Ansible Error : Error while linking: [Errno 13] Permission denied

[swapnil bendekar]

Hello Folks,

With Ansible(2.3.0.0)  and  python(2.6.6), executing ansible playbook from webadmin user. 

Using remote_user = ansible (in ansible.cfg )for passwordless authentication.

While creating symlink, getting Error while linking: [Errno 13] Permission denied

Syntax used:

 file:

      src: /path/to/be/linked

      dest: "{{dest_home}}/{{dest_app}}"

      state: link

      follow: True

      force: True

 

Appreciate your help to resolve this issue.

[Mathias Ettinger]

Even with passwordless sudo, you may still want to use become:yes to actually invoke the command using sudo.

[swapnil bendekar]

Thanks Mathias for your response and sorry for late reply.

Issue still persists

    "msg": "Error while linking: [Errno 13] Permission denied",

    "path": "/path/to/be/linked",

    "state": "absent"

[Dick Visser]

what does your entire playbook look like?

> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-proje...@googlegroups.com.
> To post to this group, send email to ansible...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/41b1ad73-774d-48b2-96d4-a675a6b71c39%40googlegroups.com.
>
> For more options, visit https://groups.google.com/d/optout.



--
Dick Visser
Sr. System & Network Engineer
GÉANT

Want to join us? We're hiring: https://www.geant.org/jobs

[swapnil bendekar]

Thanks Dick for your response.

Actually, I have logged in as user1 (user1grp)  but want to deploy using user2 (user2grp). Because passwordless authentication can be enabled for user2 and NOT for user1

Source and destination has permission as user1:user1grp

snippet of playbook look likes:

 

- hosts: app1

  remote_user: user2

  vars:

     dest_home: "/LINK/NAME"   

     dest_app: "libs/app"

lib_app: "app"

     sleep_interval: 15

  tasks:

  - name: Link Release Deployment "{{lib_app}}" Application

    file:

      src:  /path/to/be/linked

 dest: "{{dest_home}}/{{dest_app}}"

      state: link

      follow: True

      force: True

[Dick Visser]

The user2 account (even though it's "passwordless authentication" -
whatever that means) doesn't have the right permissions to be able to
create the links.

mathias....@gmail.com already gave you a hint, try that please.

Dick

> https://groups.google.com/d/msgid/ansible-project/c2197f34-45c8-4745-a1a3-4b7c1296b01e%40googlegroups.com.

[swapnil bendekar]

Hello Dick,

user2 is already added to sudoers to allow execution of needful commands

user2 ALL=(ALL) NOPASSWD: /bin/mkdir

user2 ALL=(ALL) NOPASSWD: /usr/bin/rsync

user2 ALL=(ALL) NOPASSWD: /bin/ln

Tried option suggested by Mathias, but getting same error

[Pshem Kowalczyk]

Ansible modules (generally) don't use cli commands. You have to allow execution of arbitrary commands for ansible to be able to work.

Please see here: http://docs.ansible.com/ansible/become.html#can-t-limit-escalation-to-certain-commands

kind regards

Pshem

To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/28f7caee-c104-476a-81f5-0cfdcf8ae246%40googlegroups.com.

[swapnil bendekar]

Thanks Pshem for the information.

Initially we were getting permission denied error for mkdir and kill, but it got resolved after adding it into sudoers which is not the case with "ln"