Copy module issues with SELinux on NFS
501 views
Skip to first unread message
Melissa Tan
Jul 22, 2014, 2:35:36 AM7/22/14
to ansible...@googlegroups.com
Has anyone been able to resolve an SELinux issue when using the copy module when writing to an NFS mount?
I tried specifying the SE options to force it, but that doesn't appear to work. My /tmp is local disk where Ansible first uploads the file, but the final destination /u01/app/oracle/product/fmw/wl_server_10.3/server/lib is on an NFS mount (hosted on Netapp). This issue only comes up on NFS. Using the copy module on a destination that is local disk like /home/applmgr has no issues.
I am thinking my work around is going to have to be issuing a move command after uploading the file to a path that is on the local file system. I am using Ansible 1.5.5.
- name: Install JKS for SSL
copy: src={{ item.source }} dest={{ item.destination }} owner=applmgr group=oinstall mode=0644 backup=yes seuser=_default serole=_default setype_default
with_items:
- { source: 'files/CAtrust.jks', destination: '/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks' }
sudo_user: applmgr
TASK: [Install JKS for SSL] ***************************************************
<stg-intmon-app-02> ESTABLISH CONNECTION FOR USER: systems on PORT 22 TO stg-intmon-app-02
<stg-intmon-app-02> EXEC /bin/sh -c 'sudo -k && sudo -H -S -p "[sudo via ansible, key=hyfpcveiujdsjplloxksrkpnccgbctjl] password: " -u applmgr /bin/sh -c '"'"'echo SUDO-SUCCESS-hyfpcveiujdsjplloxksrkpnccgbctjl; rc=0; [ -r "/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks" ] || rc=2; [ -f "/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks" ] || rc=1; [ -d "/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks" ] && echo 3 && exit 0; (/usr/bin/md5sum /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks 2>/dev/null) || (/sbin/md5sum -q /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks 2>/dev/null) || (/usr/bin/digest -a md5 /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks 2>/dev/null) || (/sbin/md5 -q /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks 2>/dev/null) || (/usr/bin/md5 -n /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks 2>/dev/null) || (/bin/md5 -q /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks 2>/dev/null) || (/usr/bin/csum -h MD5 /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks 2>/dev/null) || (/bin/csum -h MD5 /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks 2>/dev/null) || (echo "${rc} /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks")'"'"''
<stg-intmon-app-02> EXEC /bin/sh -c 'mkdir -p /tmp/ansible-tmp-1406010170.17-83664497534334 && chmod a+rx /tmp/ansible-tmp-1406010170.17-83664497534334 && echo /tmp/ansible-tmp-1406010170.17-83664497534334'
<stg-intmon-app-02> PUT /opt/playbook/intmon/roles/weblogic/tasks/files/CAtrust.jks TO /tmp/ansible-tmp-1406010170.17-83664497534334/source
<stg-intmon-app-02> EXEC /bin/sh -c 'chmod a+r /tmp/ansible-tmp-1406010170.17-83664497534334/source'
<stg-intmon-app-02> PUT /tmp/tmpTUjBR9 TO /tmp/ansible-tmp-1406010170.17-83664497534334/copy
<stg-intmon-app-02> EXEC /bin/sh -c 'chmod a+r /tmp/ansible-tmp-1406010170.17-83664497534334/copy'
