escalation problem with 'copy' TASK
135 views
Skip to first unread message
dulh...@mailbox.org
Jul 26, 2023, 10:53:20 AM7/26/23
to ansible...@googlegroups.com
I have a copy TASK
###########################################################################################
- name: copy archive to "{{ postgres_install }}"
ansible.builtin.copy:
src: "../temp/{{ item }}"
dest: "/opt/db/postgres/install/{{ item }}"
become: true
become_user: postgres
mode: 0644
owner: postgres
group: postgres
loop:
- "postgresql-{{ pg_version }}-postgis-{{ gis_version }}-el8-ina1.tar.gz"
###########################################################################################
but am getting a 'Failed to get information on remote file ... permission denied' from my remotes
###########################################################################################
TASK [copy archive to "/opt/db/postgres/install"] *******************************************************************************************
task path: /home/gwagner/repos/automation_postgres/playbooks/pg_copy_archive_to_server.yml:38
<dvzsn-rd5095.portal.cn-mv.de> ESTABLISH SSH CONNECTION FOR USER: None
<dvzsn-rd5095.portal.cn-mv.de> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o 'ControlPath="/home/gwagner/.ansible/cp/9e44e07a70"' dvzsn-rd5095.portal.cn-mv.de '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
<dvzsn-rd5097.portal.cn-mv.de> ESTABLISH SSH CONNECTION FOR USER: None
<dvzsn-rd5097.portal.cn-mv.de> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o 'ControlPath="/home/gwagner/.ansible/cp/fabb7bb55e"' dvzsn-rd5097.portal.cn-mv.de '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
<dvzsn-rd5095.portal.cn-mv.de> (0, b'/home/gwagner\n', b'')
<dvzsn-rd5095.portal.cn-mv.de> ESTABLISH SSH CONNECTION FOR USER: None
<dvzsn-rd5095.portal.cn-mv.de> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o 'ControlPath="/home/gwagner/.ansible/cp/9e44e07a70"' dvzsn-rd5095.portal.cn-mv.de '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo /home/gwagner/.ansible/tmp `"&& mkdir "` echo /home/gwagner/.ansible/tmp/ansible-tmp-1690382167.2929223-3916028-198146789170963 `" && echo ansible-tmp-1690382167.2929223-3916028-198146789170963="` echo /home/gwagner/.ansible/tmp/ansible-tmp-1690382167.2929223-3916028-198146789170963 `" ) && sleep 0'"'"''
<dvzsn-rd5097.portal.cn-mv.de> (0, b'/home/gwagner\n', b'')
<dvzsn-rd5097.portal.cn-mv.de> ESTABLISH SSH CONNECTION FOR USER: None
<dvzsn-rd5097.portal.cn-mv.de> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o 'ControlPath="/home/gwagner/.ansible/cp/fabb7bb55e"' dvzsn-rd5097.portal.cn-mv.de '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo /home/gwagner/.ansible/tmp `"&& mkdir "` echo /home/gwagner/.ansible/tmp/ansible-tmp-1690382167.3025672-3916029-195671938319344 `" && echo ansible-tmp-1690382167.3025672-3916029-195671938319344="` echo /home/gwagner/.ansible/tmp/ansible-tmp-1690382167.3025672-3916029-195671938319344 `" ) && sleep 0'"'"''
<dvzsn-rd5097.portal.cn-mv.de> (0, b'ansible-tmp-1690382167.3025672-3916029-195671938319344=/home/gwagner/.ansible/tmp/ansible-tmp-1690382167.3025672-3916029-195671938319344\n', b'')
<dvzsn-rd5095.portal.cn-mv.de> (0, b'ansible-tmp-1690382167.2929223-3916028-198146789170963=/home/gwagner/.ansible/tmp/ansible-tmp-1690382167.2929223-3916028-198146789170963\n', b'')
Using module file /usr/lib/python3.9/site-packages/ansible/modules/stat.py
Pipelining is enabled.
<dvzsn-rd5095.portal.cn-mv.de> ESTABLISH SSH CONNECTION FOR USER: None
Using module file /usr/lib/python3.9/site-packages/ansible/modules/stat.py
Pipelining is enabled.
