Re: [ansible-project] copy fails for group ownership
It works :)
I am using 1.8.1.
kl. 17:54:30 UTC+1 onsdag 5. november 2014 skrev tkuratomi følgende:
>
> From earlier on the thread 1.7.1
>
> And yes, there have been some fixes to the devel branch related to owner
> and group since 1.7.1 that might be the cause of this. In addition to the
> two you've linked to, Stein, I believe there's a third where specifying the
> file name rather than the directory as the destination was a work around.
>
> If you can checkout the development branch from git to test, that would
> confirm whether we've already fixed this for the next version or not. Some
> of those fixes may also have been pulled into the 1.7.2 release - the
> timing is right but I don't recall whether they were added to that release
> or are waiting on 1.8.
>
> -Toshio
> On Nov 5, 2014 6:31 AM, "Michael DeHaan" >
> wrote:
>
>> Can you please share what version of Ansible you are using?
>>
>> (ansible --version)
>>
>> Thanks!
>>
>>
>>
>> On Wed, Nov 5, 2014 at 7:32 AM, Stein Inge Morisbak > > wrote:
>>
>>> Hi!
>>>
>>> It took some time before i could look into this. Anyway, I think it has
>>> to do with this issue: https://github.com/ansible/ansible/issues/7372
>>>
>>> The template-module always does `chown`, and that will not work when
>>> running as a non-root user when the files are owned by root even if the
>>> group has write permission.
>>>
>>> - Stein Inge
>>>
>>> kl. 14:35:36 UTC+2 onsdag 10. september 2014 skrev Michael DeHaan
>>> følgende:
Yeah, please let us know.
One point of clarification - I think you may possibly be confusing
SELinux and ACLs, which are different things.
ACLs do not come from SELinux, they are managed by setfacl/etc.
(There's also a handy acl module in Ansible!)
On Wed, Sep 10, 2014 at 7:32 AM, Stein Inge Morisbak
wrote:
> Sorry about the tarball. It won't happen again.
>
> After some further investigation it seems that it might have something
> to do with SELinux ACL after all. The httpd directory in /etc/httpd/conf
> has a dot after its access list (drwxr-xr-x.). I don't know if this is
> the
> problem yet, but I will do some further investigations. Thanks for
> mentioning SELinux.
>
> I will keep you posted.
>
> 2014-09-10 12:26 GMT+02:00 Abubakr-Sadik Nii Nai Davis <
> dwa...@gmail.com>:
>
>> Well noted.
>>
>> On Tuesday, September 9, 2014 7:13:49 PM UTC, Michael DeHaan wrote:
>>>
>>> As a general rule, I don't crack open tarballs attached to the list
>>> - and I would request that since there are thousands of users on this
>>> list
>>> we don't start using it for attachments.
>>>
>>> (I'm not sure I can turn it off).
>>>
>>> A gist or github repo would be welcome, or even pastebin for smaller
>>> things.
>>>
>>> In many cases, it can just be shown inline.
>>>
>>>
>>>
>>> On Tue, Sep 9, 2014 at 12:21 PM, Stein Inge Morisbak <
>>> ste...@gmail.com> wrote:
>>>
I have attached the whole shebang to reproduce it.
Requirements is:
- the same username on the server set up with an authorized key and
belonging to a group.
- A file: /etc/httpd/conf/httpd.conf owned by a different user,
but writable for the group the first user belongs to.
2014-09-09 17:45 GMT+02:00 Michael DeHaan :
> Can you show more of the playbook in context?
>
> I'm missing task names and such and wanted to be clear about
> something.
>
> I may have some other questions after that.
>
>
>
> On Mon, Sep 8, 2014 at 5:51 PM, Stein Inge Morisbak <
> ste...@gmail.com> wrote:
>
>> Yup. It is non-sudo and non-root.
>>
>> $ ansible --version
>> ansible 1.7.1
>>
>> stanza:
>> ---
>> - hosts: myservers
>> roles:
>> - httpd
>> remote_user: "{{ lookup('env','USER') }}"
>> gather_facts: False
>> sudo: False
>>
>> $ ansible-playbook -i test myservers.yml
>> fatal: [my-box] => failed to parse: {"msg": "Could not replace
>> file: /home/steinim/.ansible/tmp/ansible-tmp-1410212872.62-
>> 18948176608778/source to /etc/httpd/conf/httpd.conf: [Errno 1]
>> Operation not permitted:
>> '/etc/httpd/conf/.ansible_tmpy33qxVhttpd.conf'",
>> "failed": true}
>> Exception OSError: (2, 'No such file or directory',
>> '/etc/httpd/conf/.ansible_tmpy33qxVhttpd.conf') in > _TemporaryFileWrapper.__del__ of ', mode 'w+b'
>> at
>> 0x1e946f0>> ignored
>>
>> Since I am in the group developers and have write access to the
>> file and directory I would expect
Re: [ansible-project] copy fails for group ownership
>From earlier on the thread 1.7.1
And yes, there have been some fixes to the devel branch related to owner
and group since 1.7.1 that might be the cause of this. In addition to the
two you've linked to, Stein, I believe there's a third where specifying the
file name rather than the directory as the destination was a work around.
If you can checkout the development branch from git to test, that would
confirm whether we've already fixed this for the next version or not. Some
of those fixes may also have been pulled into the 1.7.2 release - the
timing is right but I don't recall whether they were added to that release
or are waiting on 1.8.
-Toshio
On Nov 5, 2014 6:31 AM, "Michael DeHaan" wrote:
> Can you please share what version of Ansible you are using?
>
> (ansible --version)
>
> Thanks!
>
>
>
> On Wed, Nov 5, 2014 at 7:32 AM, Stein Inge Morisbak
> wrote:
>
>> Hi!
>>
>> It took some time before i could look into this. Anyway, I think it has
>> to do with this issue: https://github.com/ansible/ansible/issues/7372
>>
>> The template-module always does `chown`, and that will not work when
>> running as a non-root user when the files are owned by root even if the
>> group has write permission.
>>
>> - Stein Inge
>>
>> kl. 14:35:36 UTC+2 onsdag 10. september 2014 skrev Michael DeHaan
>> følgende:
>>>
>>> Yeah, please let us know.
>>>
>>> One point of clarification - I think you may possibly be confusing
>>> SELinux and ACLs, which are different things.