<stg-intmon-app-02> EXEC /bin/sh -c 'sudo -k && sudo -H -S -p "[sudo via ansible, key=nyamsxiowxjuicxewlbnfaojqzneyfhj] password: " -u applmgr /bin/sh -c '"'"'echo SUDO-SUCCESS-nyamsxiowxjuicxewlbnfaojqzneyfhj; /usr/bin/python /tmp/ansible-tmp-1406010170.17-83664497534334/copy'"'"''
<stg-intmon-app-02> EXEC /bin/sh -c 'rm -rf /tmp/ansible-tmp-1406010170.17-83664497534334/ >/dev/null 2>&1'
failed: [stg-intmon-app-02] => (item={'source': 'files/CAtrust.jks', 'destination': '/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks'}) => {"cur_context": ["system_u", "object_r", "nfs_t", "s0"], "failed": true, "gid": 501, "group": "oinstall", "input_was": ["system_u", "object_r", "default_t", "s0"], "item": {"destination": "/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks", "source": "files/CAtrust.jks"}, "md5sum": "6927b8279d5265ff0c97a9efee474ee6", "mode": "0664", "new_context": ["system_u", "object_r", "default_t", "s0"], "owner": "applmgr", "path": "/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/.CAtrust.jks.4439.1406010170.72", "secontext": "system_u:object_r:nfs_t:s0", "size": 15070, "state": "file", "uid": 503}
msg: invalid selinux context
FATAL: all hosts have already failed -- aborting
[root@stg-intmon-app-02 tmp]# ls -lZ /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/*.jks
-rwxr-x---. applmgr oinstall system_u:object_r:nfs_t:s0 /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/DemoIdentity.jks
-rwxr-x---. applmgr oinstall system_u:object_r:nfs_t:s0 /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/DemoTrust.jks
But this is OK when not on NFS
- name: Upload Weblogic silent install config
copy: src=files/standard_silent_wls_java6u45.xml dest=/home/applmgr/standard_silent_wls_java6u45.xml owner=applmgr group=oinstall mode=0644 backup=no
sudo_user: applmgr
TASK: [Upload Weblogic silent install config] *********************************
<stg-intmon-app-02> ESTABLISH CONNECTION FOR USER: systems on PORT 22 TO stg-intmon-app-02
<stg-intmon-app-02> EXEC /bin/sh -c 'sudo -k && sudo -H -S -p "[sudo via ansible, key=prjkakodhdaeiuduuzbbnbanwvumzjyc] password: " -u applmgr /bin/sh -c '"'"'echo SUDO-SUCCESS-prjkakodhdaeiuduuzbbnbanwvumzjyc; rc=0; [ -r "/home/applmgr/standard_silent_wls_java6u45.xml" ] || rc=2; [ -f "/home/applmgr/standard_silent_wls_java6u45.xml" ] || rc=1; [ -d "/home/applmgr/standard_silent_wls_java6u45.xml" ] && echo 3 && exit 0; (/usr/bin/md5sum /home/applmgr/standard_silent_wls_java6u45.xml 2>/dev/null) || (/sbin/md5sum -q /home/applmgr/standard_silent_wls_java6u45.xml 2>/dev/null) || (/usr/bin/digest -a md5 /home/applmgr/standard_silent_wls_java6u45.xml 2>/dev/null) || (/sbin/md5 -q /home/applmgr/standard_silent_wls_java6u45.xml 2>/dev/null) || (/usr/bin/md5 -n /home/applmgr/standard_silent_wls_java6u45.xml 2>/dev/null) || (/bin/md5 -q /home/applmgr/standard_silent_wls_java6u45.xml 2>/dev/null) || (/usr/bin/csum -h MD5 /home/applmgr/standard_silent_wls_java6u45.xml 2>/dev/null) || (/bin/csum -h MD5 /home/applmgr/standard_silent_wls_java6u45.xml 2>/dev/null) || (echo "${rc} /home/applmgr/standard_silent_wls_java6u45.xml")'"'"''
<stg-intmon-app-02> EXEC /bin/sh -c 'mkdir -p /tmp/ansible-tmp-1406009753.63-205073731489156 && chmod a+rx /tmp/ansible-tmp-1406009753.63-205073731489156 && echo /tmp/ansible-tmp-1406009753.63-205073731489156'
