From 3ddd0ac30f211fcf0ba33b60e58cd158a4fe07dc Mon Sep 17 00:00:00 2001 From: Fabian Foerg Date: Mon, 30 Jul 2018 06:01:49 -0700 Subject: [PATCH] Run dnsmasq as the dnsmasq user (#1029) * Run dnsmasq as the dnsmasq user There is a task that checks whether the dnsmasq user exists. However, dnsmasq is configured to run as user "nobody" instead. This change lets dnsmasq run as user "dnsmasq". * remove dnsmasq user task --- roles/dns_adblocking/tasks/main.yml | 3 --- roles/dns_adblocking/templates/dnsmasq.conf.j2 | 2 +- 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/roles/dns_adblocking/tasks/main.yml b/roles/dns_adblocking/tasks/main.yml index ded3f79..a68abee 100644 --- a/roles/dns_adblocking/tasks/main.yml +++ b/roles/dns_adblocking/tasks/main.yml @@ -8,9 +8,6 @@ - name: Dnsmasq installed package: name=dnsmasq - - name: Ensure that the dnsmasq user exist - user: name=dnsmasq groups=nogroup append=yes state=present - - name: The dnsmasq directory created file: dest=/var/lib/dnsmasq state=directory mode=0755 owner=dnsmasq group=nogroup diff --git a/roles/dns_adblocking/templates/dnsmasq.conf.j2 b/roles/dns_adblocking/templates/dnsmasq.conf.j2 index 501f756..135aeb1 100644 --- a/roles/dns_adblocking/templates/dnsmasq.conf.j2 +++ b/roles/dns_adblocking/templates/dnsmasq.conf.j2 @@ -103,7 +103,7 @@ server={{ host }} # If you want dnsmasq to change uid and gid to something other # than the default, edit the following lines. -user=nobody +user=dnsmasq group=nogroup # If you want dnsmasq to listen for DHCP and DNS requests only on