From 7eb496e93fd53bacc8af2eb854c459fc565d0ecc Mon Sep 17 00:00:00 2001
From: slugger70 <slugger70@gmail.com>
Date: Tue, 7 Jun 2022 10:31:19 +1000
Subject: [PATCH 1/2] Altered group for privsep dirs to allow galaxy_user to
 read

---
 tasks/paths.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tasks/paths.yml b/tasks/paths.yml
index a1e49d7..66dbe2b 100644
--- a/tasks/paths.yml
+++ b/tasks/paths.yml
@@ -18,7 +18,7 @@
         path: "{{ item }}"
         state: directory
         owner: "{{ __galaxy_privsep_user_name }}"
-        group: "{{ __galaxy_privsep_user_group }}"
+        group: "{{ __galaxy_user_group }}" #This is set so that the galaxy_user can read the files in the priv_sep dirs. (As priv_sep dirs have defauly perms of 0640.)
         mode: "{{ __galaxy_dir_perms }}"
       with_items: "{{ galaxy_privsep_dirs }}"
       when: item | default(False)

From 939532e5d925c720a8eae70b07ca58982feb2479 Mon Sep 17 00:00:00 2001
From: slugger70 <slugger70@gmail.com>
Date: Tue, 7 Jun 2022 15:55:38 +1000
Subject: [PATCH 2/2] Changed group of static files so galaxy user can read
 them

---
 tasks/static_setup.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/tasks/static_setup.yml b/tasks/static_setup.yml
index b67d091..2d63ebf 100644
--- a/tasks/static_setup.yml
+++ b/tasks/static_setup.yml
@@ -14,6 +14,7 @@
         dest: "{{ item.dest }}"
         backup: "{{ galaxy_backup_configfiles }}"
         mode: "{{ galaxy_config_perms }}"
+        group: "{{ __galaxy_user_group }}"
       with_items: "{{ galaxy_config_files }}"
       notify:
         - restart galaxy
@@ -24,6 +25,7 @@
         dest: "{{ item.dest }}"
         backup: "{{ galaxy_backup_configfiles }}"
         mode: "{{ galaxy_config_perms }}"
+        group: "{{ __galaxy_user_group }}"
       with_items: "{{ galaxy_config_templates }}"
       notify:
         - restart galaxy
@@ -41,6 +43,7 @@
         src: local_tool_conf.xml.j2
         dest: "{{ galaxy_config_dir }}/local_tool_conf.xml"
         mode: "{{ galaxy_config_perms }}"
+        group: "{{ __galaxy_user_group }}"
       when: galaxy_local_tools is defined
 
     - name: Append local_tool_conf.xml to tool_config_file Galaxy config option
@@ -126,6 +129,7 @@
         dest: "{{ galaxy_config_file }}"
         backup: "{{ galaxy_backup_configfiles }}"
         mode: "{{ galaxy_config_perms }}"
+        group: "{{ __galaxy_user_group }}"
       notify:
         - galaxyctl update
         - restart galaxy