<stg-intmon-app-02> PUT /opt/playbook/intmon/roles/weblogic/tasks/files/standard_silent_wls_java6u45.xml TO /tmp/ansible-tmp-1406009753.63-205073731489156/source
<stg-intmon-app-02> EXEC /bin/sh -c 'chmod a+r /tmp/ansible-tmp-1406009753.63-205073731489156/source'
<stg-intmon-app-02> PUT /tmp/tmpjajnpT TO /tmp/ansible-tmp-1406009753.63-205073731489156/copy
<stg-intmon-app-02> EXEC /bin/sh -c 'chmod a+r /tmp/ansible-tmp-1406009753.63-205073731489156/copy'
<stg-intmon-app-02> EXEC /bin/sh -c 'sudo -k && sudo -H -S -p "[sudo via ansible, key=zjfkqcclaxexsimgzzuwwintokanbidr] password: " -u applmgr /bin/sh -c '"'"'echo SUDO-SUCCESS-zjfkqcclaxexsimgzzuwwintokanbidr; /usr/bin/python /tmp/ansible-tmp-1406009753.63-205073731489156/copy'"'"''
<stg-intmon-app-02> EXEC /bin/sh -c 'rm -rf /tmp/ansible-tmp-1406009753.63-205073731489156/ >/dev/null 2>&1'
changed: [stg-intmon-app-02] => {"changed": true, "dest": "/home/applmgr/standard_silent_wls_java6u45.xml", "gid": 501, "group": "oinstall", "md5sum": "1acef40ba022448b0f61b6b82384c96e", "mode": "0644", "owner": "applmgr", "secontext": "unconfined_u:object_r:user_home_t:s0", "size": 4059, "src": "/tmp/ansible-tmp-1406009753.63-205073731489156/source", "state": "file", "uid": 503}
[root@stg-intmon-app-02 applmgr]# ls -lZ /home/applmgr/*.xml
-rw-r--r--. applmgr oinstall unconfined_u:object_r:user_home_t:s0 /home/applmgr/standard_silent_wls_java6u45.xml
I tried specifying the SE options to force it, but that doesn't appear to work. My /tmp is local disk where Ansible first uploads the file, but the final destination /u01/app/oracle/product/fmw/wl_server_10.3/server/lib is on an NFS mount (hosted on Netapp). This issue only comes up on NFS. Using the copy module on a destination that is local disk like /home/applmgr has no issues.
I am thinking my work around is going to have to be issuing a move command after uploading the file to a path that is on the local file system. I am using Ansible 1.5.5.
- name: Install JKS for SSL
copy: src={{ item.source }} dest={{ item.destination }} owner=applmgr group=oinstall mode=0644 backup=yes seuser=_default serole=_default setype_default
with_items:
- { source: 'files/CAtrust.jks', destination: '/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks' }
sudo_user: applmgr
TASK: [Install JKS for SSL] ***************************************************
<stg-intmon-app-02> ESTABLISH CONNECTION FOR USER: systems on PORT 22 TO stg-intmon-app-02
<stg-intmon-app-02> EXEC /bin/sh -c 'sudo -k && sudo -H -S -p "[sudo via ansible, key=hyfpcveiujdsjplloxksrkpnccgbctjl] password: " -u applmgr /bin/sh -c '"'"'echo SUDO-SUCCESS-hyfpcveiujdsjplloxksrkpnccgbctjl; rc=0; [ -r "/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks" ] || rc=2; [ -f "/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks" ] || rc=1; [ -d "/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks" ] && echo 3 && exit 0; (/usr/bin/md5sum /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks 2>/dev/null) || (/sbin/md5sum -q /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks 2>/dev/null) || (/usr/bin/digest -a md5 /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks 2>/dev/null) || (/sbin/md5 -q /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks 2>/dev/null) || (/usr/bin/md5 -n /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks 2>/dev/null) || (/bin/md5 -q /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks 2>/dev/null) || (/usr/bin/csum -h MD5 /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks 2>/dev/null) || (/bin/csum -h MD5 /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks 2>/dev/null) || (echo "${rc} /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks")'"'"''
