It works :) I am using 1.8.1.
kl. 17:54:30 UTC+1 onsdag 5. november 2014 skrev tkuratomi følgende: > > From earlier on the thread 1.7.1 > > And yes, there have been some fixes to the devel branch related to owner > and group since 1.7.1 that might be the cause of this. In addition to the > two you've linked to, Stein, I believe there's a third where specifying the > file name rather than the directory as the destination was a work around. > > If you can checkout the development branch from git to test, that would > confirm whether we've already fixed this for the next version or not. Some > of those fixes may also have been pulled into the 1.7.2 release - the > timing is right but I don't recall whether they were added to that release > or are waiting on 1.8. > > -Toshio > On Nov 5, 2014 6:31 AM, "Michael DeHaan" <[email protected] <javascript:>> > wrote: > >> Can you please share what version of Ansible you are using? >> >> (ansible --version) >> >> Thanks! >> >> >> >> On Wed, Nov 5, 2014 at 7:32 AM, Stein Inge Morisbak <[email protected] >> <javascript:>> wrote: >> >>> Hi! >>> >>> It took some time before i could look into this. Anyway, I think it has >>> to do with this issue: https://github.com/ansible/ansible/issues/7372 >>> >>> The template-module always does `chown`, and that will not work when >>> running as a non-root user when the files are owned by root even if the >>> group has write permission. >>> >>> - Stein Inge >>> >>> kl. 14:35:36 UTC+2 onsdag 10. september 2014 skrev Michael DeHaan >>> følgende: >>>> >>>> Yeah, please let us know. >>>> >>>> One point of clarification - I think you may possibly be confusing >>>> SELinux and ACLs, which are different things. >>>> >>>> ACLs do not come from SELinux, they are managed by setfacl/etc. >>>> >>>> (There's also a handy acl module in Ansible!) >>>> >>>> >>>> >>>> >>>> On Wed, Sep 10, 2014 at 7:32 AM, Stein Inge Morisbak <[email protected]> >>>> wrote: >>>> >>>>> Sorry about the tarball. It won't happen again. >>>>> >>>>> After some further investigation it seems that it might have something >>>>> to do with SELinux ACL after all. The httpd directory in /etc/httpd/conf >>>>> has a dot after its access list (drwxr-xr-x.). I don't know if this is >>>>> the >>>>> problem yet, but I will do some further investigations. Thanks for >>>>> mentioning SELinux. >>>>> >>>>> I will keep you posted. >>>>> >>>>> 2014-09-10 12:26 GMT+02:00 Abubakr-Sadik Nii Nai Davis < >>>>> [email protected]>: >>>>> >>>>>> Well noted. >>>>>> >>>>>> On Tuesday, September 9, 2014 7:13:49 PM UTC, Michael DeHaan wrote: >>>>>>> >>>>>>> As a general rule, I don't crack open tarballs attached to the list >>>>>>> - and I would request that since there are thousands of users on this >>>>>>> list >>>>>>> we don't start using it for attachments. >>>>>>> >>>>>>> (I'm not sure I can turn it off). >>>>>>> >>>>>>> A gist or github repo would be welcome, or even pastebin for smaller >>>>>>> things. >>>>>>> >>>>>>> In many cases, it can just be shown inline. >>>>>>> >>>>>>> >>>>>>> >>>>>>> On Tue, Sep 9, 2014 at 12:21 PM, Stein Inge Morisbak < >>>>>>> [email protected]> wrote: >>>>>>> >>>>>>>> I have attached the whole shebang to reproduce it. >>>>>>>> >>>>>>>> Requirements is: >>>>>>>> - the same username on the server set up with an authorized key and >>>>>>>> belonging to a group. >>>>>>>> - A file: /etc/httpd/conf/httpd.conf owned by a different user, >>>>>>>> but writable for the group the first user belongs to. >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> 2014-09-09 17:45 GMT+02:00 Michael DeHaan <[email protected]>: >>>>>>>> >>>>>>>>> Can you show more of the playbook in context? >>>>>>>>> >>>>>>>>> I'm missing task names and such and wanted to be clear about >>>>>>>>> something. >>>>>>>>> >>>>>>>>> I may have some other questions after that. >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> On Mon, Sep 8, 2014 at 5:51 PM, Stein Inge Morisbak < >>>>>>>>> [email protected]> wrote: >>>>>>>>> >>>>>>>>>> Yup. It is non-sudo and non-root. >>>>>>>>>> >>>>>>>>>> $ ansible --version >>>>>>>>>> ansible 1.7.1 >>>>>>>>>> >>>>>>>>>> stanza: >>>>>>>>>> --- >>>>>>>>>> - hosts: myservers >>>>>>>>>> roles: >>>>>>>>>> - httpd >>>>>>>>>> remote_user: "{{ lookup('env','USER') }}" >>>>>>>>>> gather_facts: False >>>>>>>>>> sudo: False >>>>>>>>>> >>>>>>>>>> $ ansible-playbook -i test myservers.yml >>>>>>>>>> fatal: [my-box] => failed to parse: {"msg": "Could not replace >>>>>>>>>> file: /home/steinim/.ansible/tmp/ansible-tmp-1410212872.62- >>>>>>>>>> 18948176608778/source to /etc/httpd/conf/httpd.conf: [Errno 1] >>>>>>>>>> Operation not permitted: >>>>>>>>>> '/etc/httpd/conf/.ansible_tmpy33qxVhttpd.conf'", >>>>>>>>>> "failed": true} >>>>>>>>>> Exception OSError: (2, 'No such file or directory', >>>>>>>>>> '/etc/httpd/conf/.ansible_tmpy33qxVhttpd.conf') in <bound method >>>>>>>>>> _TemporaryFileWrapper.