to be verified/reproduced by maintainer
@alexisextra

Description

@alexisextra
alexisextra
opened on Jun 18, 2025

Summary

On the target host running Ubuntu 22, when I create a user and their home directory, the home directory permissions do not follow the default if the parent directory does not exist:

  • The default permissions (when creating a user with useradd) are 755 on Ubuntu 20 and 750 on Ubuntu 22.
  • The default permissions (when creating a user with useradd) are 750 on Ubuntu 22, even if parent folders don't exist.

Issue Type

Bug Report

Component Name

user

Ansible Version

$ ansible --version
ansible [core 2.16.14]
  config file = /home/<user>/.ansible.cfg
  configured module search path = ['/home/<user>/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.12/site-packages/ansible
  ansible collection location = /home/<user>/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible
  python version = 3.12.10 (main, Apr 22 2025, 00:00:00) [GCC 14.2.1 20240912 (Red Hat 14.2.1-3)] (/usr/bin/python3)
  jinja version = 3.1.6
  libyaml = True

Configuration

# if using a version older than ansible-core 2.12 you should omit the '-t all'
$ ansible-config dump --only-changed -t all
Using /home/<user>/.ansible.cfg as config file
CALLBACKS_ENABLED(/home/<user>/.ansible.cfg) = ['profile_roles', 'timer', 'tree']
CONFIG_FILE() = /home/<user>/.ansible.cfg
DEFAULT_HOST_LIST(/home/<user>/.ansible.cfg) = ['/home/<user>/.ansible/inventories/vagrant_ansible_inventory', '/home/<user>/.ansible/inventories/vm_ansible_i>
DEFAULT_VERBOSITY(/home/<user>/.ansible.cfg) = 1
EDITOR(env: EDITOR) = nvim
ENABLE_TASK_DEBUGGER(/home/<user>/.ansible.cfg) = True
INVENTORY_ENABLED(/home/<user>/.ansible.cfg) = ['aws_ec2', 'yaml', 'ini']

CALLBACK:
========

tree:
____
directory(/home/<user>/.ansible.cfg) = /home/<user>/.ansible/tree

OS / Environment

  • Source OS:
    • Fedora 40
    • Ubuntu 24.04
  • Target OS:
    • Ubuntu 22

Steps to Reproduce

# Here, the home directory has `755` access rights on Ubuntu 20 and `750` on Ubuntu 22 (correct). `/home` already exists.
- hosts: all
  tasks:
  - name: Add group bar
    group:
      name: bar
    become: true

  - name: Add user bar
    user:
      name: bar
      group: bar
      home: /home/bar
      shell: /bin/bash
    become: true

# Here, the home directory has `755` access rights on Ubuntu 20 and also on Ubuntu 22, instead of `750`. `/home/users` do not already exists.
  - name: Add group foo
    group:
      name: foo
    become: true

  - name: Add user foo
    user:
      name: foo
      group: foo
      home: /home/users/foo
      shell: /bin/bash
    become: true

Expected Results

I expect access rights to respect the default ones, whether parent folders exist or not.

Actual Results

$ ansible-playbook -l Vagrant test.yml
Using /home/<user>/.ansible.cfg as config file

PLAY [all] ****************************************************************************************************************************************************

TASK [Gathering Facts] ****************************************************************************************************************************************
mercredi 18 juin 2025  16:05:14 +0200 (0:00:00.007)       0:00:00.007 *********
ok: [vagrant-ubuntu22]
ok: [vagrant-ubuntu20]

TASK [Add group bar] ******************************************************************************************************************************************
mercredi 18 juin 2025  16:05:17 +0200 (0:00:03.478)       0:00:03.486 *********
changed: [vagrant-ubuntu22] => {"changed": true, "gid": 1001, "name": "bar", "state": "present", "system": false}
changed: [vagrant-ubuntu20] => {"changed": true, "gid": 1001, "name": "bar", "state": "present", "system": false}

TASK [Add user bar] *******************************************************************************************************************************************
mercredi 18 juin 2025  16:05:20 +0200 (0:00:02.273)       0:00:05.759 *********
changed: [vagrant-ubuntu22] => {"changed": true, "comment": "", "create_home": true, "group": 1001, "home": "/home/bar", "name": "bar", "shell": "/bin/bash", "state": "present", "system": false, "uid": 1001}
changed: [vagrant-ubuntu20] => {"changed": true, "comment": "", "create_home": true, "group": 1001, "home": "/home/bar", "name": "bar", "shell": "/bin/bash", "state": "present", "system": false, "uid": 1001}

TASK [Add group foo] ******************************************************************************************************************************************
mercredi 18 juin 2025  16:05:22 +0200 (0:00:02.254)       0:00:08.013 *********
changed: [vagrant-ubuntu22] => {"changed": true, "gid": 1002, "name": "foo", "state": "present", "system": false}
changed: [vagrant-ubuntu20] => {"changed": true, "gid": 1002, "name": "foo", "state": "present", "system": false}

TASK [Add user foo] *******************************************************************************************************************************************
mercredi 18 juin 2025  16:05:24 +0200 (0:00:02.249)       0:00:10.263 *********
changed: [vagrant-ubuntu22] => {"changed": true, "comment": "", "create_home": true, "group": 1002, "home": "/home/users/foo", "name": "foo", "shell": "/bin/bash", "state": "present", "stderr": "useradd: warning: the home directory /home/users/foo already exists.\nuseradd: Not copying any file from skel directory into it.\n", "stderr_lines": ["useradd: warning: the home directory /home/users/foo already exists.", "useradd: Not copying any file from skel directory into it."], "system": false, "uid": 1002}
changed: [vagrant-ubuntu20] => {"changed": true, "comment": "", "create_home": true, "group": 1002, "home": "/home/users/foo", "name": "foo", "shell": "/bin/bash", "state": "present", "stderr": "useradd: warning: the home directory /home/users/foo already exists.\nuseradd: Not copying any file from skel directory into it.\n", "stderr_lines": ["useradd: warning: the home directory /home/users/foo already exists.", "useradd: Not copying any file from skel directory into it."], "system": false, "uid": 1002}

PLAY RECAP ****************************************************************************************************************************************************
vagrant-ubuntu20           : ok=5    changed=4    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
vagrant-ubuntu22           : ok=5    changed=4    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Code of Conduct

  • I agree to follow the Ansible Code of Conduct

Metadata

Metadata

Assignees

No one assigned

    Labels

    affects_2.16bugThis issue/PR relates to a bug.moduleThis issue/PR relates to a module.needs_verifiedThis issue needs to be verified/reproduced by maintainer

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions
      0