<stg-intmon-app-02> EXEC /bin/sh -c 'mkdir -p /tmp/ansible-tmp-1406010170.17-83664497534334 && chmod a+rx /tmp/ansible-tmp-1406010170.17-83664497534334 && echo /tmp/ansible-tmp-1406010170.17-83664497534334'
<stg-intmon-app-02> PUT /opt/playbook/intmon/roles/weblogic/tasks/files/CAtrust.jks TO /tmp/ansible-tmp-1406010170.17-83664497534334/source
<stg-intmon-app-02> EXEC /bin/sh -c 'chmod a+r /tmp/ansible-tmp-1406010170.17-83664497534334/source'
<stg-intmon-app-02> PUT /tmp/tmpTUjBR9 TO /tmp/ansible-tmp-1406010170.17-83664497534334/copy
<stg-intmon-app-02> EXEC /bin/sh -c 'chmod a+r /tmp/ansible-tmp-1406010170.17-83664497534334/copy'
<stg-intmon-app-02> EXEC /bin/sh -c 'sudo -k && sudo -H -S -p "[sudo via ansible, key=nyamsxiowxjuicxewlbnfaojqzneyfhj] password: " -u applmgr /bin/sh -c '"'"'echo SUDO-SUCCESS-nyamsxiowxjuicxewlbnfaojqzneyfhj; /usr/bin/python /tmp/ansible-tmp-1406010170.17-83664497534334/copy'"'"''
<stg-intmon-app-02> EXEC /bin/sh -c 'rm -rf /tmp/ansible-tmp-1406010170.17-83664497534334/ >/dev/null 2>&1'
failed: [stg-intmon-app-02] => (item={'source': 'files/CAtrust.jks', 'destination': '/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks'}) => {"cur_context": ["system_u", "object_r", "nfs_t", "s0"], "failed": true, "gid": 501, "group": "oinstall", "input_was": ["system_u", "object_r", "default_t", "s0"], "item": {"destination": "/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks", "source": "files/CAtrust.jks"}, "md5sum": "6927b8279d5265ff0c97a9efee474ee6", "mode": "0664", "new_context": ["system_u", "object_r", "default_t", "s0"], "owner": "applmgr", "path": "/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/.CAtrust.jks.4439.1406010170.72", "secontext": "system_u:object_r:nfs_t:s0", "size": 15070, "state": "file", "uid": 503}
msg: invalid selinux context
FATAL: all hosts have already failed -- aborting
[root@stg-intmon-app-02 tmp]# ls -lZ /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/*.jks
-rwxr-x---. applmgr oinstall system_u:object_r:nfs_t:s0 /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/DemoIdentity.jks
-rwxr-x---. applmgr oinstall system_u:object_r:nfs_t:s0 /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/DemoTrust.jks
But this is OK when not on NFS
- name: Upload Weblogic silent install config
copy: src=files/standard_silent_wls_java6u45.xml dest=/home/applmgr/standard_silent_wls_java6u45.xml owner=applmgr group=oinstall mode=0644 backup=no
sudo_user: applmgr
TASK: [Upload Weblogic silent install config] *********************************
<stg-intmon-app-02> ESTABLISH CONNECTION FOR USER: systems on PORT 22 TO stg-intmon-app-02
