将文件复制到远程服务器,但是在属于其他用户的目录中? [英] copy files to remote servers but in a directory which belongs to some other user?
问题描述
我正在研究一个ansible剧本,它将我的tasks.tar.gz
文件复制到远程服务器,并将其解压缩到远程服务器上的特定目录中.
I am working on an ansible playbook which copies my tasks.tar.gz
file to remote servers and uncompress it into a particular directory on remote servers.
我正在以用户david
的身份在machineA
上运行我的剧本,因此我将david
用户的公钥从machineA
添加到所有远程服务器authorized_key
文件中,以便我无需输入密码即可使用ssh我想以无密码方式运行我的Ansible Playbook.
I am running my playbook on machineA
as user david
so I added public key of david
user from machineA
to all the remote servers authorized_key
file so that I can ssh without typing my password because I want to run my ansible playbook passwordless.
---
- hosts: ALL
serial: 3
tasks:
- name: copy and untar latest tasks.tar.gz file
unarchive: src=tasks.tar.gz dest=/data/files/tasks/
- name: sleep for few seconds
pause: seconds=20
我现在遇到的问题是,因为远程服务器上的此"/data/files/tasks/"目录属于其他用户(goldy)
,因此由于我正在运行我的剧本,因此它无法复制和解压缩tasks.tar.gz
文件我猜是david
用户.
Now problem I am having is since this "/data/files/tasks/" directory on remote servers belongs to some other user (goldy)
so it can't copy and uncompress tasks.tar.gz
file because I am running my playbook as david
user I guess.
ansible-playbook -e 'host_key_checking=False' test2.yml
我想以无密码用户david
的身份来运行我的ansible剧本,但它应该能够将文件复制到属于goldy用户的目录中的所有远程服务器中.我尝试使用become
和become_user
玩游戏,但这对我没有用.我还有什么需要做的吗?
I want to run my ansible playbook as user david
passwordless but it should be able to copy files into all the remote servers in a directory which belongs to user goldy. I tried playing with become
and become_user
but it didn't worked for me. Is there anything else I need to do?
- name: copy and untar latest tasks.tar.gz file
unarchive: src=tasks.tar.gz dest=/data/files/tasks/
become: true
become_user: goldy
become_method: sudo
这是我得到的错误:
"msg": "Failed to set permissions on the temporary files Ansible needs to create when becoming an unprivileged user (rc: 1, err: chown: changing ownership of ‘/tmp/ansible-tmp-1518323151.21-195554555527544/’: Operation not permitted\nchown: changing ownership of ‘/tmp/ansible-tmp-1518323151.21-195554555527544/stat.py’: Operation not permitted\n}).
推荐答案
由于您暗示已为连接的用户david
配置sudo,因此,最简单的操作是使用提升的权限复制文件并设置其权限.通过unarchive
模块的owner
参数对goldy
的所有权:
Since you hint on having sudo configured for your connecting user david
, the simplest thing you can do is use elevated permissions to copy the file and set its an ownership to goldy
through owner
parameter of the unarchive
module:
- name: copy and untar latest tasks.tar.gz file
unarchive:
src: tasks.tar.gz
dest: /data/files/tasks/
owner: goldy
become: true
关于如何配置sudoer以允许代表root
以外的用户执行命令的问题,您需要了解sudo
和sudoers
的实际工作方式(请参阅
For the question of how to configure sudoers to allow for executing commands on behalf of a user other than root
, you need to learn how sudo
and sudoers
actually work (see the manual).
这篇关于将文件复制到远程服务器,但是在属于其他用户的目录中?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!