File-Permissions

為什麼我在嘗試更改文件的權限時從 Ansible 收到此錯誤?

  • October 28, 2016

我在名為 tomcat 的角色中有以下任務:

- name: copy tomcat file settings
 copy:
   src: "{{ item.src }}"
   dest: "{{ item.dest }}"
   owner: tomcat
   group: tomcat
   mode: "{{ item.mode }}"
 with_items:
 - { src: logrotate-tomcat7, dest: /etc/logrotate.d/tomcat7, mode: 0644 }
 - { src: keystore.pks, dest: /var/lib/tomcat7/webapps, mode: 0644  }
 - { src: jmxremote.access, dest: /etc/tomcat7, mode: 0644   }
 - { src: jmxremote.password, dest: /etc/tomcat7, mode: 0600 }

當我執行呼叫 tomcat 角色的劇本時,我看到以下輸出:

TASK [devops-server : copy tomcat file settings] *********************************
changed: [10.71.10.11] => (item={u'dest': u'/etc/logrotate.d/tomcat7', u'src': u'logrotate-tomcat7', u'mode': 420})
changed: [10.71.10.11] => (item={u'dest': u'/var/lib/tomcat7/webapps', u'src': u'keystore.pks', u'mode': 420})
changed: [10.71.10.11] => (item={u'dest': u'/etc/tomcat7', u'src': u'jmxremote.access', u'mode': 420})
failed: [10.71.10.11] (item={u'dest': u'/etc/tomcat7', u'src': u'jmxremote.password', u'mode': 384}) => {"checksum": "2203ad1530a3bc06732043ba67d129b5364505ce", "details": "bad symbolic permission for mode: 384", "failed": true, "gid": 91, "group": "tomcat", "item": {"dest": "/etc/tomcat7", "mode": 384, "src": "jmxremote.password"}, "mode": "0644", "msg": "mode must be in octal or symbolic form", "owner": "tomcat", "path": "/etc/tomcat7/jmxremote.password", "size": 52, "state": "file", "uid": 91}
...ignoring

顯然,模式 0600 在我的 EC2 實例的命令行上工作:

ec2-user@devops-01 ~]$ sudo chmod 0600 /etc/tomcat7/jmxremote.password
ec2-user@devops-01 ~]$ ls -l /etc/tomcat7/jmxremote.password
-rw------- 1 tomcat tomcat 52 Oct 28 16:18 /etc/tomcat7/jmxremote.password

那麼給了什麼?這是一個 Ansible 錯誤還是我錯過了什麼?

這顯然是 Ansible 中的一個錯誤。對我來說,程式碼似乎很好。根據此GitHub 問題,可以通過將octalfor設置modestring. 像這樣:0644 "0644"

所以我會試試這個:

with_items:
- { src: logrotate-tomcat7, dest: /etc/logrotate.d/tomcat7, mode: "0644" }

引用自:https://serverfault.com/questions/811915