<stg-intmon-app-02> EXEC /bin/sh -c 'sudo -k && sudo -H -S -p "[sudo via ansible, key=prjkakodhdaeiuduuzbbnbanwvumzjyc] password: " -u applmgr /bin/sh -c '"'"'echo SUDO-SUCCESS-prjkakodhdaeiuduuzbbnbanwvumzjyc; rc=0; [ -r "/home/applmgr/standard_silent_wls_java6u45.xml" ] || rc=2; [ -f "/home/applmgr/standard_silent_wls_java6u45.xml" ] || rc=1; [ -d "/home/applmgr/standard_silent_wls_java6u45.xml" ] && echo 3 && exit 0; (/usr/bin/md5sum /home/applmgr/standard_silent_wls_java6u45.xml 2>/dev/null) || (/sbin/md5sum -q /home/applmgr/standard_silent_wls_java6u45.xml 2>/dev/null) || (/usr/bin/digest -a md5 /home/applmgr/standard_silent_wls_java6u45.xml 2>/dev/null) || (/sbin/md5 -q /home/applmgr/standard_silent_wls_java6u45.xml 2>/dev/null) || (/usr/bin/md5 -n /home/applmgr/standard_silent_wls_java6u45.xml 2>/dev/null) || (/bin/md5 -q /home/applmgr/standard_silent_wls_java6u45.xml 2>/dev/null) || (/usr/bin/csum -h MD5 /home/applmgr/standard_silent_wls_java6u45.xml 2>/dev/null) || (/bin/csum -h MD5 /home/applmgr/standard_silent_wls_java6u45.xml 2>/dev/null) || (echo "${rc} /home/applmgr/standard_silent_wls_java6u45.xml")'"'"''
<stg-intmon-app-02> EXEC /bin/sh -c 'mkdir -p /tmp/ansible-tmp-1406009753.63-205073731489156 && chmod a+rx /tmp/ansible-tmp-1406009753.63-205073731489156 && echo /tmp/ansible-tmp-1406009753.63-205073731489156'
<stg-intmon-app-02> PUT /opt/playbook/intmon/roles/weblogic/tasks/files/standard_silent_wls_java6u45.xml TO /tmp/ansible-tmp-1406009753.63-205073731489156/source
<stg-intmon-app-02> EXEC /bin/sh -c 'chmod a+r /tmp/ansible-tmp-1406009753.63-205073731489156/source'
<stg-intmon-app-02> PUT /tmp/tmpjajnpT TO /tmp/ansible-tmp-1406009753.63-205073731489156/copy
<stg-intmon-app-02> EXEC /bin/sh -c 'chmod a+r /tmp/ansible-tmp-1406009753.63-205073731489156/copy'
<stg-intmon-app-02> EXEC /bin/sh -c 'sudo -k && sudo -H -S -p "[sudo via ansible, key=zjfkqcclaxexsimgzzuwwintokanbidr] password: " -u applmgr /bin/sh -c '"'"'echo SUDO-SUCCESS-zjfkqcclaxexsimgzzuwwintokanbidr; /usr/bin/python /tmp/ansible-tmp-1406009753.63-205073731489156/copy'"'"''
<stg-intmon-app-02> EXEC /bin/sh -c 'rm -rf /tmp/ansible-tmp-1406009753.63-205073731489156/ >/dev/null 2>&1'
changed: [stg-intmon-app-02] => {"changed": true, "dest": "/home/applmgr/standard_silent_wls_java6u45.xml", "gid": 501, "group": "oinstall", "md5sum": "1acef40ba022448b0f61b6b82384c96e", "mode": "0644", "owner": "applmgr", "secontext": "unconfined_u:object_r:user_home_t:s0", "size": 4059, "src": "/tmp/ansible-tmp-1406009753.63-205073731489156/source", "state": "file", "uid": 503}
[root@stg-intmon-app-02 applmgr]# ls -lZ /home/applmgr/*.xml
-rw-r--r--. applmgr oinstall unconfined_u:object_r:user_home_t:s0 /home/applmgr/standard_silent_wls_java6u45.xml
Michael DeHaan
Jul 22, 2014, 8:09:19 AM7/22/14
to ansible...@googlegroups.com
First off, please don't run 1.5.5, the current version of Ansible is 1.6.7, and this contains security fixes which you most definitely want applied.
if you still see issues there, let us know.
I'd like to see the command from your playbook line and both the expected SELinux state and the desired SELinux state, or what you think the above problem is.
I am unclear in " tried specifying the SE options to force it, but that doesn't appear to work." what "doesn't work" means, in other words.
I'm of course not saying there is a problem, but this helps me understand more what you are looking for.
Thanks!