>>>
>>> ACLs do not come from SELinux, they are managed by setfacl/etc.
>>>
>>> (There's also a handy acl module in Ansible!)
>>>
>>>
>>>
>>>
>>> On Wed, Sep 10, 2014 at 7:32 AM, Stein Inge Morisbak
>>> wrote:
>>>
Sorry about the tarball. It won't happen again.
After some further investigation it seems that it might have something
to do with SELinux ACL after all. The httpd directory in /etc/httpd/conf
has a dot after its access list (drwxr-xr-x.). I don't know if this is the
problem yet, but I will do some further investigations. Thanks for
mentioning SELinux.
I will keep you posted.
2014-09-10 12:26 GMT+02:00 Abubakr-Sadik Nii Nai Davis <
dwa...@gmail.com>:
> Well noted.
>
> On Tuesday, September 9, 2014 7:13:49 PM UTC, Michael DeHaan wrote:
>>
>> As a general rule, I don't crack open tarballs attached to the list -
>> and I would request that since there are thousands of users on this list
>> we
>> don't start using it for attachments.
>>
>> (I'm not sure I can turn it off).
>>
>> A gist or github repo would be welcome, or even pastebin for smaller
>> things.
>>
>> In many cases, it can just be shown inline.
>>
>>
>>
>> On Tue, Sep 9, 2014 at 12:21 PM, Stein Inge Morisbak <
>> ste...@gmail.com> wrote:
>>
>>> I have attached the whole shebang to reproduce it.
>>>
>>> Requirements is:
>>> - the same username on the server set up with an authorized key and
>>> belonging to a group.
>>> - A file: /etc/httpd/conf/httpd.conf owned by a different user, but
>>> writable for the group the first user belongs to.
>>>
>>>
>>>
>>> 2014-09-09 17:45 GMT+02:00 Michael DeHaan :
>>>
Can you show more of the playbook in context?
I'm missing task names and such and wanted to be clear about
something.
I may have some other questions after that.
On Mon, Sep 8, 2014 at 5:51 PM, Stein Inge Morisbak <
ste...@gmail.com> wrote:
> Yup. It is non-sudo and non-root.
>
> $ ansible --version
> ansible 1.7.1
>
> stanza:
> ---
> - hosts: myservers
> roles:
> - httpd
> remote_user: "{{ lookup('env','USER') }}"
> gather_facts: False
> sudo: False
>
> $ ansible-playbook -i test myservers.yml
> fatal: [my-box] => failed to parse: {"msg": "Could not replace
> file:
> /home/steinim/.ansible/tmp/ansible-tmp-1410212872.62-18948176608778/source
> to /etc/httpd/conf/httpd.conf: [Errno 1] Operation not permitted:
> '/etc/httpd/conf/.ansible_tmpy33qxVhttpd.conf'", "failed": true}
> Exception OSError: (2, 'No such file or directory',
> '/etc/httpd/conf/.ansible_tmpy33qxVhttpd.conf') in _TemporaryFileWrapper.__del__ of ', mode 'w+b'
> at
> 0x1e946f0>> ignored
>
> Since I am in the group developers and have write access to the
> file and directory I would expect that I can overwrite the file.
>
>
> kl. 23:36:02 UTC+2 mandag 8. september 2014 skrev Michael DeHaan
> følgende:
>>
>> Can you please share the ansible --version as well as the command
>> line invocation you are using and the stanza of your playbook?
Re: [ansible-project] copy fails for group ownership
2014-11-05 15:31 GMT+01:00 Michael DeHaan : > ansible --version ansible 1.7.2 -- - Stein Inge -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAJJkzbaJnFKHiYxMt2u33%2BxOCNhqkutiZZf7%3DFAeXsv4gbU04w%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] copy fails for group ownership
Can you please share what version of Ansible you are using?
(ansible --version)
Thanks!
On Wed, Nov 5, 2014 at 7:32 AM, Stein Inge Morisbak
wrote:
> Hi!
>
> It took some time before i could look into this. Anyway, I think it has to
> do with this issue: https://github.com/ansible/ansible/issues/7372
>
> The template-module always does `chown`, and that will not work when
> running as a non-root user when the files are owned by root even if the
> group has write permission.
>
> - Stein Inge
>
> kl. 14:35:36 UTC+2 onsdag 10. september 2014 skrev Michael DeHaan følgende:
>>
>> Yeah, please let us know.
>>
>> One point of clarification - I think you may possibly be confusing
>> SELinux and ACLs, which are different things.
>>
>> ACLs do not come from SELinux, they are managed by setfacl/etc.
>>
>> (There's also a handy acl module in Ansible!)
>>
>>
>>
>>
>> On Wed, Sep 10, 2014 at 7:32 AM, Stein Inge Morisbak
>> wrote:
>>
>>> Sorry about the tarball. It won't happen again.
>>>
>>> After some further investigation it seems that it might have something
>>> to do with SELinux ACL after all. The httpd directory in /etc/httpd/conf
>>> has a dot after its access list (drwxr-xr-x.). I don't know if this is the
>>> problem yet, but I will do some further investigations. Thanks for
>>> mentioning SELinux.
>>>
>>> I will keep you posted.
>>>
>>> 2014-09-10 12:26 GMT+02:00 Abubakr-Sadik Nii Nai Davis >> >:
>>>
Well noted.
On Tuesday, September 9, 2014 7:13:49 PM UTC, Michael DeHaan wrote:
>
> As a general rule, I don't crack open tarballs attached to the list -
> and I would request that since there are thousands of users on this list
> we
> don't start using it for attachments.
>
> (I'm not sure I can turn it off).
>
> A gist or github repo would be welcome, or even pastebin for smaller
> things.
>
> In many cases, it can just be shown inline.
>
>
>
> On Tue, Sep 9, 2014 at 12:21 PM, Stein Inge Morisbak > wrote:
>
>> I have attached the whole shebang to reproduce it.
>>
>> Requirements is:
>> - the same username on the server set up with an authorized key and
>> belonging to a group.
>> - A file: /etc/httpd/conf/httpd.conf owned by a different user, but
>> writable for the group the first user belongs to.
>>
>>
>>
>> 2014-09-09 17:45 GMT+02:00 Michael DeHaan :
>>
>>> Can you show more of the playbook in context?
