From dc4beb8903c0bbfeb76666351c87e615e175f172 Mon Sep 17 00:00:00 2001
From: Pavel Raiskup <praiskup@redhat.com>
Date: Thu, 16 Oct 2025 20:19:53 +0200
Subject: [PATCH] copr-be: cleanup after today's debugging

---
 roles/copr/backend/tasks/resalloc.yml               |  6 +-----
 .../tasks/setup_provisioning_environment.yml        | 13 -------------
 2 files changed, 1 insertion(+), 18 deletions(-)

diff --git a/roles/copr/backend/tasks/resalloc.yml b/roles/copr/backend/tasks/resalloc.yml
index 42a5f6bb50..8cb8d63f0f 100644
--- a/roles/copr/backend/tasks/resalloc.yml
+++ b/roles/copr/backend/tasks/resalloc.yml
@@ -128,11 +128,7 @@
     path: "/var/lib/resallocserver/resalloc_provision/"
     owner: resalloc
     group: resalloc
-    # The mode 'u=rwX,g=,o=' achieves the required complex permissions:
-    # - u=rw: Base 600 permissions for owner.
-    # - X: Adds executable bit only if path is a directory (700) or was already executable (700).
-    # - g=,o=: Explicitly removes permissions from group and others (resulting in D700/F600).
-    mode: 'g=,o='
+    mode: 'g-rwx,o-rwx'
     state: directory
     recurse: yes
   tags:
diff --git a/roles/copr/backend/tasks/setup_provisioning_environment.yml b/roles/copr/backend/tasks/setup_provisioning_environment.yml
index b56fc5de1c..9c93f68474 100644
--- a/roles/copr/backend/tasks/setup_provisioning_environment.yml
+++ b/roles/copr/backend/tasks/setup_provisioning_environment.yml
@@ -18,8 +18,6 @@
       - "--no-perms"
   tags:
   - provision_config
-  - provision_config_sync
-  - provision_config_sync_1
 
 - name: "Sync copr provisioning files [remove mock config leftovers]"
   ansible.posix.synchronize:
@@ -31,28 +29,17 @@
       - "--no-perms"
   tags:
   - provision_config
-  - provision_config_sync
-  - provision_config_sync_2
 
 - name: "fix perms for copr provisioning files ({{ provision_directory }})"
   ansible.builtin.file:
     path: "{{ provision_directory }}/"
     owner: "{{ provision_user }}"
     group: "{{ provision_user }}"
-    # The mode 'u=rwX,g=,o=' achieves the required complex permissions:
-    # - u=rw: Base 600 permissions for owner.
-    # - X: Adds executable bit only if path is a directory (700) or was already executable (700).
-    # - g=,o=: Explicitly removes permissions from group and others (resulting in D700/F600).
     mode: 'g-rwx,o-rwx'
     state: directory
     recurse: yes
-    follow: false
   tags:
     - provision_config
-    - provision_config_sync
-    - provision_config_sync_1
-    - provision_config_sync_2
-    - provision_config_sync_just_fix_perms
 
 - name: Resalloc, generate vars.yml file
   ansible.builtin.template: