我连接到远程计算机后使用become_user来更改用户 在此示例中,ssh user1将文件复制到远程计算机,然后我们通过user2更改用户并移动文件。 这是我的过程和最终错误。
<172.28.178.227> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o Port=22 -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o
ConnectTimeout=10 172.28.178.227 /bin/sh -c 'rc=flag; [ -r /tmp/profile-java ] || rc=2; [ -f /tmp/profile-java ] || rc=1; [ -d /tmp/profile-java ] && rc=3; python -V 2>/dev/null || rc=4; [ x"$rc" != "xflag" ] && echo "${rc} "/tmp/profile-java && exit 0; (python -c '"'"'import hashlib; BLOCKSIZE = 65536; hasher = hashlib.sha1(); afile = open("'"'"'/tmp/profile-java'"'"'", "rb") buf = afile.read(BLOCKSIZE) while len(buf) > 0: hasher.update(buf) buf = afile.read(BLOCKSIZE) afile.close() print(hasher.hexdigest())'"'"' 2>/dev/null) || (python -c '"'"'import sha; BLOCKSIZE = 65536; hasher = sha.sha(); afile = open("'"'"'/tmp/profile-java'"'"'", "rb") buf = afile.read(BLOCKSIZE) while len(buf) > 0: hasher.update(buf) buf = afile.read(BLOCKSIZE) afile.close() print(hasher.hexdigest())'"'"' 2>/dev/null) || (echo '"'"'0 '"'"'/tmp/profile-java)'
<172.28.178.227> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o Port=22 -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 172.28.178.227 /bin/sh -c 'mkdir -p /tmp/ansible-tmp-1458229962.35-167690832134774 && chmod a+rx /tmp/ansible-tmp-1458229962.35-167690832134774 && echo /tmp/ansible-tmp-1458229962.35-167690832134774'
<172.28.178.227> PUT /u01/app/jenkins/workspace/02_Customer-Order-Services/deploy-to-PPE/roles/jvm/files/profile-java.j2 TO /tmp/ansible-tmp-1458229962.35-167690832134774/source
<172.28.178.227> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o Port=22 -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 172.28.178.227 /bin/sh -c 'chmod a+r /tmp/ansible-tmp-1458229962.35-167690832134774/source'
<172.28.178.227> PUT /tmp/tmpO9iYgq TO /tmp/ansible-tmp-1458229962.35-167690832134774/copy
<172.28.178.227> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o Port=22 -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 172.28.178.227 /bin/sh -c 'chmod a+r /tmp/ansible-tmp-1458229962.35-167690832134774/copy'
<172.28.178.227> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o Port=22 -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 172.28.178.227 /bin/sh -c 'su svc-cos -c "/bin/sh -c '"'"'echo BECOME-SUCCESS-kifkfsbasxqszcorqwgpmcigwmalvwnq; LANG=en_US.UTF-8 LC_CTYPE=en_US.UTF-8 python /tmp/ansible-tmp-1458229962.35-167690832134774/copy'"'"'"'
<172.28.178.227> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o Port=22 -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 172.28.178.227 /bin/sh -c 'rm -rf /tmp/ansible-tmp-1458229962.35-167690832134774/ >/dev/null 2>&1'
然后是最后的错误,这是无关紧要的,因为它只是一个python错误。但我认为这是一个权限问题。
failed: [*********] => {"checksum": "f1f7d1e8f4fe6397dcc39fe4e2613b607e8c6fa1", "failed": true}
msg: Aborting, target uses selinux but python bindings (libselinux-python) aren't installed!
所有python库都已正确安装,脚本运行正常,只有在使用become_user时才会失败。
答案 0 :(得分:2)
可能没有为第二个用户安装软件包。我在python中使用virtualenv时遇到了这个问题。
作为一种解决方法,您可以手动将以下内容移动到/usr/lib64/python2.7/site-packages/selinux/,以便Anisble尝试从中读取包。在执行playbook ansible-playbook file -vvv
有关详情,请使用此Link
答案 1 :(得分:1)
target uses selinux but python bindings (libselinux-python) aren't installed是一个非常明显的错误。检查是否安装了libselinux-python包。
请注意
如果在远程节点上启用了SELinux,则在使用Ansible中的任何复制/文件/模板相关功能之前,还需要在其上安装libselinux-python。您当然可以使用Ansible中的yum模块在没有它的远程系统上安装此软件包。