__del__ of <closed file '<fdopen>', mode 'w+b' >>>>>>>>>> at >>>>>>>>>> 0x1e946f0>> ignored >>>>>>>>>> >>>>>>>>>> Since I am in the group developers and have write access to the >>>>>>>>>> file and directory I would expect that I can overwrite the file. >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> kl. 23:36:02 UTC+2 mandag 8. september 2014 skrev Michael DeHaan >>>>>>>>>> følgende: >>>>>>>>>>> >>>>>>>>>>> Can you please share the ansible --version as well as the >>>>>>>>>>> command line invocation you are using and the stanza of your >>>>>>>>>>> playbook? >>>>>>>>>>> >>>>>>>>>>> Sounds like you are doing something non-sudo most likely, or non >>>>>>>>>>> root, that doesn't have enough permissions. >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> On Mon, Sep 8, 2014 at 7:50 AM, Stein Inge Morisbak < >>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>> >>>>>>>>>>>> I am trying to run the following task: >>>>>>>>>>>> >>>>>>>>>>>> - name: copy httpd.conf to /etc/httpd/conf folder >>>>>>>>>>>> copy: src=httpd.conf dest="/etc/httpd/conf" >>>>>>>>>>>> >>>>>>>>>>>> Ownership on the server is: >>>>>>>>>>>> >>>>>>>>>>>> drwxrwsr-x 2 root developers 4096 Sep 8 13:33 . >>>>>>>>>>>> drwxrwsr-x 5 root developers 4096 Sep 4 17:51 .. >>>>>>>>>>>> -rw-rw-r-- 1 root developers 34744 Apr 3 16:01 httpd.conf >>>>>>>>>>>> >>>>>>>>>>>> I am a member of the developers group. The directory and file >>>>>>>>>>>> has write permission for the developers group. However the task >>>>>>>>>>>> fails with >>>>>>>>>>>> this error message: >>>>>>>>>>>> >>>>>>>>>>>> fatal: [my-box] => failed to parse: {"msg": "Could not replace >>>>>>>>>>>> file: /home/steinim/.ansible/tmp/ansible-tmp-1410176741.01- >>>>>>>>>>>> 248154513611723/source to /etc/httpd/conf/httpd.conf: [Errno >>>>>>>>>>>> 1] Operation not permitted: >>>>>>>>>>>> '/etc/httpd/conf/.ansible_tmpZ7a3MQhttpd.conf'", >>>>>>>>>>>> "failed": true} >>>>>>>>>>>> >>>>>>>>>>>> Am I missing something, or should this work? >>>>>>>>>>>> >>>>>>>>>>>> -- >>>>>>>>>>>> You received this message because you are subscribed to the >>>>>>>>>>>> Google Groups "Ansible Project" group. >>>>>>>>>>>> To unsubscribe from this group and stop receiving emails from >>>>>>>>>>>> it, send an email to [email protected]. >>>>>>>>>>>> To post to this group, send email to ansible...@googlegroups. >>>>>>>>>>>> com. >>>>>>>>>>>> To view this discussion on the web visit >>>>>>>>>>>> https://groups.google.com/d/msgid/ansible-project/90f29162-3 >>>>>>>>>>>> cd1-4783-a3ca-ada6c1fd5604%40googlegroups.com >>>>>>>>>>>> <https://groups.google.com/d/msgid/ansible-project/90f29162-3cd1-4783-a3ca-ada6c1fd5604%40googlegroups.com?utm_medium=email&utm_source=footer> >>>>>>>>>>>> . >>>>>>>>>>>> For more options, visit https://groups.google.com/d/optout. >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>> You received this message because you are subscribed to the >>>>>>>>>> Google Groups "Ansible Project" group. >>>>>>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>>>>>> send an email to [email protected]. >>>>>>>>>> To post to this group, send email to [email protected]. >>>>>>>>>> To view this discussion on the web visit >>>>>>>>>> https://groups.google.com/d/msgid/ansible-project/7d4c1995- >>>>>>>>>> 1eb9-4baa-9940-a5b98fc960da%40googlegroups.com >>>>>>>>>> <https://groups.google.com/d/msgid/ansible-project/7d4c1995-1eb9-4baa-9940-a5b98fc960da%40googlegroups.com?utm_medium=email&utm_source=footer> >>>>>>>>>> . >>>>>>>>>> >>>>>>>>>> For more options, visit https://groups.google.com/d/optout. >>>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> You received this message because you are subscribed to a topic in >>>>>>>>> the Google Groups "Ansible Project" group. >>>>>>>>> To