chown failed

1,497 views
Skip to first unread message

MangusB rother

unread,
May 13, 2016, 11:47:54 AM5/13/16
to Ansible Project
I am getting a "chown failed" error when i am running the file module to try and chown an archive file on my machine using ansible. I have no clue what this could be caused by. Help please :)

I have the following role:

---
- name: MyDesc
  file:
    path: "{{path}}"
    owner: "{{owner}}"
    group: "{{group}}"
    mode: "{{mode}}"
    force: true
    state: directory
    recurse: true
  ignore_errors: "{{ error_ignore_flag }}"

and i am calling it as follows through ansible tower:

name: Test
  hosts: "{{GLB_ansible_tower_machine}}"
  remote_user: "{{GLB_remote_user}}"
  become: yes
  become_user: "{{GLB_remote_user}}"
  become_method: sudo
  
  roles:
    - { role: file_chown, path: "/tmp/upload.ear", owner: "myUser", group: "myUser", mode: "0750", error_ignore_flag: no }

I am running this as a user who has sudo access. And /tmp/upload.ear is an archive file with the following properties:

 ls -lahZ /tmp | grep upload.ear
-rw-r-----. myAnsibleTowerUser myAnsibleTowerUser unconfined_u:object_r:user_tmp_t:s0 upload.ear


When I run this however I get the following:

{
  "group": "my_group",
  "uid": 11111111,
  "changed": false,
  "failed": true,
  "state": "directory",
  "gid": 11111111,
  "secontext": "unconfined_u:object_r:user_tmp_t:s0",
  "mode": "0750",
  "msg": "chown failed",
  "owner": "myAnsibleTowerUser",
  "path": "/tmp/upload.ear",
  "size": 6,
  "_ansible_no_log": false,
  "play": "Test",
  "task": "file_chown : MyDesc",
  "role": "file_chown",
  "ignore_errors": false,
  "status": "failed",
  "module_name": "file",
  "module_args": {
    "directory_mode": null,
    "force": true,
    "remote_src": null,
    "path": "/tmp/upload.ear",
    "owner": "myUser",
    "follow": false,
    "group": "myUser",
    "state": "directory",
    "content": null,
    "serole": null,
    "diff_peek": null,
    "setype": null,
    "selevel": null,
    "original_basename": null,
    "regexp": null,
    "validate": null,
    "src": null,
    "seuser": null,
    "recurse": true,
    "delimiter": null,
    "mode": "0750",
    "backup": null
  },
  "created": "2016-05-13T15:38:12.022Z",
  "host_id": 12,
  "host_name": "myHost",
  "id": 11111,
  "parent": 11222,
  "event": "Host Failed"
}

Johannes Kastl

unread,
May 13, 2016, 3:58:00 PM5/13/16
to ansible...@googlegroups.com
On 13.05.16 17:45 MangusB rother wrote:

> name: Test
> hosts: "{{GLB_ansible_tower_machine}}"
> remote_user: "{{GLB_remote_user}}"
> become: yes
> become_user: "{{GLB_remote_user}}"

Normally you want to elevate your rights to root, so this should be
"become_user: root". Now you elevate to yourself again...

Johannes

signature.asc

MangusB rother

unread,
May 15, 2016, 2:51:37 AM5/15/16
to Ansible Project
The remote user has sudo access though so there is no need to become root directly.

Johannes Kastl

unread,
May 15, 2016, 3:17:22 AM5/15/16
to ansible...@googlegroups.com
On 15.05.16 08:51 MangusB rother wrote:
> The remote user has sudo access though so there is no need to become root
> directly.

Do your homework and read the docs.
https://docs.ansible.com/become.html

become is the new name for what was sudo in previous ansible releases.

become means you elevate your rights. And in the default it uses sudo.
But as you can use su, pbrun and some others now it was renamed to
"become".

become: yes
become_method: sudo

But if you sudo to your user (the same user issuing the sudo command)
you don't get any more rights than you have. Clear now?

If you just omit that line it should work, as sudo normally uses
become_user root...

Johannes

signature.asc
Reply all
Reply to author
Forward
0 new messages