From dce552f42ca15bace08978579c4518dfb8b463cf Mon Sep 17 00:00:00 2001 From: Fabian Foerg Date: Wed, 18 Jul 2018 22:01:25 -0700 Subject: [PATCH] Run dnsmasq as the dnsmasq user There is a task that checks whether the dnsmasq user exists. However, dnsmasq is configured to run as user "nobody" instead. This change lets dnsmasq run as user "dnsmasq". --- roles/dns_adblocking/tasks/main.yml | 2 +- roles/dns_adblocking/templates/dnsmasq.conf.j2 | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/dns_adblocking/tasks/main.yml b/roles/dns_adblocking/tasks/main.yml index ded3f798..8df90e5d 100644 --- a/roles/dns_adblocking/tasks/main.yml +++ b/roles/dns_adblocking/tasks/main.yml @@ -8,7 +8,7 @@ - name: Dnsmasq installed package: name=dnsmasq - - name: Ensure that the dnsmasq user exist + - name: Ensure that the dnsmasq user exists user: name=dnsmasq groups=nogroup append=yes state=present - name: The dnsmasq directory created diff --git a/roles/dns_adblocking/templates/dnsmasq.conf.j2 b/roles/dns_adblocking/templates/dnsmasq.conf.j2 index 501f7568..135aeb18 100644 --- a/roles/dns_adblocking/templates/dnsmasq.conf.j2 +++ b/roles/dns_adblocking/templates/dnsmasq.conf.j2 @@ -103,7 +103,7 @@ server={{ host }} # If you want dnsmasq to change uid and gid to something other # than the default, edit the following lines. -user=nobody +user=dnsmasq group=nogroup # If you want dnsmasq to listen for DHCP and DNS requests only on