如何在lookup(ini)上进行特权升级

时间:2019-05-29 10:09:39

标签: ansible ini

我的test.yml 

      1 - name: Test ini
      2   hosts: localhost
      3   connection: local
      4   become: true
      5 
      6   tasks:
      7 
      8   - name: Verifying /etc/heat/heat.conf Configuration
      9     become_user: root
     10     become_method: sudo
     11     fail: msg="Unable to set in /etc/heat/heat.conf"
     12     when: "lookup('ini', 'max_resources_per_stack section=DEFAULT file=/etc/heat/heat.conf') != '-1'"

错误

$ ansible-playbook test.yml 
 [WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'


PLAY [Test ini] ***********************************************************************************************************************

TASK [Gathering Facts] ****************************************************************************************************************
ok: [localhost]

TASK [Verifying /etc/heat/heat.conf Configuration] ************************************************************************************
fatal: [localhost]: FAILED! => {"msg": "The conditional check 'lookup('ini', 'max_resources_per_stack section=DEFAULT file=/etc/heat/heat.conf') != '-1'' failed. The error was: An unhandled exception occurred while running the lookup plugin 'ini'. Error was a <class 'ansible.errors.AnsibleParserError'>, original message: an error occurred while trying to read the file '/etc/heat/heat.conf': [Errno 13] Permission denied: '/etc/heat/heat.conf'\n\nThe error appears to have been in '/home/stack/test.yml': line 8, column 5, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n  - name: Verifying /etc/heat/heat.conf Configuration\n    ^ here\n"}
    to retry, use: --limit @/home/stack/test.retry

PLAY RECAP ****************************************************************************************************************************
localhost                  : ok=1    changed=0    unreachable=0    failed=1

我不知道为什么它不起作用?在未指定ini_filebecome_user的情况下,ini文件修改可用于become_user。但这不适用于lookup吗?甚至我也可以在Shell中运行crudini --get命令。

$ ls -la /etc/heat/heat.conf 
-rw-r-----. 1 root heat 85196 May 29 01:39 /etc/heat/heat.conf

更新

仅当我使用sudo之类的sudo ansible-playbook ini_test.yml运行剧本时,该剧本才能工作

UPDATE2

ansible 2.6.11

1 个答案:

答案 0 :(得分:0)

bug

使用文件/ root / test 

> ll /root/test
-rw-r----- 1 root root 30 May 29 15:09 /root/test

剧本

- hosts: localhost
  become_user: root
  become_method: sudo
  become: yes
  tasks:
    - command: whoami
      register: result
    - debug:
        var: result.stdout
    - name: read the file
      debug:
        msg: "{{ lookup('file', '/root/test') }}"

给予(节略):

ok: [localhost] => {
    "result.stdout": "root"
}
TASK [read the file]
fatal: [localhost]: FAILED! => {"msg": "An unhandled exception occurred while running the lookup plugin 'file'. Error was a <class 'ansible.errors.AnsibleError'>, original message: could not locate file in lookup: /root/test"}

所有人都可以阅读

> ll /root/test
-rw-r--r-- 1 root root 30 May 29 15:09 /root/test

剧本按预期工作并提供(删节):

TASK [read the file]
ok: [localhost] => {
    "msg": "Wed May 29 15:09:43 CEST 2019"
}

作记录。 How should you answer questions that lead to bug reports?

相关问题
最新问题