<dvzsn-rd5095.portal.cn-mv.de> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o 'ControlPath="/home/gwagner/.ansible/cp/9e44e07a70"' dvzsn-rd5095.portal.cn-mv.de '/bin/sh -c '"'"'/usr/libexec/platform-python && sleep 0'"'"''
<dvzsn-rd5097.portal.cn-mv.de> ESTABLISH SSH CONNECTION FOR USER: None
<dvzsn-rd5097.portal.cn-mv.de> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o 'ControlPath="/home/gwagner/.ansible/cp/fabb7bb55e"' dvzsn-rd5097.portal.cn-mv.de '/bin/sh -c '"'"'/usr/libexec/platform-python && sleep 0'"'"''
<dvzsn-rd5097.portal.cn-mv.de> (1, b'\n{"failed": true, "msg": "Permission denied", "exception": " File \\"/tmp/ansible_ansible.legacy.stat_payload_qlkcficm/ansible_ansible.legacy.stat_payload.zip/ansible/modules/stat.py\\", line 485, in main\\n", "invocation": {"module_args": {"path": "/opt/db/postgres/install/postgresql-14.8-postgis-3.3.3-el8-ina1.tar.gz", "follow": false, "get_checksum": true, "checksum_algorithm": "sha1", "get_md5": false, "get_mime": true, "get_attributes": true}}}\n', b'')
<dvzsn-rd5097.portal.cn-mv.de> Failed to connect to the host via ssh:
<dvzsn-rd5097.portal.cn-mv.de> ESTABLISH SSH CONNECTION FOR USER: None
<dvzsn-rd5097.portal.cn-mv.de> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o 'ControlPath="/home/gwagner/.ansible/cp/fabb7bb55e"' dvzsn-rd5097.portal.cn-mv.de '/bin/sh -c '"'"'rm -f -r /home/gwagner/.ansible/tmp/ansible-tmp-1690382167.3025672-3916029-195671938319344/ > /dev/null 2>&1 && sleep 0'"'"''
<dvzsn-rd5095.portal.cn-mv.de> (1, b'\n{"failed": true, "msg": "Permission denied", "exception": " File \\"/tmp/ansible_ansible.legacy.stat_payload_1r9epyn0/ansible_ansible.legacy.stat_payload.zip/ansible/modules/stat.py\\", line 485, in main\\n", "invocation": {"module_args": {"path": "/opt/db/postgres/install/postgresql-14.8-postgis-3.3.3-el8-ina1.tar.gz", "follow": false, "get_checksum": true, "checksum_algorithm": "sha1", "get_md5": false, "get_mime": true, "get_attributes": true}}}\n', b'')
<dvzsn-rd5095.portal.cn-mv.de> Failed to connect to the host via ssh:
<dvzsn-rd5095.portal.cn-mv.de> ESTABLISH SSH CONNECTION FOR USER: None
<dvzsn-rd5095.portal.cn-mv.de> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o 'ControlPath="/home/gwagner/.ansible/cp/9e44e07a70"' dvzsn-rd5095.portal.cn-mv.de '/bin/sh -c '"'"'rm -f -r /home/gwagner/.ansible/tmp/ansible-tmp-1690382167.2929223-3916028-198146789170963/ > /dev/null 2>&1 && sleep 0'"'"''
<dvzsn-rd5097.portal.cn-mv.de> (0, b'', b'')
fatal: [dvzsn-rd5097.portal.cn-mv.de]: FAILED! => {
"msg": "Failed to get information on remote file (/opt/db/postgres/install/postgresql-14.8-postgis-3.3.3-el8-ina1.tar.gz): Permission denied"
}
<dvzsn-rd5095.portal.cn-mv.de> (0, b'', b'')
fatal: [dvzsn-rd5095.portal.cn-mv.de]: FAILED! => {
"msg": "Failed to get information on remote file (/opt/db/postgres/install/postgresql-14.8-postgis-3.3.3-el8-ina1.tar.gz): Permission denied"
}
###########################################################################################
the permissions on that folder look good enough for the postgres user to write
> ls -l /opt/db/postgres/ | grep install
drwxr-x---. 2 postgres postgres 89 26. Jul 16:21 install
any idea what my problem may be?
