Fix risky-file-permissions (#8370)

When running ansible-lint directly, we can see a lot of warning message like risky-file-permissions File permissions unset or incorrect This fixes the warning messages.
2026-02-18 11:40:10 -03:30 · 2022-01-09 01:51:12 -08:00
parent 51bd9bee0d
commit f80fd24a55
48 changed files with 76 additions and 1 deletions
--- a/roles/network_plugin/macvlan/tasks/main.yml
+++ b/roles/network_plugin/macvlan/tasks/main.yml
@@ -23,6 +23,7 @@
  template:
    src: debian-network-macvlan.cfg.j2
    dest: /etc/network/interfaces.d/60-mac0.cfg
+    mode: 0644
  notify: Macvlan | restart network
  when: ansible_os_family in ["Debian"]

@@ -50,6 +51,7 @@
  template:
    src: "{{ item.src }}.j2"
    dest: "/etc/sysconfig/network-scripts/{{ item.dst }}"
+    mode: 0644
  with_items:
    - {src: centos-network-macvlan.cfg, dst: ifcfg-mac0 }
    - {src: centos-routes-macvlan.cfg, dst: route-mac0 }
@@ -61,6 +63,7 @@
  template:
    src: coreos-service-nat_ouside.j2
    dest: /etc/systemd/system/enable_nat_ouside.service
+    mode: 0644
  when: ansible_os_family in ["Flatcar", "Flatcar Container Linux by Kinvolk"] and enable_nat_default_gateway

 - name: Macvlan | Enable service nat via gateway on Flatcar Container Linux
@@ -74,6 +77,7 @@
  template:
    src: "{{ item.src }}.j2"
    dest: "/etc/systemd/network/{{ item.dst }}"
+    mode: 0644
  with_items:
    - {src: coreos-device-macvlan.cfg, dst: macvlan.netdev }
    - {src: coreos-interface-macvlan.cfg, dst: output.network }
@@ -85,11 +89,13 @@
  template:
    src: 10-macvlan.conf.j2
    dest: /etc/cni/net.d/10-macvlan.conf
+    mode: 0644

 - name: Macvlan | Install loopback definition for Macvlan
  template:
    src: 99-loopback.conf.j2
    dest: /etc/cni/net.d/99-loopback.conf
+    mode: 0644

 - name: Enable net.ipv4.conf.all.arp_notify in sysctl
  sysctl: