Ansible chmod: Change File Permissions with file Module (Guide) — Video Tutorial

How to change file or directory permission with Ansible? I'm going to show you a live Playbook and some simple Ansible code. I'm Luca Berton and welcome to today's episode of Ansible Pilot. Ansible change file/directory permission Today we're talking about the Ansible module `file`. The full name is `ansible.builtin.file`, which means that is part of the collection of modules "builtin" with ansible and shipped with it. It's a module pretty stable and out for years. It works in a different variety of operating systems. It manages files and file properties. For Windows targets, use the `ansible.windows.win_file` module instead. Main Parameters - path _string_ (dest, name) - file path - owner _string_ - user - group _string_ - group - mode _raw_ - Ex: '0644' or 'u=rw,g=r,o=r' - state _string_ - file/absent/directory/hard/link/touch - setype/seuser/selevel - SELinux This module has some parameters to perform any tasks. The only required is "path", where you specify the filesystem path of the file you're going to edit. The parameter "owner" sets the user that should own the file/directory. The parameter "group" sets the group that should own the file/directory. The parameter "mode" sets the permissions in the UNIX way of the file/directory. The state defines the type of object we are modifying, the default is "file" but we could handle also directories, hardlink, symlink, or only update the access time with the "touch" option. Let me also highlight that we could also specify the SELinux properties. ## Playbook Let's jump in a real-life playbook to change file permission with Ansible. code - file.yml ```yaml --- - name: file module demo hosts: all vars: myfile: "/home/devops/test.txt" become: false tasks: - name: check permission ansible.builtin.file: path: "{{ myfile }}" owner: "devops" group: "users" mode: '0777' ``` [code with ❤️ in GitHub](https://github.com/lucab85/ansible-pilot/tree/master/change%20permission) Conclusion Now you know how to change file or directory permission with Ansible. Permission Format Options Ansible accepts permissions in two formats: Octal notation (recommended) ```yaml - name: Set file to 644 ansible.builtin.file: path: /etc/myapp/config.yml mode: '0644' # Always quote and include leading 0 become: true ``` Symbolic notation ```yaml - name: Set file permissions symbolically ansible.builtin.file: path: /etc/myapp/config.yml mode: 'u=rw,g=r,o=r' # Same as 0644 become: true ``` Common Permission Patterns | Octal | Symbolic | Meaning | Use Case | |-------|----------|---------|----------| | `0644` | `u=rw,g=r,o=r` | Owner read/write, others read | Config files | | `0755` | `u=rwx,g=rx,o=rx` | Owner full, others read/execute | Scripts, directories | | `0600` | `u=rw,g=,o=` | Owner only | Secrets, SSH keys | | `0700` | `u=rwx,g=,o=` | Owner only (executable) | Private scripts | | `0444` | `u=r,g=r,o=r` | Read-only for everyon