Create and delete the tempfile as non-root user

ansible-collections / ansible-consul

:satellite: Ansible role for Hashicorp Consul clusters

https://galaxy.ansible.com/ansible-community/consul/

BSD 2-Clause "Simplified" License

450 stars 313 forks source link

Create and delete the tempfile as non-root user #555

Closed nre-ableton closed 1 year ago

nre-ableton commented 1 year ago

Since the fetch task uses non-root privileges, we need to make sure that this is also the same for handling the tempfile. Otherwise, if this role is invoked with become: true then the non-privileged user won't be able to fetch into the tempfile, since it would be created by root.

Fixes https://github.com/ansible-community/ansible-consul/issues/554

nre-ableton commented 1 year ago

@bbaassssiiee Thanks for the review!