>>>
>>> I'm missing task names and such and wanted to be clear about
>>> something.
>>>
>>> I may have some other questions after that.
>>>
>>>
>>>
>>> On Mon, Sep 8, 2014 at 5:51 PM, Stein Inge Morisbak <
>>> ste...@gmail.com> wrote:
>>>
Yup. It is non-sudo and non-root.
$ ansible --version
ansible 1.7.1
stanza:
---
- hosts: myservers
roles:
- httpd
remote_user: "{{ lookup('env','USER') }}"
gather_facts: False
sudo: False
$ ansible-playbook -i test myservers.yml
fatal: [my-box] => failed to parse: {"msg": "Could not replace
file:
/home/steinim/.ansible/tmp/ansible-tmp-1410212872.62-18948176608778/source
to /etc/httpd/conf/httpd.conf: [Errno 1] Operation not permitted:
'/etc/httpd/conf/.ansible_tmpy33qxVhttpd.conf'", "failed": true}
Exception OSError: (2, 'No such file or directory',
'/etc/httpd/conf/.ansible_tmpy33qxVhttpd.conf') in >>> _TemporaryFileWrapper.__del__ of ', mode 'w+b' at
0x1e946f0>> ignored
Since I am in the group developers and have write access to the
file and directory I would expect that I can overwrite the file.
kl. 23:36:02 UTC+2 mandag 8. september 2014 skrev Michael DeHaan
følgende:
>
> Can you please share the ansible --version as well as the command
> line invocation you are using and the stanza of your playbook?
>
> Sounds like you are doing something non-sudo most likely, or non
> root, that doesn't have enough permissions.
>
>
>
> On Mon, Sep 8, 2014 at 7:50 AM, Stein Inge Morisbak <
> ste...@gmail.com> wrote:
>
>> I am trying to run the following task:
>>
>> - name: copy httpd.conf to /etc/httpd/conf folder
>> copy: src=httpd.conf dest="/etc/httpd/conf"
>>
>> Ownership on the server is:
>>
>> drwxrwsr-x 2 root developers 4096 Sep 8 13:33 .
>> drwxrwsr-x 5 root developers 4096 Sep 4 17:51 ..
>> -rw-rw-r-- 1 root developers 34744 Apr 3 16:01 httpd.conf
>>
>> I am a member of the developers group. The directory and file has
>> write permission for the developers group. However the task fails
>> with thi
Re: [ansible-project] copy fails for group ownership
Hi!
It took some time before i could look into this. Anyway, I think it has to
do with this issue: https://github.com/ansible/ansible/issues/7372
The template-module always does `chown`, and that will not work when
running as a non-root user when the files are owned by root even if the
group has write permission.
- Stein Inge
kl. 14:35:36 UTC+2 onsdag 10. september 2014 skrev Michael DeHaan følgende:
>
> Yeah, please let us know.
>
> One point of clarification - I think you may possibly be confusing SELinux
> and ACLs, which are different things.
>
> ACLs do not come from SELinux, they are managed by setfacl/etc.
>
> (There's also a handy acl module in Ansible!)
>
>
>
>
> On Wed, Sep 10, 2014 at 7:32 AM, Stein Inge Morisbak > wrote:
>
>> Sorry about the tarball. It won't happen again.
>>
>> After some further investigation it seems that it might have something to
>> do with SELinux ACL after all. The httpd directory in /etc/httpd/conf has a
>> dot after its access list (drwxr-xr-x.). I don't know if this is the
>> problem yet, but I will do some further investigations. Thanks for
>> mentioning SELinux.
>>
>> I will keep you posted.
>>
>> 2014-09-10 12:26 GMT+02:00 Abubakr-Sadik Nii Nai Davis > >:
>>
>>> Well noted.
>>>
>>> On Tuesday, September 9, 2014 7:13:49 PM UTC, Michael DeHaan wrote:
As a general rule, I don't crack open tarballs attached to the list -
and I would request that since there are thousands of users on this list
we
don't start using it for attachments.
(I'm not sure I can turn it off).
A gist or github repo would be welcome, or even pastebin for smaller
things.
In many cases, it can just be shown inline.
On Tue, Sep 9, 2014 at 12:21 PM, Stein Inge Morisbak
wrote:
> I have attached the whole shebang to reproduce it.
>
> Requirements is:
> - the same username on the server set up with an authorized key and
> belonging to a group.
> - A file: /etc/httpd/conf/httpd.conf owned by a different user, but
> writable for the group the first user belongs to.
>
>
>
> 2014-09-09 17:45 GMT+02:00 Michael DeHaan :
>
>> Can you show more of the playbook in context?
>>
>> I'm missing task names and such and wanted to be clear about
>> something.
>>
>> I may have some other questions after that.
>>
>>
>>
>> On Mon, Sep 8, 2014 at 5:51 PM, Stein Inge Morisbak > > wrote:
>>
>>> Yup. It is non-sudo and non-root.
>>>
>>> $ ansible --version
>>> ansible 1.7.1
>>>
>>> stanza:
>>> ---
>>> - hosts: myservers
>>> roles:
>>> - httpd
>>> remote_user: "{{ lookup('env','USER') }}"
>>> gather_facts: False
>>> sudo: False
>>>
>>> $ ansible-playbook -i test myservers.yml
>>> fatal: [my-box] => failed to parse: {"msg": "Could not replace file:
>>> /home/steinim/.ansible/tmp/ansible-tmp-1410212872.62-18948176608778/source
>>>
>>> to /etc/httpd/conf/httpd.conf: [Errno 1] Operation not permitted:
>>> '/etc/httpd/conf/.ansible_tmpy33qxVhttpd.conf'", "failed": true}
>>> Exception OSError: (2, 'No such file or directory',
>>> '/etc/httpd/conf/.ansible_tmpy33qxVhttpd.conf') in >> _TemporaryFileWrapper.__del__ of ', mode 'w+b' at
>>> 0x1e946f0>> ignored
>>>
>>> Since I am in the group developers and have write access to the file
>>> and directory I would expect that I can overwrite the file.
>>>
>>>
>>> kl. 23:36:02 UTC+2 mandag 8. september 2014 skrev Michael DeHaan
>>> følgende:
Can you please share the ansible --version as well as the command
line invocation you are using and the stanza of your playbook?
