I've updated to 1.6.6 now because that's what available in the yum EPEL
repos. When 1.6.7 or higher is available, I can upgrade that package.
Most things on our systems coming through our channel to RedHat Network or
a user managed channel.
This is really weird now there is no problem now. Maybe there was
something cached in /tmp from previous playbook runs when I did not specify
seuser=system_u
serole=object_r setype=nfs_t in the tasks or simply because I have now
updated ansible to version 1.6.6.
I believe the previous problem is that the module is trying to set the
SELinux context to be default_t. If I run the command on the server:
[root@stg-intmon-app-02 lib]# *chcon -t default_t
/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks*
chcon: failed to change context of
`/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks' to
`system_u:object_r:*default_t*:s0': *Operation not supported*
[root@stg-intmon-app-02 lib]# ls -lZ
/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks
-rw-r--r--. applmgr oinstall system_u:object_r:*nfs_t*:s0
/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks
TASK: [Install JKS for SSL]
***************************************************
<stg-intmon-app-02> ESTABLISH CONNECTION FOR USER: systems on PORT 22 TO
stg-intmon-app-02
<stg-intmon-app-02> EXEC /bin/sh -c 'sudo -k && sudo -H -S -p "[sudo via
ansible, key=lswacpkpjvajuonoykzhsynbeketkhzp] password: " -u applmgr
/bin/sh -c '"'"'echo SUDO-SUCCESS-lswacpkpjvajuonoykzhsynbeketkhzp; rc=0; [
-r "/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks" ] ||
rc=2; [ -f
"/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks" ] ||
rc=1; [ -d
"/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks" ] &&
echo 3 && exit 0; (/usr/bin/md5sum
/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks
2>/dev/null) || (/sbin/md5sum -q
/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks
2>/dev/null) || (/usr/bin/digest -a md5
/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks
2>/dev/null) || (/sbin/md5 -q
/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks
2>/dev/null) || (/usr/bin/md5 -n
/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks
2>/dev/null) || (/bin/md5 -q
/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks
2>/dev/null) || (/usr/bin/csum -h MD5
/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks
2>/dev/null) || (/bin/csum -h MD5
/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks
2>/dev/null) || (echo "${rc}
/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks")'"'"''
<stg-intmon-app-02> EXEC /bin/sh -c 'mkdir -p
/tmp/ansible-tmp-1406062803.27-36447185215066 && chmod a+rx
/tmp/ansible-tmp-1406062803.27-36447185215066 && echo
/tmp/ansible-tmp-1406062803.27-36447185215066'
<stg-intmon-app-02> PUT
/opt/playbook/intmon/roles/weblogic/tasks/files/CAtrust.jks TO
/tmp/ansible-tmp-1406062803.27-36447185215066/source
<stg-intmon-app-02> EXEC /bin/sh -c 'chmod a+r
/tmp/ansible-tmp-1406062803.27-36447185215066/source'
<stg-intmon-app-02> PUT /tmp/tmpQ6uefX TO
/tmp/ansible-tmp-1406062803.27-36447185215066/copy
<stg-intmon-app-02> EXEC /bin/sh -c 'chmod a+r
/tmp/ansible-tmp-1406062803.27-36447185215066/copy'
<stg-intmon-app-02> EXEC /bin/sh -c 'sudo -k && sudo -H -S -p "[sudo via
ansible, key=pdborrdasyvrjoyqdfyshjewqfqpnsqr] password: " -u applmgr
/bin/sh -c '"'"'echo SUDO-SUCCESS-pdborrdasyvrjoyqdfyshjewqfqpnsqr;
LC_CTYPE=C LANG=C /usr/bin/python
/tmp/ansible-tmp-1406062803.27-36447185215066/copy'"'"''
<stg-intmon-app-02> EXEC /bin/sh -c 'rm -rf
/tmp/ansible-tmp-1406062803.27-36447185215066/ >/dev/null 2>&1'
changed: [stg-intmon-app-02] => (item={'source': 'files/CAtrust.jks',
'destination':
'/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks'}) =>
{"changed": true, "dest":
"/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks", "gid":
501, "group": "oinstall", "item": {"destination":
"/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks",
"source": "files/CAtrust.jks"}, "md5sum":
"6927b8279d5265ff0c97a9efee474ee6", "mode": "0644", "owner": "applmgr",
"secontext": "system_u:object_r:nfs_t:s0", "size": 15070, "src":
"/tmp/ansible-tmp-1406062803.27-36447185215066/source", "state": "file",
"uid": 503}
The Ansible task is:
- name: Install JKS for SSL
copy: src={{ item.source }} dest={{ item.destination }} owner=applmgr
group=oinstall mode=0644 backup=yes seuser=system_u serole=object_r
setype=nfs_t
with_items:
- { source: 'files/CAtrust.jks', destination:
'/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks' }
sudo_user: applmgr
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/f24c54cf-2461-4f8b-9e58-b30189c2144a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
