patternMinor
Set umask for an individual salt state
Viewed 0 times
individualumasksaltforstateset
Problem
Is there a way to set the umask for the pip state module or is there a more generic way to set the umask before specific state modules are run? In ansible the pip module takes a umask parameter. I do not see an equivalent option in the salt pip state module. We run salt-call with a umask of 007 but we need to install certain python packages with more open permissions; is there a way to do this?
Solution
Edit update April 3rd 2023:
As of salt 3006 (https://salt.tips/whats-new-in-salt-sulfur/#umask) umask is now a global state argument and can be specified on any state.
Original work around for pre 3006
I ended up working around this by creating a custom state module that wraps any state that I want to set the umask for:
_states/umask.py:
Usage:
As of salt 3006 (https://salt.tips/whats-new-in-salt-sulfur/#umask) umask is now a global state argument and can be specified on any state.
Original work around for pre 3006
I ended up working around this by creating a custom state module that wraps any state that I want to set the umask for:
_states/umask.py:
import os
def wrap(wrapped_state, mask, *args, **kwargs):
old_umask = None
try:
if not __opts__["test"]:
old_umask = os.umask(int(mask, base=8))
return __states__wrapped_state
finally:
if old_umask is not None:
os.umask(old_umask)
Usage:
"install python requests package":
umask.wrap:
- wrapped_state: pip.installed
- mask: '022'
- name: requestsCode Snippets
"install python requests package":
umask.wrap:
- wrapped_state: pip.installed
- mask: '022'
- name: requestsContext
StackExchange DevOps Q#16493, answer score: 2
Revisions (0)
No revisions yet.