Sounds like you are doing something non-sudo most likely, or non
root, that doesn't have enough permissions.
On Mon, Sep 8, 2014 at 7:50 AM, Stein Inge Morisbak <
ste...@gmail.com> wrote:
> I am trying to run the following task:
>
> - name: copy httpd.conf to /etc/httpd/conf folder
> copy: src=httpd.conf dest="/etc/httpd/conf"
>
> Ownership on the server is:
>
> drwxrwsr-x 2 root developers 4096 Sep 8 13:33 .
> drwxrwsr-x 5 root developers 4096 Sep 4 17:51 ..
> -rw-rw-r-- 1 root developers 34744 Apr 3 16:01 httpd.conf
>
> I am a member of the developers group. The directory and file has
> write permission for the developers group. However the task fails
> with this
> error message:
>
> fatal: [my-box] => failed to parse: {"msg": "Could not replace
> file:
> /home/steinim/.ansible/tmp/ansible-tmp-1410176741.01-248154513611723/source
>
> to /etc/httpd/conf/httpd.conf: [Errno 1] Operation not permitt
Re: [ansible-project] copy fails for group ownership
Yeah, please let us know.
One point of clarification - I think you may possibly be confusing SELinux
and ACLs, which are different things.
ACLs do not come from SELinux, they are managed by setfacl/etc.
(There's also a handy acl module in Ansible!)
On Wed, Sep 10, 2014 at 7:32 AM, Stein Inge Morisbak
wrote:
> Sorry about the tarball. It won't happen again.
>
> After some further investigation it seems that it might have something to
> do with SELinux ACL after all. The httpd directory in /etc/httpd/conf has a
> dot after its access list (drwxr-xr-x.). I don't know if this is the
> problem yet, but I will do some further investigations. Thanks for
> mentioning SELinux.
>
> I will keep you posted.
>
> 2014-09-10 12:26 GMT+02:00 Abubakr-Sadik Nii Nai Davis
> :
>
>> Well noted.
>>
>> On Tuesday, September 9, 2014 7:13:49 PM UTC, Michael DeHaan wrote:
>>>
>>> As a general rule, I don't crack open tarballs attached to the list -
>>> and I would request that since there are thousands of users on this list we
>>> don't start using it for attachments.
>>>
>>> (I'm not sure I can turn it off).
>>>
>>> A gist or github repo would be welcome, or even pastebin for smaller
>>> things.
>>>
>>> In many cases, it can just be shown inline.
>>>
>>>
>>>
>>> On Tue, Sep 9, 2014 at 12:21 PM, Stein Inge Morisbak
>>> wrote:
>>>
I have attached the whole shebang to reproduce it.
Requirements is:
- the same username on the server set up with an authorized key and
belonging to a group.
- A file: /etc/httpd/conf/httpd.conf owned by a different user, but
writable for the group the first user belongs to.
2014-09-09 17:45 GMT+02:00 Michael DeHaan :
> Can you show more of the playbook in context?
>
> I'm missing task names and such and wanted to be clear about something.
>
> I may have some other questions after that.
>
>
>
> On Mon, Sep 8, 2014 at 5:51 PM, Stein Inge Morisbak
> wrote:
>
>> Yup. It is non-sudo and non-root.
>>
>> $ ansible --version
>> ansible 1.7.1
>>
>> stanza:
>> ---
>> - hosts: myservers
>> roles:
>> - httpd
>> remote_user: "{{ lookup('env','USER') }}"
>> gather_facts: False
>> sudo: False
>>
>> $ ansible-playbook -i test myservers.yml
>> fatal: [my-box] => failed to parse: {"msg": "Could not replace file:
>> /home/steinim/.ansible/tmp/ansible-tmp-1410212872.62-18948176608778/source
>> to /etc/httpd/conf/httpd.conf: [Errno 1] Operation not permitted:
>> '/etc/httpd/conf/.ansible_tmpy33qxVhttpd.conf'", "failed": true}
>> Exception OSError: (2, 'No such file or directory',
>> '/etc/httpd/conf/.ansible_tmpy33qxVhttpd.conf') in > _TemporaryFileWrapper.__del__ of ', mode 'w+b' at
>> 0x1e946f0>> ignored
>>
>> Since I am in the group developers and have write access to the file
>> and directory I would expect that I can overwrite the file.
>>
>>
>> kl. 23:36:02 UTC+2 mandag 8. september 2014 skrev Michael DeHaan
>> følgende:
>>>
>>> Can you please share the ansible --version as well as the command
>>> line invocation you are using and the stanza of your playbook?
>>>
>>> Sounds like you are doing something non-sudo most likely, or non
>>> root, that doesn't have enough permissions.
>>>
>>>
>>>
>>> On Mon, Sep 8, 2014 at 7:50 AM, Stein Inge Morisbak <
>>> ste...@gmail.com> wrote:
>>>
I am trying to run the following task:
- name: copy httpd.conf to /etc/httpd/conf folder
copy: src=httpd.conf dest="/etc/httpd/conf"
Ownership on the server is:
drwxrwsr-x 2 root developers 4096 Sep 8 13:33 .
drwxrwsr-x 5 root developers 4096 Sep 4 17:51 ..
-rw-rw-r-- 1 root developers 34744 Apr 3 16:01 httpd.conf
I am a member of the developers group. The directory and file has
write permission for the developers group. However the task fails with
this
error message:
fatal: [my-box] => failed to parse: {"msg": "Could not replace
file:
/home/steinim/.ansible/tmp/ansible-tmp-1410176741.01-248154513611723/source
to /etc/httpd/conf/httpd.conf: [Errno 1] Operation not permitted:
'/etc/httpd/conf/.ansible_tmpZ7a3MQhttpd.conf'", "failed": true}
Am I missing something, or should this work?
--
You received this message because you are subscribed to the Google
Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it,
send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/90f29162-
>
Re: [ansible-project] copy fails for group ownership
Sorry about the tarball. It won't happen again.
After some further investigation it seems that it might have something to
do with SELinux ACL after all. The httpd directory in /etc/httpd/conf has a
dot after its access list (drwxr-xr-x.). I don't know if this is the
problem yet, but I will do some further investigations. Thanks for
mentioning SELinux.
I will keep you posted.
