linuxea:ansible使用synchronize普通用户权限问题

marksugar
2018-06-13 / 0 评论 / 6,606 阅读 / 正在检测是否收录...
温馨提示:
本文最后更新于2018年06月13日,已超过1203天没有更新,若内容或图片失效,请留言反馈。

1,首先已经做好了密钥认证

[gitlab-runner@Linuxea-VM-Node_10_10_240_145 root]$ ssh root@10.10.240.203
[root@Linuxea-VM-Node203 ~]#
[root@Linuxea-VM-Node203 ~]# exit
登出
Connection to 10.10.240.203 closed.

切换到普通用户推送出现问题

[gitlab-runner@Linuxea-VM-Node_10_10_240_145 root]$ ansible 10.10.240.203 -m synchronize -a 'src=/home/gitlab-runner/123.txt dest=/data/wwwroot/'
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: OSError: [Errno 13] Permission denied: '.'
10.10.240.203 | FAILED! => {
    "msg": "Unexpected failure during module execution.", 
    "stdout": ""
}

查看详情

[gitlab-runner@Linuxea-VM-Node_10_10_240_145 root]$ ansible 10.10.240.203 -m synchronize -a 'src=/home/gitlab-runner/123.txt dest=/data/wwwroot/' -vvv
ansible 2.5.3
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/home/gitlab-runner/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, Apr 11 2018, 07:36:10) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]
Using /etc/ansible/ansible.cfg as config file
Parsed /etc/ansible/hosts inventory source with ini plugin
META: ran handlers
Using module file /usr/lib/python2.7/site-packages/ansible/modules/files/synchronize.py
The full traceback is:
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/ansible/executor/task_executor.py", line 138, in run
    res = self._execute()
  File "/usr/lib/python2.7/site-packages/ansible/executor/task_executor.py", line 561, in _execute
    result = self._handler.run(task_vars=variables)
  File "/usr/lib/python2.7/site-packages/ansible/plugins/action/synchronize.py", line 414, in run
    result.update(self._execute_module('synchronize', module_args=_tmp_args, task_vars=task_vars))
  File "/usr/lib/python2.7/site-packages/ansible/plugins/action/__init__.py", line 720, in _execute_module
    self._make_tmp_path()
  File "/usr/lib/python2.7/site-packages/ansible/plugins/action/__init__.py", line 255, in _make_tmp_path
    tmpdir = self._remote_expand_user(remote_tmp, sudoable=False)
  File "/usr/lib/python2.7/site-packages/ansible/plugins/action/__init__.py", line 590, in _remote_expand_user
    data = self._low_level_execute_command(cmd, sudoable=False)
  File "/usr/lib/python2.7/site-packages/ansible/plugins/action/__init__.py", line 915, in _low_level_execute_command
    os.chdir(self._loader.get_basedir())
OSError: [Errno 13] Permission denied: '.'

10.10.240.203 | FAILED! => {
    "msg": "Unexpected failure during module execution.", 
    "stdout": ""
}

删掉之前的目录,重新推送创建

[gitlab-runner@Linuxea-VM-Node_10_10_240_145 ~]$ ansible linuxea -m synchronize -a 'src=/home/gitlab-runner/123.txt dest=/data/wwwroot/' -vvv
ansible 2.5.3
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/home/gitlab-runner/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, Apr 11 2018, 07:36:10) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]
Using /etc/ansible/ansible.cfg as config file
Parsed /etc/ansible/hosts inventory source with ini plugin
META: ran handlers
Using module file /usr/lib/python2.7/site-packages/ansible/modules/files/synchronize.py
Using module file /usr/lib/python2.7/site-packages/ansible/modules/files/synchronize.py
<10.10.240.202> ESTABLISH LOCAL CONNECTION FOR USER: gitlab-runner
<10.10.240.202> EXEC /bin/sh -c 'echo ~root && sleep 0'
<10.10.240.203> ESTABLISH LOCAL CONNECTION FOR USER: gitlab-runner
<10.10.240.203> EXEC /bin/sh -c 'echo ~root && sleep 0'
<10.10.240.203> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-tmp-1528855639.99-161212317664020 `" && echo ansible-tmp-1528855639.99-161212317664020="` echo /root/.ansible/tmp/ansible-tmp-1528855639.99-161212317664020 `" ) && sleep 0'
<10.10.240.202> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-tmp-1528855639.99-180372546287702 `" && echo ansible-tmp-1528855639.99-180372546287702="` echo /root/.ansible/tmp/ansible-tmp-1528855639.99-180372546287702 `" ) && sleep 0'
10.10.240.203 | UNREACHABLE! => {
    "changed": false, 
    "msg": "Authentication or permission failure. In some cases, you may have been able to authenticate and did not have permissions on the target directory. Consider changing the remote tmp path in ansible.cfg to a path rooted in \"/tmp\". Failed command was: ( umask 77 && mkdir -p \"` echo /root/.ansible/tmp/ansible-tmp-1528855639.99-161212317664020 `\" && echo ansible-tmp-1528855639.99-161212317664020=\"` echo /root/.ansible/tmp/ansible-tmp-1528855639.99-161212317664020 `\" ), exited with result 1", 
    "unreachable": true
}
10.10.240.202 | UNREACHABLE! => {
    "changed": false, 
    "msg": "Authentication or permission failure. In some cases, you may have been able to authenticate and did not have permissions on the target directory. Consider changing the remote tmp path in ansible.cfg to a path rooted in \"/tmp\". Failed command was: ( umask 77 && mkdir -p \"` echo /root/.ansible/tmp/ansible-tmp-1528855639.99-180372546287702 `\" && echo ansible-tmp-1528855639.99-180372546287702=\"` echo /root/.ansible/tmp/ansible-tmp-1528855639.99-180372546287702 `\" ), exited with result 1", 
    "unreachable": true
}

可以看到这里报错

    "msg": "Authentication or permission failure. In some cases, you may have been able to authenticate and did not have permissions on the target directory. Consider changing the remote tmp path in ansible.cfg to a path rooted in \"/tmp\". Failed command was: ( umask 77 && mkdir -p \"` echo /root/.ansible/tmp/ansible-tmp-1528855639.99-180372546287702 `\" && echo ansible-tmp-1528855639.99-180372546287702=\"` echo /root/.ansible/tmp/ansible-tmp-1528855639.99-180372546287702 `\" ), exited with result 1", 

将配置文件中remote_tmp = ~/.ansible/tmp 修改 remote_tmp = /tmp/.ansible/tmp,这里主要是权限问题
切换root用户修改后在来推送验证一下
201806013.png
已经ok

0

评论 (0)

取消