###########################################################################################
- name: copy archive to "{{ postgres_install }}"
ansible.builtin.copy:
src: "../temp/{{ item }}"
dest: "/opt/db/postgres/install/{{ item }}"
become: true
become_user: postgres
mode: 0644
owner: postgres
group: postgres
loop:
- "postgresql-{{ pg_version }}-postgis-{{ gis_version }}-el8-ina1.tar.gz"
###########################################################################################
but am getting a 'Failed to get information on remote file ... permission denied' from my remotes
###########################################################################################
TASK [copy archive to "/opt/db/postgres/install"] *******************************************************************************************
task path: /home/gwagner/repos/automation_postgres/playbooks/pg_copy_archive_to_server.yml:38
<dvzsn-rd5095.portal.cn-mv.de> ESTABLISH SSH CONNECTION FOR USER: None
<dvzsn-rd5095.portal.cn-mv.de> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o 'ControlPath="/home/gwagner/.ansible/cp/9e44e07a70"' dvzsn-rd5095.portal.cn-mv.de '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
<dvzsn-rd5097.portal.cn-mv.de> ESTABLISH SSH CONNECTION FOR USER: None
<dvzsn-rd5097.portal.cn-mv.de> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o 'ControlPath="/home/gwagner/.ansible/cp/fabb7bb55e"' dvzsn-rd5097.portal.cn-mv.de '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
<dvzsn-rd5095.portal.cn-mv.de> (0, b'/home/gwagner\n', b'')
<dvzsn-rd5095.portal.cn-mv.de> ESTABLISH SSH CONNECTION FOR USER: None
<dvzsn-rd5095.portal.cn-mv.de> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o 'ControlPath="/home/gwagner/.ansible/cp/9e44e07a70"' dvzsn-rd5095.portal.cn-mv.de '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo /home/gwagner/.ansible/tmp `"&& mkdir "` echo /home/gwagner/.ansible/tmp/ansible-tmp-1690382167.2929223-3916028-198146789170963 `" && echo ansible-tmp-1690382167.2929223-3916028-198146789170963="` echo /home/gwagner/.ansible/tmp/ansible-tmp-1690382167.2929223-3916028-198146789170963 `" ) && sleep 0'"'"''
<dvzsn-rd5097.portal.cn-mv.de> (0, b'/home/gwagner\n', b'')
<dvzsn-rd5097.portal.cn-mv.de> ESTABLISH SSH CONNECTION FOR USER: None
<dvzsn-rd5097.portal.cn-mv.de> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o 'ControlPath="/home/gwagner/.ansible/cp/fabb7bb55e"' dvzsn-rd5097.portal.cn-mv.de '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo /home/gwagner/.ansible/tmp `"&& mkdir "` echo /home/gwagner/.ansible/tmp/ansible-tmp-1690382167.3025672-3916029-195671938319344 `" && echo ansible-tmp-1690382167.3025672-3916029-195671938319344="` echo /home/gwagner/.ansible/tmp/ansible-tmp-1690382167.3025672-3916029-195671938319344 `" ) && sleep 0'"'"''
<dvzsn-rd5097.portal.cn-mv.de> (0, b'ansible-tmp-1690382167.3025672-3916029-195671938319344=/home/gwagner/.ansible/tmp/ansible-tmp-1690382167.3025672-3916029-195671938319344\n', b'')
<dvzsn-rd5095.portal.cn-mv.de> (0, b'ansible-tmp-1690382167.2929223-3916028-198146789170963=/home/gwagner/.ansible/tmp/ansible-tmp-1690382167.2929223-3916028-198146789170963\n', b'')
Using module file /usr/lib/python3.9/site-packages/ansible/modules/stat.py
Pipelining is enabled.
<dvzsn-rd5095.portal.cn-mv.de> ESTABLISH SSH CONNECTION FOR USER: None
Using module file /usr/lib/python3.9/site-packages/ansible/modules/stat.py
Pipelining is enabled.
<dvzsn-rd5095.portal.cn-mv.de> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o 'ControlPath="/home/gwagner/.ansible/cp/9e44e07a70"' dvzsn-rd5095.portal.cn-mv.de '/bin/sh -c '"'"'/usr/libexec/platform-python && sleep 0'"'"''
<dvzsn-rd5097.portal.cn-mv.de> ESTABLISH SSH CONNECTION FOR USER: None
<dvzsn-rd5097.portal.cn-mv.de> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o 'ControlPath="/home/gwagner/.ansible/cp/fabb7bb55e"' dvzsn-rd5097.portal.cn-mv.de '/bin/sh -c '"'"'/usr/libexec/platform-python && sleep 0'"'"''
<dvzsn-rd5097.portal.cn-mv.de> (1, b'\n{"failed": true, "msg": "Permission denied", "exception": " File \\"/tmp/ansible_ansible.legacy.stat_payload_qlkcficm/ansible_ansible.legacy.stat_payload.zip/ansible/modules/stat.py\\", line 485, in main\\n", "invocation": {"module_args": {"path": "/opt/db/postgres/install/postgresql-14.8-postgis-3.3.3-el8-ina1.tar.gz", "follow": false, "get_checksum": true, "checksum_algorithm": "sha1", "get_md5": false, "get_mime": true, "get_attributes": true}}}\n', b'')
