Ansible:检测Linux文件系统是否以只读方式安装 [英] Ansible: Detect if a Linux filesystem is mounted read-only

问题描述

我正在尝试检测特定文件系统是否在Linux(Ubuntu 16.04)上以只读或读写方式安装.使用 stat 模块将不起作用，因为它总是返回posix权限，而不管写入目录的实际能力如何.我可以使用下面颇具侵入性和麻烦的代码来完成此任务，该代码试图创建一个点文件.我希望有一个更干净，更优雅的替代方法，它还可以检测目录是否不是挂载点(这将是错误的).

I'm trying to detect if a particular filesystem is mounted read-only or read-write on Linux (Ubuntu 16.04). Using the stat module won't work because it always returns the posix permissions regardless of the actual ability to write into the directory. I'm able to accomplish this with the rather intrusive and cumbersome code below, which attempts to create a dot file. I'd appreciate a cleaner and more elegant alternative, that can also detect if the directory is not a mount point (which would be an error).

- name: Determine whether we have write access to the shared dir
    command: touch /mnt/shared-data/.WriteTest
    register: shared_dir_write_test
    failed_when: "shared_dir_write_test.rc != 0 and 'read-only' not in (shared_dir_write_test.stderr | lower)"
    changed_when: shared_dir_write_test.rc == 0

Ansible建议我改用 file 模块和 state = touch ，但是下面的代码失败了，因为似乎没有办法检查过渡文件的结果.

Ansible advised me to use instead the file module with state=touch, however the code below fails since there doesn't seem to be a way to examine the interim result of file.

  - name: Determine whether we have write access to the shared dir
    file: path=/mnt/shared-data/.WriteTest state=touch
    register: shared_dir_write_test
    failed_when: "shared_dir_write_test.failed and 'read-only' not in (shared_dir_write_test.msg | lower)"

条件检查"shared_dir_write_test.failed和'只读" 不在(shared_dir_write_test.stderr |下层)中失败.错误是: 评估条件(shared_dir_write_test.failed和 '只读'不在(shared_dir_write_test.stderr |下)中):'dict 对象"没有属性失败"

The conditional check 'shared_dir_write_test.failed and 'read-only' not in (shared_dir_write_test.stderr | lower)' failed. The error was: error while evaluating conditional (shared_dir_write_test.failed and 'read-only' not in (shared_dir_write_test.stderr | lower)): 'dict object' has no attribute 'failed'

推荐答案

信息可以从Ansible事实中获取. Ansible代码完成了此任务:

The information can be obtained from Ansible facts. Ansible code that accomplishes this:

- name: Determine shared-dir mount point
command: "/usr/bin/env stat -c '%m' {{ shared_dir_real_path }}"
register: shared_dir_mount_point
changed_when: False

- name: Determine the mount point's filesystem type and mount options
set_fact:
    "shared_dir_mount_{{ item }}": "{{ ansible_mounts | selectattr('mount', 'equalto', shared_dir_mount_point.stdout) | map(attribute = item) | join(',') }}"
with_items:
    - fstype
    - options

- name: Determine the access to the shared-data directory
set_fact:
    shared_dir_access_flags: "{{ ['ro', 'rw']  | intersect( shared_dir_mount_options.split(',') )}}"

- name: Verify Access mode sanity
assert:
    that: shared_dir_access_flags | length == 1

然后确定安装座是R/W还是我使用的R/O:

Then to determine whether the mount is R/W or R/O I use:

when: "'rw' in shared_dir_access_flags"

或

when: "'ro' in shared_dir_access_flags"

我以前使用的另一种更简洁但也许不太干净的方法是从/proc/self/mountinfo获取信息.平台特定的功能要比我希望的要多一些，但这仅取决于记录在案的接口.

Another, more terse but perhaps less clean approach that I used previously, was to obtain the information from /proc/self/mountinfo. A little more platform-specific than I hoped, but it only depends on documented intrefaces.

- name: Get Shared dir mount options
shell: "grep -F `stat -c '%m' {{ shared_dir_path }}` /proc/self/mountinfo | cut -d' ' -f 6"
register: shared_dir_mount_options
changed_when: False

然后使用表达式确定挂载是R/W还是R/O，我会变得更加麻烦:

Then the expressions to determine whether the mount is R/W or R/O I would become a bit more cumbersome:

when: "'rw' in shared_dir_mount_options.stdout.split(',')"

或

when: "'ro' in shared_dir_mount_options.stdout.split(',')"

这篇关于Ansible:检测Linux文件系统是否以只读方式安装的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！