From fd50feb258d2635bd6bde5df94b387b7d62c6e09 Mon Sep 17 00:00:00 2001
From: Yanis Guenane <yanis@guenane.org>
Date: Tue, 26 Mar 2019 12:21:53 +0100
Subject: [PATCH 1/2] bwrap/runner: Add /etc/ssh in bind mounted folder

/etc/ssh is currently not bound when run into bwrap, this leads to
error like "Bad owner or permissions on /etc/ssh/ssh_config.d/05-redhat.conf"
since it cannot access this file.

https://github.com/ansible/awx/pull/3391 was done pre runner
integration.

Fixes: https://github.com/ansible/awx/issues/3392

Signed-off-by: Yanis Guenane <yanis@guenane.org>
---
 awx/main/tasks.py                 | 1 +
 awx/main/tests/unit/test_tasks.py | 1 +
 2 files changed, 2 insertions(+)

diff --git a/awx/main/tasks.py b/awx/main/tasks.py
index 0349d23aa6..b7f405bb47 100644
--- a/awx/main/tasks.py
+++ b/awx/main/tasks.py
@@ -818,6 +818,7 @@ class BaseTask(object):
                 'process_isolation_hide_paths': [
                     settings.AWX_PROOT_BASE_PATH,
                     '/etc/tower',
+                    '/etc/ssh',
                     '/var/lib/awx',
                     '/var/log',
                     settings.PROJECTS_ROOT,
diff --git a/awx/main/tests/unit/test_tasks.py b/awx/main/tests/unit/test_tasks.py
index c9aaa6b057..903b2f29fd 100644
--- a/awx/main/tests/unit/test_tasks.py
+++ b/awx/main/tests/unit/test_tasks.py
@@ -452,6 +452,7 @@ class TestGenericRun():
 
         for p in [settings.AWX_PROOT_BASE_PATH,
                   '/etc/tower',
+                  '/etc/ssh',
                   '/var/lib/awx',
                   '/var/log',
                   settings.PROJECTS_ROOT,

From 8e4a87d0af769a5f27fbcdbca7e4dde98fc21b2c Mon Sep 17 00:00:00 2001
From: Ryan Petrello <rpetrell@redhat.com>
Date: Tue, 26 Mar 2019 08:04:16 -0400
Subject: [PATCH 2/2] fix tests for add /etc/ssh in bind mounted folder

---
 awx/main/tests/unit/test_tasks.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/awx/main/tests/unit/test_tasks.py b/awx/main/tests/unit/test_tasks.py
index 903b2f29fd..fb9ddb0c94 100644
--- a/awx/main/tests/unit/test_tasks.py
+++ b/awx/main/tests/unit/test_tasks.py
@@ -460,7 +460,7 @@ class TestGenericRun():
                   '/AWX_PROOT_HIDE_PATHS1',
                   '/AWX_PROOT_HIDE_PATHS2']:
             assert p in process_isolation_params['process_isolation_hide_paths']
-        assert 8 == len(process_isolation_params['process_isolation_hide_paths'])
+        assert 9 == len(process_isolation_params['process_isolation_hide_paths'])
         assert '/ANSIBLE_VENV_PATH' in process_isolation_params['process_isolation_ro_paths']
         assert '/AWX_VENV_PATH' in process_isolation_params['process_isolation_ro_paths']
         assert 2 == len(process_isolation_params['process_isolation_ro_paths'])