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/4515336c-d4dd-4baa-94bb-95f7d0a43340%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Melissa Tan
Jul 22, 2014, 5:13:37 PM7/22/14
to ansible...@googlegroups.com
I've updated to 1.6.6 now because that's what available in the yum EPEL repos. When 1.6.7 or higher is available, I can upgrade that package. Most things on our systems coming through our channel to RedHat Network or a user managed channel.
This is really weird now there is no problem now. Maybe there was something cached in /tmp from previous playbook runs when I did not specify seuser=system_u serole=object_r setype=nfs_t in the tasks or simply because I have now updated ansible to version 1.6.6.
I believe the previous problem is that the module is trying to set the SELinux context to be default_t. If I run the command on the server:
[root@stg-intmon-app-02 lib]# chcon -t default_t /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks
chcon: failed to change context of `/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks' to `system_u:object_r:default_t:s0': Operation not supported
[root@stg-intmon-app-02 lib]# ls -lZ /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks
-rw-r--r--. applmgr oinstall system_u:object_r:nfs_t:s0 /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks
This is really weird now there is no problem now. Maybe there was something cached in /tmp from previous playbook runs when I did not specify seuser=system_u serole=object_r setype=nfs_t in the tasks or simply because I have now updated ansible to version 1.6.6.
I believe the previous problem is that the module is trying to set the SELinux context to be default_t. If I run the command on the server:
[root@stg-intmon-app-02 lib]# chcon -t default_t /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks
chcon: failed to change context of `/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks' to `system_u:object_r:default_t:s0': Operation not supported
[root@stg-intmon-app-02 lib]# ls -lZ /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks
-rw-r--r--. applmgr oinstall system_u:object_r:nfs_t:s0 /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks
TASK: [Install JKS for SSL] ***************************************************
<stg-intmon-app-02> ESTABLISH CONNECTION FOR USER: systems on PORT 22 TO stg-intmon-app-02
<stg-intmon-app-02> ESTABLISH CONNECTION FOR USER: systems on PORT 22 TO stg-intmon-app-02
<stg-intmon-app-02> EXEC /bin/sh -c 'sudo -k && sudo -H -S -p "[sudo via ansible, key=lswacpkpjvajuonoykzhsynbeketkhzp] password: " -u applmgr /bin/sh -c '"'"'echo SUDO-SUCCESS-lswacpkpjvajuonoykzhsynbeketkhzp; rc=0; [ -r "/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks" ] || rc=2; [ -f "/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks" ] || rc=1; [ -d "/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks" ] && echo 3 && exit 0; (/usr/bin/md5sum /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks 2>/dev/null) || (/sbin/md5sum -q /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks 2>/dev/null) || (/usr/bin/digest -a md5 /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks 2>/dev/null) || (/sbin/md5 -q /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks 2>/dev/null) || (/usr/bin/md5 -n /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks 2>/dev/null) || (/bin/md5 -q /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks 2>/dev/null) || (/usr/bin/csum -h MD5 /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks 2>/dev/null) || (/bin/csum -h MD5 /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks 2>/dev/null) || (echo "${rc} /u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks")'"'"''
