Ansible权限问题 [英] Ansible Permissions Issue
问题描述
我想当前用户添加到组中的系统,然后执行需要为该组权限的命令。我的剧本是像这样:
I'm trying to add the current user to a group in the system, then execute a command that requires permission for that group. My playbook is like so:
- name: Add this user to RVM group
sudo: true
user: state=present name=vagrant append=yes groups=rvm group=rvm
- name: Install Ruby 1.9.3
command: rvm install ruby-1.9.3-p448 creates=/usr/local/rvm/bin/ruby-1.9.3-p448
的问题是,所有这一切都在同一个壳正在发生。无业游民的shell尚未更新使用新的群组。有没有干净的方式来刷新用户的当前组Ansible?我想我需要得到它重新连接或打开一个新的外壳。
The problem is that all of this is happening in the same shell. vagrant's shell hasn't been updated with the new groups yet. Is there a clean way to refresh the user's current groups in Ansible? I figure I need to get it to re-connect or open a new shell.
不过,我试图打开一个新的外壳,它只是挂起:
However I tried opening a new shell and it simply hangs:
- name: Open a new shell for the new groups
shell: bash
当然它挂起:这个过程永远不会退出
Of course it hangs: the process never exits!
与newgrp同样的事情
Same thing with newgrp
- name: Refresh the groups
shell: newgrp
由于它基本上做同样的事情。
Because it basically does the same thing.
任何想法?
推荐答案
阅读本手册。
这里的一个解决方案是使用了执行参数无论是'命令'或'壳'的模块。
A solution here is to use the 'executable' parameter for either the 'command' or 'shell' modules.
于是,我就用命令模块,像这样:
So I tried using the command module like so:
- name: install ruby 1.9.3
command: rvm install ruby-1.9.3-p448 executable=/bin/bash creates=/usr/local/rvm/bin/ruby-1.9.3-p448
ignore_error: true
但剧本挂下去。 href=\"http://www.ansibleworks.com/docs/modules.html#command\" rel=\"nofollow\">手动国
如果您希望通过shell运行命令(假设你正在使用&LT;,>,|,等等),你真正想要的外壳模块来代替。命令模块更加安全,因为它不影响该用户的 If you want to run a command through the shell (say you are using <, >, |, etc), you actually want the shell module instead. The command module is much more secure as it's not affected by the user's
environment. 于是,我试着用外壳模块: So I tried using the shell module: 和它的作品! 这篇关于Ansible权限问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
环境。
- name: install ruby 1.9.3
shell: rvm install ruby-1.9.3-p448 executable=/bin/bash creates=/usr/local/rvm/bin/ruby-1.9.3-p448
ignore_error: true