2014-09-10 12:26 GMT+02:00 Abubakr-Sadik Nii Nai Davis :
> Well noted.
>
> On Tuesday, September 9, 2014 7:13:49 PM UTC, Michael DeHaan wrote:
>>
>> As a general rule, I don't crack open tarballs attached to the list - and
>> I would request that since there are thousands of users on this list we
>> don't start using it for attachments.
>>
>> (I'm not sure I can turn it off).
>>
>> A gist or github repo would be welcome, or even pastebin for smaller
>> things.
>>
>> In many cases, it can just be shown inline.
>>
>>
>>
>> On Tue, Sep 9, 2014 at 12:21 PM, Stein Inge Morisbak
>> wrote:
>>
>>> I have attached the whole shebang to reproduce it.
>>>
>>> Requirements is:
>>> - the same username on the server set up with an authorized key and
>>> belonging to a group.
>>> - A file: /etc/httpd/conf/httpd.conf owned by a different user, but
>>> writable for the group the first user belongs to.
>>>
>>>
>>>
>>> 2014-09-09 17:45 GMT+02:00 Michael DeHaan :
>>>
Can you show more of the playbook in context?
I'm missing task names and such and wanted to be clear about something.
I may have some other questions after that.
On Mon, Sep 8, 2014 at 5:51 PM, Stein Inge Morisbak
wrote:
> Yup. It is non-sudo and non-root.
>
> $ ansible --version
> ansible 1.7.1
>
> stanza:
> ---
> - hosts: myservers
> roles:
> - httpd
> remote_user: "{{ lookup('env','USER') }}"
> gather_facts: False
> sudo: False
>
> $ ansible-playbook -i test myservers.yml
> fatal: [my-box] => failed to parse: {"msg": "Could not replace file:
> /home/steinim/.ansible/tmp/ansible-tmp-1410212872.62-18948176608778/source
> to /etc/httpd/conf/httpd.conf: [Errno 1] Operation not permitted:
> '/etc/httpd/conf/.ansible_tmpy33qxVhttpd.conf'", "failed": true}
> Exception OSError: (2, 'No such file or directory',
> '/etc/httpd/conf/.ansible_tmpy33qxVhttpd.conf') in _TemporaryFileWrapper.__del__ of ', mode 'w+b' at
> 0x1e946f0>> ignored
>
> Since I am in the group developers and have write access to the file
> and directory I would expect that I can overwrite the file.
>
>
> kl. 23:36:02 UTC+2 mandag 8. september 2014 skrev Michael DeHaan
> følgende:
>>
>> Can you please share the ansible --version as well as the command
>> line invocation you are using and the stanza of your playbook?
>>
>> Sounds like you are doing something non-sudo most likely, or non
>> root, that doesn't have enough permissions.
>>
>>
>>
>> On Mon, Sep 8, 2014 at 7:50 AM, Stein Inge Morisbak > > wrote:
>>
>>> I am trying to run the following task:
>>>
>>> - name: copy httpd.conf to /etc/httpd/conf folder
>>> copy: src=httpd.conf dest="/etc/httpd/conf"
>>>
>>> Ownership on the server is:
>>>
>>> drwxrwsr-x 2 root developers 4096 Sep 8 13:33 .
>>> drwxrwsr-x 5 root developers 4096 Sep 4 17:51 ..
>>> -rw-rw-r-- 1 root developers 34744 Apr 3 16:01 httpd.conf
>>>
>>> I am a member of the developers group. The directory and file has
>>> write permission for the developers group. However the task fails with
>>> this
>>> error message:
>>>
>>> fatal: [my-box] => failed to parse: {"msg": "Could not replace file:
>>> /home/steinim/.ansible/tmp/ansible-tmp-1410176741.01-248154513611723/source
>>> to /etc/httpd/conf/httpd.conf: [Errno 1] Operation not permitted:
>>> '/etc/httpd/conf/.ansible_tmpZ7a3MQhttpd.conf'", "failed": true}
>>>
>>> Am I missing something, or should this work?
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it,
>>> send an email to ansible-proje...@googlegroups.com.
>>> To post to this group, send email to ansible...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/ansible-project/90f29162-
>>> 3cd1-4783-a3ca-ada6c1fd5604%40googlegroups.com
>>>
>>> .
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
>> --
> You received this message because you are subscribed to the Google
> Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails fro
Re: [ansible-project] copy fails for group ownership
Well noted.
On Tuesday, September 9, 2014 7:13:49 PM UTC, Michael DeHaan wrote:
>
> As a general rule, I don't crack open tarballs attached to the list - and
> I would request that since there are thousands of users on this list we
> don't start using it for attachments.
>
> (I'm not sure I can turn it off).
>
> A gist or github repo would be welcome, or even pastebin for smaller
> things.
>
> In many cases, it can just be shown inline.
>
>
>
> On Tue, Sep 9, 2014 at 12:21 PM, Stein Inge Morisbak > wrote:
>
>> I have attached the whole shebang to reproduce it.
>>
>> Requirements is:
>> - the same username on the server set up with an authorized key and
>> belonging to a group.
>> - A file: /etc/httpd/conf/httpd.conf owned by a different user, but
>> writable for the group the first user belongs to.
>>
>>
>>
>> 2014-09-09 17:45 GMT+02:00 Michael DeHaan > >:
>>
>>> Can you show more of the playbook in context?
>>>
>>> I'm missing task names and such and wanted to be clear about something.
>>>
>>> I may have some other questions after that.
>>>
>>>
>>>
>>> On Mon, Sep 8, 2014 at 5:51 PM, Stein Inge Morisbak >> > wrote:
>>>
Yup. It is non-sudo and non-root.
$ ansible --version
ansible 1.7.1
stanza:
---
- hosts: myservers
roles:
- httpd
remote_user: "{{ lookup('env','USER') }}"
gather_facts: False
sudo: False
$ ansible-playbook -i test myservers.yml
fatal: [my-box] => failed to parse: {"msg": "Could not replace file:
/home/steinim/.ansible/tmp/ansible-tmp-1410212872.62-18948176608778/source
to /etc/httpd/conf/httpd.conf: [Errno 1] Operation not permitted:
'/etc/httpd/conf/.ansible_tmpy33qxVhttpd.conf'", "failed": true}
Exception OSError: (2, 'No such file or directory',
'/etc/httpd/conf/.ansible_tmpy33qxVhttpd.conf') in >>> _TemporaryFileWrapper.__del__ of ', mode 'w+b' at
0x1e946f0>> ignored
Since I am in the group developers and have write access to the file
and directory I would expect that I can overwrite the file.
kl. 23:36:02 UTC+2 mandag 8. september 2014 skrev Michael DeHaan
følgende:
>
> Can you please share the ansible --version as well as the command line
> invocation you are using and the stanza of your playbook?