<stg-intmon-app-02> EXEC /bin/sh -c 'mkdir -p /tmp/ansible-tmp-1406062803.27-36447185215066 && chmod a+rx /tmp/ansible-tmp-1406062803.27-36447185215066 && echo /tmp/ansible-tmp-1406062803.27-36447185215066'
<stg-intmon-app-02> PUT /opt/playbook/intmon/roles/weblogic/tasks/files/CAtrust.jks TO /tmp/ansible-tmp-1406062803.27-36447185215066/source
<stg-intmon-app-02> EXEC /bin/sh -c 'chmod a+r /tmp/ansible-tmp-1406062803.27-36447185215066/source'
<stg-intmon-app-02> PUT /tmp/tmpQ6uefX TO /tmp/ansible-tmp-1406062803.27-36447185215066/copy
<stg-intmon-app-02> EXEC /bin/sh -c 'chmod a+r /tmp/ansible-tmp-1406062803.27-36447185215066/copy'
<stg-intmon-app-02> EXEC /bin/sh -c 'sudo -k && sudo -H -S -p "[sudo via ansible, key=pdborrdasyvrjoyqdfyshjewqfqpnsqr] password: " -u applmgr /bin/sh -c '"'"'echo SUDO-SUCCESS-pdborrdasyvrjoyqdfyshjewqfqpnsqr; LC_CTYPE=C LANG=C /usr/bin/python /tmp/ansible-tmp-1406062803.27-36447185215066/copy'"'"''
<stg-intmon-app-02> EXEC /bin/sh -c 'rm -rf /tmp/ansible-tmp-1406062803.27-36447185215066/ >/dev/null 2>&1'
changed: [stg-intmon-app-02] => (item={'source': 'files/CAtrust.jks', 'destination': '/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks'}) => {"changed": true, "dest": "/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks", "gid": 501, "group": "oinstall", "item": {"destination": "/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks", "source": "files/CAtrust.jks"}, "md5sum": "6927b8279d5265ff0c97a9efee474ee6", "mode": "0644", "owner": "applmgr", "secontext": "system_u:object_r:nfs_t:s0", "size": 15070, "src": "/tmp/ansible-tmp-1406062803.27-36447185215066/source", "state": "file", "uid": 503}
The Ansible task is:
<stg-intmon-app-02> EXEC /bin/sh -c 'mkdir -p /tmp/ansible-tmp-1406062803.27-36447185215066 && chmod a+rx /tmp/ansible-tmp-1406062803.27-36447185215066 && echo /tmp/ansible-tmp-1406062803.27-36447185215066'
<stg-intmon-app-02> PUT /opt/playbook/intmon/roles/weblogic/tasks/files/CAtrust.jks TO /tmp/ansible-tmp-1406062803.27-36447185215066/source
<stg-intmon-app-02> EXEC /bin/sh -c 'chmod a+r /tmp/ansible-tmp-1406062803.27-36447185215066/source'
<stg-intmon-app-02> PUT /tmp/tmpQ6uefX TO /tmp/ansible-tmp-1406062803.27-36447185215066/copy
<stg-intmon-app-02> EXEC /bin/sh -c 'chmod a+r /tmp/ansible-tmp-1406062803.27-36447185215066/copy'
<stg-intmon-app-02> EXEC /bin/sh -c 'sudo -k && sudo -H -S -p "[sudo via ansible, key=pdborrdasyvrjoyqdfyshjewqfqpnsqr] password: " -u applmgr /bin/sh -c '"'"'echo SUDO-SUCCESS-pdborrdasyvrjoyqdfyshjewqfqpnsqr; LC_CTYPE=C LANG=C /usr/bin/python /tmp/ansible-tmp-1406062803.27-36447185215066/copy'"'"''
<stg-intmon-app-02> EXEC /bin/sh -c 'rm -rf /tmp/ansible-tmp-1406062803.27-36447185215066/ >/dev/null 2>&1'
changed: [stg-intmon-app-02] => (item={'source': 'files/CAtrust.jks', 'destination': '/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks'}) => {"changed": true, "dest": "/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks", "gid": 501, "group": "oinstall", "item": {"destination": "/u01/app/oracle/product/fmw/wlserver_10.3/server/lib/CAtrust.jks", "source": "files/CAtrust.jks"}, "md5sum": "6927b8279d5265ff0c97a9efee474ee6", "mode": "0644", "owner": "applmgr", "secontext": "system_u:object_r:nfs_t:s0", "size": 15070, "src": "/tmp/ansible-tmp-1406062803.27-36447185215066/source", "state": "file", "uid": 503}
The Ansible task is:
- name: Install JKS for SSL
copy: src={{ item.source }} dest={{ item.destination }} owner=applmgr group=oinstall mode=0644 backup=yes seuser=system_u serole=object_r setype=nfs_t
Reply all
Reply to author
Forward
0 new messages