From b5ce69cf3cb7dca63f65520752a54c0dad588842 Mon Sep 17 00:00:00 2001
From: Nico <588438+rybnico@users.noreply.github.com>
Date: Tue, 8 Aug 2023 14:06:15 +0200
Subject: [PATCH] Set owner/group to root/root when unarchiving kata-containers
 (#10338)

Set owner/group to root/root when unarchiving kata-containers binary to prevent kata-containers binaries/directories and especially / from getting chowned to 1001:123, the file owner specified in the kata-containers archive
---
 roles/container-engine/kata-containers/tasks/main.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/roles/container-engine/kata-containers/tasks/main.yml b/roles/container-engine/kata-containers/tasks/main.yml
index e61d89f60..e795b1f8d 100644
--- a/roles/container-engine/kata-containers/tasks/main.yml
+++ b/roles/container-engine/kata-containers/tasks/main.yml
@@ -9,6 +9,8 @@
     src: "{{ downloads.kata_containers.dest }}"
     dest: "/"
     mode: 0755
+    owner: root
+    group: root
     remote_src: yes
 
 - name: Kata-containers | Create config directory