<dvzsn-rd5097.portal.cn-mv.de> Failed to connect to the host via ssh:
<dvzsn-rd5097.portal.cn-mv.de> ESTABLISH SSH CONNECTION FOR USER: None
<dvzsn-rd5097.portal.cn-mv.de> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o 'ControlPath="/home/gwagner/.ansible/cp/fabb7bb55e"' dvzsn-rd5097.portal.cn-mv.de '/bin/sh -c '"'"'rm -f -r /home/gwagner/.ansible/tmp/ansible-tmp-1690382167.3025672-3916029-195671938319344/ > /dev/null 2>&1 && sleep 0'"'"''
<dvzsn-rd5095.portal.cn-mv.de> (1, b'\n{"failed": true, "msg": "Permission denied", "exception": " File \\"/tmp/ansible_ansible.legacy.stat_payload_1r9epyn0/ansible_ansible.legacy.stat_payload.zip/ansible/modules/stat.py\\", line 485, in main\\n", "invocation": {"module_args": {"path": "/opt/db/postgres/install/postgresql-14.8-postgis-3.3.3-el8-ina1.tar.gz", "follow": false, "get_checksum": true, "checksum_algorithm": "sha1", "get_md5": false, "get_mime": true, "get_attributes": true}}}\n', b'')
<dvzsn-rd5095.portal.cn-mv.de> Failed to connect to the host via ssh:
<dvzsn-rd5095.portal.cn-mv.de> ESTABLISH SSH CONNECTION FOR USER: None
<dvzsn-rd5095.portal.cn-mv.de> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o 'ControlPath="/home/gwagner/.ansible/cp/9e44e07a70"' dvzsn-rd5095.portal.cn-mv.de '/bin/sh -c '"'"'rm -f -r /home/gwagner/.ansible/tmp/ansible-tmp-1690382167.2929223-3916028-198146789170963/ > /dev/null 2>&1 && sleep 0'"'"''
<dvzsn-rd5097.portal.cn-mv.de> (0, b'', b'')
fatal: [dvzsn-rd5097.portal.cn-mv.de]: FAILED! => {
"msg": "Failed to get information on remote file (/opt/db/postgres/install/postgresql-14.8-postgis-3.3.3-el8-ina1.tar.gz): Permission denied"
}
<dvzsn-rd5095.portal.cn-mv.de> (0, b'', b'')
fatal: [dvzsn-rd5095.portal.cn-mv.de]: FAILED! => {
"msg": "Failed to get information on remote file (/opt/db/postgres/install/postgresql-14.8-postgis-3.3.3-el8-ina1.tar.gz): Permission denied"
}
###########################################################################################
the permissions on that folder look good enough for the postgres user to write
> ls -l /opt/db/postgres/ | grep install
drwxr-x---. 2 postgres postgres 89 26. Jul 16:21 install
any idea what my problem may be?
Dick Visser
Jul 26, 2023, 12:04:20 PM7/26/23
to ansible...@googlegroups.com
On Wed, 26 Jul 2023 at 16:53, dulhaver via Ansible Project <ansible...@googlegroups.com> wrote:
ull 2>&1 && sleep 0'"'"''
<dvzsn-rd5097.portal.cn-mv.de> (0, b'', b'')
fatal: [dvzsn-rd5097.portal.cn-mv.de]: FAILED! => {
"msg": "Failed to get information on remote file (/opt/db/postgres/install/postgresql-14.8-postgis-3.3.3-el8-ina1.tar.gz): Permission denied"
}
<dvzsn-rd5095.portal.cn-mv.de> (0, b'', b'')
fatal: [dvzsn-rd5095.portal.cn-mv.de]: FAILED! => {
"msg": "Failed to get information on remote file (/opt/db/postgres/install/postgresql-14.8-postgis-3.3.3-el8-ina1.tar.gz): Permission denied"
}
###########################################################################################
the permissions on that folder look good enough for the postgres user to write
> ls -l /opt/db/postgres/ | grep install
drwxr-x---. 2 postgres postgres 89 26. Jul 16:21 install
any idea what my problem may be?
Permissions after all. There is a dot at the end of your permissions, which usually indicates that an SELinux context is present.
I don't know how that exactly works.
In any case is it not an ansible problem but a local permissions problem.
So make sure that is fixed, and then your ansible task will work as well.
dulh...@mailbox.org
Jul 27, 2023, 2:56:31 AM7/27/23
to ansible...@googlegroups.com
thx for that suggestion, however I can do this without any problem
ansible postgres -l @../temp/limit_agrar -m copy -a "src=../temp/postgresql-12.15-postgis-3.2.5-el8-ina1.tar.gz dest=/opt/db/postgres/install/ mode=0644 owner=postgres group=postgres" -b --become-user=postgres
and I'd say that has the same privilege situation as my playbook
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAF8BbLbbz02yK4J0LmkU9igX49LN2%2B%3D2EnsCm07f4qHj4W-RoQ%40mail.gmail.com.
Will McDonald
Jul 27, 2023, 3:23:19 AM7/27/23
to ansible...@googlegroups.com
become and become_user: postgresis are at the wrong indentation level in the task?
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/1824824653.253423.1690383180175%40office.mailbox.org.
Reply all
Reply to author
Forward
0 new messages