>
> Sounds like you are doing something non-sudo most likely, or non root,
> that doesn't have enough permissions.
>
>
>
> On Mon, Sep 8, 2014 at 7:50 AM, Stein Inge Morisbak
> wrote:
>
>> I am trying to run the following task:
>>
>> - name: copy httpd.conf to /etc/httpd/conf folder
>> copy: src=httpd.conf dest="/etc/httpd/conf"
>>
>> Ownership on the server is:
>>
>> drwxrwsr-x 2 root developers 4096 Sep 8 13:33 .
>> drwxrwsr-x 5 root developers 4096 Sep 4 17:51 ..
>> -rw-rw-r-- 1 root developers 34744 Apr 3 16:01 httpd.conf
>>
>> I am a member of the developers group. The directory and file has
>> write permission for the developers group. However the task fails with
>> this
>> error message:
>>
>> fatal: [my-box] => failed to parse: {"msg": "Could not replace file:
>> /home/steinim/.ansible/tmp/ansible-tmp-1410176741.01-248154513611723/source
>>
>> to /etc/httpd/conf/httpd.conf: [Errno 1] Operation not permitted:
>> '/etc/httpd/conf/.ansible_tmpZ7a3MQhttpd.conf'", "failed": true}
>>
>> Am I missing something, or should this work?
>>
>> --
>> You received this message because you are subscribed to the Google
>> Groups "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it,
>> send an email to ansible-proje...@googlegroups.com.
>> To post to this group, send email to ansible...@googlegroups.com.
>> To view this discussion on the web visit https://groups.google.com/d/
>> msgid/ansible-project/90f29162-3cd1-4783-a3ca-
>> ada6c1fd5604%40googlegroups.com
>>
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
> --
You received this message because you are subscribed to the Google
Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to ansible-proje...@googlegroups.com .
To post to this group, send email to ansible...@googlegroups.com
.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/7d4c1995-1eb9-4baa-9940-a5b98fc960da%40googlegroups.com
.
For more options, visit https://groups.google.com/d/opto
Re: [ansible-project] copy fails for group ownership
As a general rule, I don't crack open tarballs attached to the list - and I
would request that since there are thousands of users on this list we don't
start using it for attachments.
(I'm not sure I can turn it off).
A gist or github repo would be welcome, or even pastebin for smaller things.
In many cases, it can just be shown inline.
On Tue, Sep 9, 2014 at 12:21 PM, Stein Inge Morisbak
wrote:
> I have attached the whole shebang to reproduce it.
>
> Requirements is:
> - the same username on the server set up with an authorized key and
> belonging to a group.
> - A file: /etc/httpd/conf/httpd.conf owned by a different user, but
> writable for the group the first user belongs to.
>
>
>
> 2014-09-09 17:45 GMT+02:00 Michael DeHaan :
>
>> Can you show more of the playbook in context?
>>
>> I'm missing task names and such and wanted to be clear about something.
>>
>> I may have some other questions after that.
>>
>>
>>
>> On Mon, Sep 8, 2014 at 5:51 PM, Stein Inge Morisbak
>> wrote:
>>
>>> Yup. It is non-sudo and non-root.
>>>
>>> $ ansible --version
>>> ansible 1.7.1
>>>
>>> stanza:
>>> ---
>>> - hosts: myservers
>>> roles:
>>> - httpd
>>> remote_user: "{{ lookup('env','USER') }}"
>>> gather_facts: False
>>> sudo: False
>>>
>>> $ ansible-playbook -i test myservers.yml
>>> fatal: [my-box] => failed to parse: {"msg": "Could not replace file:
>>> /home/steinim/.ansible/tmp/ansible-tmp-1410212872.62-18948176608778/source
>>> to /etc/httpd/conf/httpd.conf: [Errno 1] Operation not permitted:
>>> '/etc/httpd/conf/.ansible_tmpy33qxVhttpd.conf'", "failed": true}
>>> Exception OSError: (2, 'No such file or directory',
>>> '/etc/httpd/conf/.ansible_tmpy33qxVhttpd.conf') in >> _TemporaryFileWrapper.__del__ of ', mode 'w+b' at
>>> 0x1e946f0>> ignored
>>>
>>> Since I am in the group developers and have write access to the file and
>>> directory I would expect that I can overwrite the file.
>>>
>>>
>>> kl. 23:36:02 UTC+2 mandag 8. september 2014 skrev Michael DeHaan
>>> følgende:
Can you please share the ansible --version as well as the command line
invocation you are using and the stanza of your playbook?
Sounds like you are doing something non-sudo most likely, or non root,
that doesn't have enough permissions.
On Mon, Sep 8, 2014 at 7:50 AM, Stein Inge Morisbak
wrote:
> I am trying to run the following task:
>
> - name: copy httpd.conf to /etc/httpd/conf folder
> copy: src=httpd.conf dest="/etc/httpd/conf"
>
> Ownership on the server is:
>
> drwxrwsr-x 2 root developers 4096 Sep 8 13:33 .
> drwxrwsr-x 5 root developers 4096 Sep 4 17:51 ..
> -rw-rw-r-- 1 root developers 34744 Apr 3 16:01 httpd.conf
>
> I am a member of the developers group. The directory and file has
> write permission for the developers group. However the task fails with
> this
> error message:
>
> fatal: [my-box] => failed to parse: {"msg": "Could not replace file:
> /home/steinim/.ansible/tmp/ansible-tmp-1410176741.01-248154513611723/source
> to /etc/httpd/conf/httpd.conf: [Errno 1] Operation not permitted:
> '/etc/httpd/conf/.ansible_tmpZ7a3MQhttpd.conf'", "failed": true}
>
> Am I missing something, or should this work?
>
> --
> You received this message because you are subscribed to the Google
> Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to ansible-proje...@googlegroups.com.
