Reputation: 3625
Permission denied when ansible tries to create a directory with sudo
I have a roles/ec2/tasks/main.yml that is trying to create a folder:
---
- name: Mkdir /opt/applications
file: path=/opt/applications state=directory
it is called in the roles of start.yml:
- hosts: tag_composant_XXX:&tag_Name_XXX-sandbox
remote_user: ec2-user
vars:
ec2_ami_name: XXX-base-{{ ansible_date_time.year }}-{{ ansible_date_time.month }}-{{ ansible_date_time.day }}
ec2_ami_description: Ami to launch XXX
instance_tag_environnement: XXX
roles:
- {role: ec2, sudo: true}
it is saying that
failed: [x.x.x.x] => {"failed": true, "parsed": false}
Traceback (most recent call last):
File "/home/ec2usr/.ansible/tmp/ansible-tmp-1438095761.0-196976221154211/file", line 1994, in <module>
main()
File "/home/ec2usr/.ansible/tmp/ansible-tmp-1438095761.0-196976221154211/file", line 279, in main
os.mkdir(curpath)
OSError: [Errno 13] Permission denied: '/opt/applications'
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /home/xxx/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: auto-mux: Trying existing master
debug2: fd 3 setting O_NONBLOCK
debug2: mux_client_hello_exchange: master version 4
debug3: mux_client_forwards: request forwardings: 0 local, 0 remote
debug3: mux_client_request_session: entering
debug3: mux_client_request_alive: entering
debug3: mux_client_request_alive: done pid = 4869
debug3: mux_client_request_session: session request sent
debug1: mux_client_request_session: master session id: 2
debug3: mux_client_read_packet: read header failed: Broken pipe
debug2: Received exit status from master 0
Shared connection to x.x.x.x closed.
The execution is done via:
ansible-playbook --private-key=~/.ssh/key -vvvv -i ../ec2.py start.yml
(I have not touched the py script)
It worked before changing the ansible version (see this). What I have done more than just uninstalling + installing ansible, is that I have removed some folders in ~/.ansible/tmp/ (something like ansible-tmp-1438095761.0-196976221154211/, but I do not remember the names exactly). Is it a problem because of it?
I have managed to connect to the EC2 instance manually and create the folder, but with Ansible it seems not to work. Why? What is the problem?
Upvotes: 2
Views: 22371
Answers (2)
Reputation: 601
Not sure if this was possible before. But one can define this directly at the task level now e.g.
- name: Mkdir /opt/applications
file:
path=/opt/applications
state=directory
become: yes
also https://docs.ansible.com/ansible/2.7/user_guide/become.html might help with further questions
Upvotes: 6
Reputation: 3625
Based on all the comments I am making an answer to this question:
Accordingly to the discussions on the forum of Ansible's repo there was a role level break. So it will be better to switch to 1.9.1 version. What is more, there was another change in the roles: sudo has changed to become (as mentioned in another question's answer). And that seems to fix my problem even if the docs says that sudo still works.
I have replaced:
- {role: ec2, sudo: true}
by
- {role: ec2, become: yes}
Upvotes: 3
Related Questions
- Unable to create a directory using Ansible
- Creating a directory on Ubuntu using ansible playbook
- Error permission for Write in path with Ansible
- Ansible permission problems
- Ansible amazon linux Permission denied (publickey)
- error creating a new ec2 volume with ansible
- Ansible Synchronize not able to create directory as root
- Having trouble provisioning EC2 instances using Ansible
- Ansible permission issue
- Create EC2 Instance by Ansible Failed with ec2: error: unrecognized arguments: