I am trying to isolate the problem, I left the python files that are
generated in the .ansible directory.
I ran this:
myhost001~/.ansible/tmp$ /bin/sh -c 'LANG=C LC_CTYPE=C /usr/bin/python
/home/svc_acplus_prod02/.ansible/tmp/ansible-tmp-1441218726.44-141986608018617/file'
and see this output:
{"group": "acplusprod", "uid": 102116, "changed": false, "state":
"directory", "gid": 103244, "mode": "0770", "own er": "svc_acplus_prod02",
"path": "/opt/refdata/PROD02/apps/.tmp", "size": 4096}
This is the file that failed with not enough privilege, I ran it as my
ansible_ssh_user by logging in into ansible_ssh_host. I got the command
line from the logs which showed what was running. I am not sure if there
are some variables that need to be set up to emulate exactly the install.
On Tuesday, September 1, 2015 at 3:40:52 PM UTC-4, Roman H wrote:
>
> I do have permissions there, the error I get:
> OSError: [Errno 13] Permission denied: '/opt/refdata/PROD02'
>
> here is what I see:
>
> host001:svc_test_prod02/opt/refdata$ ls-ltr
> drwxrwx--- 6 svc_test_prod02 testprod 4096 Sep 1 15:07 PROD02
>
>
> On Tuesday, September 1, 2015 at 12:43:20 AM UTC-4, Marcus Franke wrote:
>>
>> What about doing the login as your service account?
>>
>> Most likely your user is missing sudo permissions or your playbook does
>> not use sudo settings.
>>
>> As the error message states, svc-test-prod02 is not allowed to write in
>> the /opt/refdata directory. If I have to guess, I would say its owned by
>> root:root with default 0755 permission. Thus only sudo will work.
>>
>> /mf
>>
>> Roman H <[email protected]> schrieb am Di., 1. Sep. 2015 00:51:
>>
>>> I have permission problem when I try do deploy something using Ansible,
>>> here is the log:
>>>
>>> host001:svc_test_prod02~/ansible$ ansible-playbook -i inventory/prod/
>>> acc.yml -v --vault-password-file=~/.ansible-vault-pw --private-key
>>> ~/.ssh/svc_test_prod02
>>>
>>> PLAY [impact02]
>>> ***************************************************************
>>>
>>> GATHERING FACTS
>>> ***************************************************************
>>> ok: [impact02]
>>>
>>> TASK: [ac_connect | debug environment]
>>> ****************************************
>>> ok: [impact02] => {
>>> "msg": "we are in PROD02 environment, temp dir
>>> /opt/refdata/PROD02/.acconnect_impact_temp"
>>> }
>>>
>>> TASK: [ac_connect | create directories]
>>> ***************************************
>>> failed: [impact02] => {"failed": true, "parsed": false}
>>> /home/svc_test_prod02/.bashrc: line 24:
>>> /opt/refdata/PROD02/test/bin/acenv.sh: No such file or directory
>>> Traceback (most recent call last):
>>> File
>>> "/home/svc_test_prod02/.ansible/tmp/ansible-tmp-1441058033.64-235558047812754/file",
>>>
>>> line 1999, in <module>
>>> main()
>>> File
>>> "/home/svc_test_prod02/.ansible/tmp/ansible-tmp-1441058033.64-235558047812754/file",
>>>
>>> line 279, in main
>>> os.mkdir(curpath)
>>> OSError: [Errno 13] Permission denied: '/opt/refdata/PROD02'
>>>
>>>
>>> FATAL: all hosts have already failed -- aborting
>>>
>>> PLAY RECAP
>>> ********************************************************************
>>> to retry, use: --limit @/home/svc_test_prod02/acc.retry
>>>
>>> impact02 : ok=2 changed=0 unreachable=0
>>> failed=1
>>>
>>>
>>>
>>>
>>>
>>> the runbook tries to create a directory.
>>>
>>> What I did is I added the svc_test_prod02 public key to
>>> authorized_keys2. The user is defined in the inventory like this:
>>>
>>> ansible_ssh_user: svc_test_prod02
>>>
>>> Is there anything else I need to do? To add to this - this problem only
>>> happens when I perform this task as svc_test_prod02 user. If I login as my
>>> personal user I don't have permission issues.
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to [email protected].
>>> To post to this group, send email to [email protected].
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/ansible-project/dc6b0622-39e6-477d-be7c-f2f4f985f4a3%40googlegroups.com
>>>
>>> <https://groups.google.com/d/msgid/ansible-project/dc6b0622-39e6-477d-be7c-f2f4f985f4a3%40googlegroups.com?utm_medium=email&utm_source=footer>
>>> .
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/90850cb2-e8d5-42d7-b316-f28b66c2f670%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