> To post to this group, send email to ansible...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/ansible-project/90f29162-3cd1-4783-a3ca-
> ada6c1fd5604%40googlegroups.com
>
> .
> For more options, visit https://groups.google.com/d/optout.
>
--
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to ansible-project+unsubscr...@googlegroups.com.
>>> To post to this group, send email to ansible-project@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/ansible-project/7d4c1995-1eb9-4baa-9940-a5b98fc960da%40googlegroups.com
>>>
>>> .
>>>
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
>> --
>> You received this message because you are subscribed to a topic in the
>> Google Groups "Ansible Project" group.
>> To unsubscribe from this topic, visit
>> https://groups.google.com/d/topic/ansible-project/e7OIdscZXMo/unsubscribe
>> .
>>
Re: [ansible-project] copy fails for group ownership
I have attached the whole shebang to reproduce it.
Requirements is:
- the same username on the server set up with an authorized key and
belonging to a group.
- A file: /etc/httpd/conf/httpd.conf owned by a different user, but
writable for the group the first user belongs to.
2014-09-09 17:45 GMT+02:00 Michael DeHaan :
> Can you show more of the playbook in context?
>
> I'm missing task names and such and wanted to be clear about something.
>
> I may have some other questions after that.
>
>
>
> On Mon, Sep 8, 2014 at 5:51 PM, Stein Inge Morisbak
> wrote:
>
>> Yup. It is non-sudo and non-root.
>>
>> $ ansible --version
>> ansible 1.7.1
>>
>> stanza:
>> ---
>> - hosts: myservers
>> roles:
>> - httpd
>> remote_user: "{{ lookup('env','USER') }}"
>> gather_facts: False
>> sudo: False
>>
>> $ ansible-playbook -i test myservers.yml
>> fatal: [my-box] => failed to parse: {"msg": "Could not replace file:
>> /home/steinim/.ansible/tmp/ansible-tmp-1410212872.62-18948176608778/source
>> to /etc/httpd/conf/httpd.conf: [Errno 1] Operation not permitted:
>> '/etc/httpd/conf/.ansible_tmpy33qxVhttpd.conf'", "failed": true}
>> Exception OSError: (2, 'No such file or directory',
>> '/etc/httpd/conf/.ansible_tmpy33qxVhttpd.conf') in > _TemporaryFileWrapper.__del__ of ', mode 'w+b' at
>> 0x1e946f0>> ignored
>>
>> Since I am in the group developers and have write access to the file and
>> directory I would expect that I can overwrite the file.
>>
>>
>> kl. 23:36:02 UTC+2 mandag 8. september 2014 skrev Michael DeHaan følgende:
>>>
>>> Can you please share the ansible --version as well as the command line
>>> invocation you are using and the stanza of your playbook?
>>>
>>> Sounds like you are doing something non-sudo most likely, or non root,
>>> that doesn't have enough permissions.
>>>
>>>
>>>
>>> On Mon, Sep 8, 2014 at 7:50 AM, Stein Inge Morisbak
>>> wrote:
>>>
I am trying to run the following task:
- name: copy httpd.conf to /etc/httpd/conf folder
copy: src=httpd.conf dest="/etc/httpd/conf"
Ownership on the server is:
drwxrwsr-x 2 root developers 4096 Sep 8 13:33 .
drwxrwsr-x 5 root developers 4096 Sep 4 17:51 ..
-rw-rw-r-- 1 root developers 34744 Apr 3 16:01 httpd.conf
I am a member of the developers group. The directory and file has write
permission for the developers group. However the task fails with this error
message:
fatal: [my-box] => failed to parse: {"msg": "Could not replace file:
/home/steinim/.ansible/tmp/ansible-tmp-1410176741.01-248154513611723/source
to /etc/httpd/conf/httpd.conf: [Errno 1] Operation not permitted:
'/etc/httpd/conf/.ansible_tmpZ7a3MQhttpd.conf'", "failed": true}
Am I missing something, or should this work?
--
You received this message because you are subscribed to the Google
Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/
msgid/ansible-project/90f29162-3cd1-4783-a3ca-
ada6c1fd5604%40googlegroups.com
.
For more options, visit https://groups.google.com/d/optout.
>>>
>>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To post to this group, send email to ansible-project@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/7d4c1995-1eb9-4baa-9940-a5b98fc960da%40googlegroups.com
>>
>> .
>>
>> For more options, visit https://groups.google.com/d/optout.
>>
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Ansible Project" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/ansible-project/e7OIdscZXMo/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgwkrstcxsQ9OTr_OnKFor02OiUsEOJJrdHdZR%3DsM4tf4g%40mail.gmail.com
>
> .
>
> For more options, visi
Re: [ansible-project] copy fails for group ownership
Can you show more of the playbook in context?
I'm missing task names and such and wanted to be clear about something.
I may have some other questions after that.
On Mon, Sep 8, 2014 at 5:51 PM, Stein Inge Morisbak
wrote:
> Yup. It is non-sudo and non-root.
>
> $ ansible --version
> ansible 1.7.1
>
> stanza:
> ---
> - hosts: myservers
> roles:
> - httpd
> remote_user: "{{ lookup('env','USER') }}"
> gather_facts: False
> sudo: False
>
> $ ansible-playbook -i test myservers.yml
> fatal: [my-box] => failed to parse: {"msg": "Could not replace file:
> /home/steinim/.ansible/tmp/ansible-tmp-1410212872.62-18948176608778/source
> to /etc/httpd/conf/httpd.conf: [Errno 1] Operation not permitted:
> '/etc/httpd/conf/.ansible_tmpy33qxVhttpd.conf'", "failed": true}
> Exception OSError: (2, 'No such file or directory',
> '/etc/httpd/conf/.ansible_tmpy33qxVhttpd.conf') in _TemporaryFileWrapper.__del__ of ', mode 'w+b' at
> 0x1e946f0>> ignored
>
> Since I am in the group developers and have write access to the file and
> directory I would expect that I can overwrite the file.
>
>
> kl. 23:36:02 UTC+2 mandag 8. september 2014 skrev Michael DeHaan følgende:
>>
>> Can you please share the ansible --version as well as the command line
>> invocation you are using and the stanza of your playbook?