unsubscribe from this topic, visit https://groups.google.com/d/ >>>>>>>>> topic/ansible-project/e7OIdscZXMo/unsubscribe. >>>>>>>>> To unsubscribe from this group and all its topics, send an email >>>>>>>>> to [email protected]. >>>>>>>>> To post to this group, send email to [email protected]. >>>>>>>>> To view this discussion on the web visit >>>>>>>>> https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgw >>>>>>>>> krstcxsQ9OTr_OnKFor02OiUsEOJJrdHdZR%3DsM4tf4g%40mail.gmail.com >>>>>>>>> <https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgwkrstcxsQ9OTr_OnKFor02OiUsEOJJrdHdZR%3DsM4tf4g%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>>>>>>> . >>>>>>>>> >>>>>>>>> For more options, visit https://groups.google.com/d/optout. >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> - Stein Inge >>>>>>>> >>>>>>>> -- >>>>>>>> You received this message because you are subscribed to the Google >>>>>>>> Groups "Ansible Project" group. >>>>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>>>> send an email to [email protected]. >>>>>>>> To post to this group, send email to [email protected]. >>>>>>>> To view this discussion on the web visit >>>>>>>> https://groups.google.com/d/msgid/ansible-project/CAJJkzbazsnJ- >>>>>>>> xt4rXvwW0h2pUMnyoQzaHputu4_hYFK_yMcWYQ%40mail.gmail.com >>>>>>>> <https://groups.google.com/d/msgid/ansible-project/CAJJkzbazsnJ-xt4rXvwW0h2pUMnyoQzaHputu4_hYFK_yMcWYQ%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>>>>>> . >>>>>>>> >>>>>>>> For more options, visit https://groups.google.com/d/optout. >>>>>>>> >>>>>>> >>>>>>> -- >>>>>> You received this message because you are subscribed to a topic in >>>>>> the Google Groups "Ansible Project" group. >>>>>> To unsubscribe from this topic, visit https://groups.google.com/d/ >>>>>> topic/ansible-project/e7OIdscZXMo/unsubscribe. >>>>>> To unsubscribe from this group and all its topics, send an email to >>>>>> [email protected]. >>>>>> To post to this group, send email to [email protected]. >>>>>> To view this discussion on the web visit https://groups.google.com/d/ >>>>>> msgid/ansible-project/7a2ebd43-1678-4e9e-9884- >>>>>> 489862c30c10%40googlegroups.com >>>>>> <https://groups.google.com/d/msgid/ansible-project/7a2ebd43-1678-4e9e-9884-489862c30c10%40googlegroups.com?utm_medium=email&utm_source=footer> >>>>>> . >>>>>> >>>>>> For more options, visit https://groups.google.com/d/optout. >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> - Stein Inge >>>>> >>>>> -- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "Ansible Project" group. >>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>> an email to [email protected]. >>>>> To post to this group, send email to [email protected]. >>>>> To view this discussion on the web visit https://groups.google.com/d/ >>>>> msgid/ansible-project/CAJJkzbbJdSt7s%2BDcqqwaqZzJjRzzSxXVo%2BLWc% >>>>> 2BfvdEW%3Di%2BpG4w%40mail.gmail.com >>>>> <https://groups.google.com/d/msgid/ansible-project/CAJJkzbbJdSt7s%2BDcqqwaqZzJjRzzSxXVo%2BLWc%2BfvdEW%3Di%2BpG4w%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>>> . >>>>> >>>>> For more options, visit https://groups.google.com/d/optout. >>>>> >>>> >>>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Ansible Project" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected] <javascript:>. >>> To post to this group, send email to [email protected] >>> <javascript:>. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/ansible-project/c5dbd929-d508-4c01-9791-04a3ff4ba77b%40googlegroups.com >>> >>> <https://groups.google.com/d/msgid/ansible-project/c5dbd929-d508-4c01-9791-04a3ff4ba77b%40googlegroups.com?utm_medium=email&utm_source=footer> >>> . >>> >>> For more options, visit https://groups.google.com/d/optout. >>> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Ansible Project" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> To post to this group, send email to [email protected] >> <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgwfwv7BK1FU0XR%2BP5%3DneJpHV2Hf47L_y2u_JC4U5Mub8w%40mail.gmail.com >> >> <https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgwfwv7BK1FU0XR%2BP5%3DneJpHV2Hf47L_y2u_JC4U5Mub8w%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/4f3b552f-02c7-4c0a-b8a4-a0e63c8c25db%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
