尝试通过ansible在macOS上创建用户

时间:2018-04-02 20:27:34

标签: ansible

我有一个可以在Linux上运行的ansible playbook,但在macOS上失败并出现了一个奇怪的错误。

- name: Create the watcher user member of the watchers group
  user:
    comment: "Read-only user for folks to inspect builds"
    name: "{{ watch_user }}"
    group: watchers
    state: present
    shell: /bin/bash
    createhome: yes
    home: "{{ watch_user_home }}"
  become: yes
  when: watch_user_enabled

当它在Mac上运行时,我得到:

Traceback (most recent call last):
  File "/tmp/ansible_jfT4nc/ansible_module_user.py", line 2278, in <module>
    main()
  File "/tmp/ansible_jfT4nc/ansible_module_user.py", line 2235, in main
    info = user.user_info()
  File "/tmp/ansible_jfT4nc/ansible_module_user.py", line 618, in user_info
    info = self.get_pwd_info()
  File "/tmp/ansible_jfT4nc/ansible_module_user.py", line 613, in get_pwd_info
    return list(pwd.getpwnam(self.name))
KeyError: 'getpwnam(): name not found: watcher'

所以,有两部分问题:

  1. 如何访问/tmp/ansible_jfT4nc/ansible_module_user.py?一世 尝试了keep_remote_files,似乎无法正常工作
  2. 为什么它会失败呢?

1 个答案:

答案 0 :(得分:2)

以下是在Mac上创建用户时运行的命令

sudo dscl . -create /Users/username
sudo dscl . -create /Users/username UserShell /bin/bash
sudo dscl . -create /Users/username RealName "John Smith"
sudo dscl . -create /Users/username UniqueID 1001
sudo dscl . -create /Users/username PrimaryGroupID 1000
sudo dscl . -create /Users/username NFSHomeDirectory /Local/Users/username
sudo dscl . -passwd /Users/username password
sudo dscl . -append /Groups/admin GroupMembership username

执行第一个命令后,系统上实际存在user。现在,当ansible运行并且由于某种原因无法运行用户的后创建步骤时,下一次操作可能会失败。重现相同的一种方法是将用户目录设置为某个不存在的父文件夹,让第一次运行失败,更新yaml并再次运行

- name: Do this
  hosts: localhost
  tasks:
  - name: Create the group
    group:
      name: watchers
      state: present
  - name: Create the watcher user member of the watchers group
    user:
      comment: "Read-only user for folks to inspect builds"
      name: watcher
      group: watchers
      #password: test
      state: present
      shell: /bin/bash
      createhome: yes
      home: "/home/watcher"

第一次运行剧本会产生以下错误

The full traceback is:
Traceback (most recent call last):
  File "/tmp/ansible_rLmVcE/ansible_module_user.py", line 2255, in <module>
    main()
  File "/tmp/ansible_rLmVcE/ansible_module_user.py", line 2185, in main
    (rc, out, err) = user.create_user()
  File "/tmp/ansible_rLmVcE/ansible_module_user.py", line 1740, in create_user
    os.makedirs(self.home)
  File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/os.py", line 157, in makedirs
    mkdir(name, mode)
OSError: [Errno 45] Operation not supported: '/home/watcher'

fatal: [127.0.0.1]: FAILED! => {
    "changed": false,
    "module_stderr": "Traceback (most recent call last):\n  File \"/tmp/ansible_rLmVcE/ansible_module_user.py\", line 2255, in <module>\n    main()\n  File \"/tmp/ansible_rLmVcE/ansible_module_user.py\", line 2185, in main\n    (rc, out, err) = user.create_user()\n  File \"/tmp/ansible_rLmVcE/ansible_module_user.py\", line 1740, in create_user\n    os.makedirs(self.home)\n  File \"/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/os.py\", line 157, in makedirs\n    mkdir(name, mode)\nOSError: [Errno 45] Operation not supported: '/home/watcher'\n",
    "module_stdout": "",
    "msg": "MODULE FAILURE",
    "rc": 1
}

现在纠正文件夹错误后,如果重新运行playbook,错误将变为

The full traceback is:
Traceback (most recent call last):
  File "/tmp/ansible_18GFi3/ansible_module_user.py", line 2255, in <module>
    main()
  File "/tmp/ansible_18GFi3/ansible_module_user.py", line 2211, in main
    info = user.user_info()
  File "/tmp/ansible_18GFi3/ansible_module_user.py", line 597, in user_info
    info = self.get_pwd_info()
  File "/tmp/ansible_18GFi3/ansible_module_user.py", line 592, in get_pwd_info
    return list(pwd.getpwnam(self.name))
KeyError: 'getpwnam(): name not found: watcher'

fatal: [127.0.0.1]: FAILED! => {
    "changed": false,
    "module_stderr": "Traceback (most recent call last):\n  File \"/tmp/ansible_18GFi3/ansible_module_user.py\", line 2255, in <module>\n    main()\n  File \"/tmp/ansible_18GFi3/ansible_module_user.py\", line 2211, in main\n    info = user.user_info()\n  File \"/tmp/ansible_18GFi3/ansible_module_user.py\", line 597, in user_info\n    info = self.get_pwd_info()\n  File \"/tmp/ansible_18GFi3/ansible_module_user.py\", line 592, in get_pwd_info\n    return list(pwd.getpwnam(self.name))\nKeyError: 'getpwnam(): name not found: watcher'\n",
    "module_stdout": "",
    "msg": "MODULE FAILURE",
    "rc": 1
}

这是因为该模块正在进行一些假设,因此它是mac用户模块中的一个错误。

现在让我们使用

删除我们的用户 
dscl . -delete /Users/watcher

再次尝试剧本,现在你将得到正确的输出

changed: [127.0.0.1] => {
    "changed": true,
    "comment": "Read-only user for folks to inspect builds",
    "create_home": true,
    "group": 501,
    "home": "/Users/watcher",
    "invocation": {
        "module_args": {
            "append": false,
            "comment": "Read-only user for folks to inspect builds",
            "create_home": true,
            "createhome": true,
            "expires": null,
            "force": false,
            "generate_ssh_key": null,
            "group": "watchers",
            "groups": null,
            "home": "/Users/watcher",
            "local": null,
            "login_class": null,
            "move_home": false,
            "name": "watcher",
            "non_unique": false,
            "password": null,
            "remove": false,
            "seuser": null,
            "shell": "/bin/bash",
            "skeleton": null,
            "ssh_key_bits": 0,
            "ssh_key_comment": "ansible-generated on TarunLalwani-2.local",
            "ssh_key_file": null,
            "ssh_key_passphrase": null,
            "ssh_key_type": "rsa",
            "state": "present",
            "system": false,
            "uid": null,
            "update_password": "always"
        }
    },
    "name": "watcher",
    "shell": "/bin/bash",
    "state": "present",
    "system": false,
    "uid": 615130252
}

你可以在他们的github repo上打开这个问题。

相关问题
最新问题