>>
>> Sounds like you are doing something non-sudo most likely, or non root,
>> that doesn't have enough permissions.
>>
>>
>>
>> On Mon, Sep 8, 2014 at 7:50 AM, Stein Inge Morisbak
>> wrote:
>>
>>> I am trying to run the following task:
>>>
>>> - name: copy httpd.conf to /etc/httpd/conf folder
>>> copy: src=httpd.conf dest="/etc/httpd/conf"
>>>
>>> Ownership on the server is:
>>>
>>> drwxrwsr-x 2 root developers 4096 Sep 8 13:33 .
>>> drwxrwsr-x 5 root developers 4096 Sep 4 17:51 ..
>>> -rw-rw-r-- 1 root developers 34744 Apr 3 16:01 httpd.conf
>>>
>>> I am a member of the developers group. The directory and file has write
>>> permission for the developers group. However the task fails with this error
>>> message:
>>>
>>> fatal: [my-box] => failed to parse: {"msg": "Could not replace file:
>>> /home/steinim/.ansible/tmp/ansible-tmp-1410176741.01-248154513611723/source
>>> to /etc/httpd/conf/httpd.conf: [Errno 1] Operation not permitted:
>>> '/etc/httpd/conf/.ansible_tmpZ7a3MQhttpd.conf'", "failed": true}
>>>
>>> Am I missing something, or should this work?
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to ansible-proje...@googlegroups.com.
>>> To post to this group, send email to ansible...@googlegroups.com.
>>> To view this discussion on the web visit https://groups.google.com/d/
>>> msgid/ansible-project/90f29162-3cd1-4783-a3ca-
>>> ada6c1fd5604%40googlegroups.com
>>>
>>> .
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
>> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/7d4c1995-1eb9-4baa-9940-a5b98fc960da%40googlegroups.com
>
> .
>
> For more options, visit https://groups.google.com/d/optout.
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgwkrstcxsQ9OTr_OnKFor02OiUsEOJJrdHdZR%3DsM4tf4g%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] copy fails for group ownership
Yup. It is non-sudo and non-root.
$ ansible --version
ansible 1.7.1
stanza:
---
- hosts: myservers
roles:
- httpd
remote_user: "{{ lookup('env','USER') }}"
gather_facts: False
sudo: False
$ ansible-playbook -i test myservers.yml
fatal: [my-box] => failed to parse: {"msg": "Could not replace file:
/home/steinim/.ansible/tmp/ansible-tmp-1410212872.62-18948176608778/source
to /etc/httpd/conf/httpd.conf: [Errno 1] Operation not permitted:
'/etc/httpd/conf/.ansible_tmpy33qxVhttpd.conf'", "failed": true}
Exception OSError: (2, 'No such file or directory',
'/etc/httpd/conf/.ansible_tmpy33qxVhttpd.conf') in ', mode 'w+b' at
0x1e946f0>> ignored
Since I am in the group developers and have write access to the file and
directory I would expect that I can overwrite the file.
kl. 23:36:02 UTC+2 mandag 8. september 2014 skrev Michael DeHaan følgende:
>
> Can you please share the ansible --version as well as the command line
> invocation you are using and the stanza of your playbook?
>
> Sounds like you are doing something non-sudo most likely, or non root,
> that doesn't have enough permissions.
>
>
>
> On Mon, Sep 8, 2014 at 7:50 AM, Stein Inge Morisbak > wrote:
>
>> I am trying to run the following task:
>>
>> - name: copy httpd.conf to /etc/httpd/conf folder
>> copy: src=httpd.conf dest="/etc/httpd/conf"
>>
>> Ownership on the server is:
>>
>> drwxrwsr-x 2 root developers 4096 Sep 8 13:33 .
>> drwxrwsr-x 5 root developers 4096 Sep 4 17:51 ..
>> -rw-rw-r-- 1 root developers 34744 Apr 3 16:01 httpd.conf
>>
>> I am a member of the developers group. The directory and file has write
>> permission for the developers group. However the task fails with this error
>> message:
>>
>> fatal: [my-box] => failed to parse: {"msg": "Could not replace file:
>> /home/steinim/.ansible/tmp/ansible-tmp-1410176741.01-248154513611723/source
>> to /etc/httpd/conf/httpd.conf: [Errno 1] Operation not permitted:
>> '/etc/httpd/conf/.ansible_tmpZ7a3MQhttpd.conf'", "failed": true}
>>
>> Am I missing something, or should this work?
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-proje...@googlegroups.com .
>> To post to this group, send email to ansible...@googlegroups.com
>> .
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/90f29162-3cd1-4783-a3ca-ada6c1fd5604%40googlegroups.com
>>
>>
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/7d4c1995-1eb9-4baa-9940-a5b98fc960da%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] copy fails for group ownership
Can you please share the ansible --version as well as the command line
invocation you are using and the stanza of your playbook?
Sounds like you are doing something non-sudo most likely, or non root, that
doesn't have enough permissions.
On Mon, Sep 8, 2014 at 7:50 AM, Stein Inge Morisbak
wrote:
> I am trying to run the following task:
>
> - name: copy httpd.conf to /etc/httpd/conf folder
> copy: src=httpd.conf dest="/etc/httpd/conf"
>
> Ownership on the server is:
>
> drwxrwsr-x 2 root developers 4096 Sep 8 13:33 .
> drwxrwsr-x 5 root developers 4096 Sep 4 17:51 ..
> -rw-rw-r-- 1 root developers 34744 Apr 3 16:01 httpd.conf
>
> I am a member of the developers group. The directory and file has write
> permission for the developers group. However the task fails with this error
> message:
>
> fatal: [my-box] => failed to parse: {"msg": "Could not replace file:
> /home/steinim/.ansible/tmp/ansible-tmp-1410176741.01-248154513611723/source
> to /etc/httpd/conf/httpd.conf: [Errno 1] Operation not permitted:
> '/etc/httpd/conf/.ansible_tmpZ7a3MQhttpd.conf'", "failed": true}
>
> Am I missing something, or should this work?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/90f29162-3cd1-4783-a3ca-ada6c1fd5604%40googlegroups.com
>
> .
> For more options, visit https://groups.google.com/d/optout.
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgwvvFT-792ZioknO1btRAuKCCn_%3DZyvBCK0%2B9RdqPQHOg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
