为什么Ansible不能像sudo用户那样运行Pip?
问题描述:
我有一本确保所有要求都在本地安装的手册。我使用ansible 2.0.0
为什么Ansible不能像sudo用户那样运行Pip?
ansible-playbook site.yml -i staging
site.yml:
---
- hosts: localhost
become: yes
become_user: "{{ sudo_user }}"
connection: local
vars_files:
- vars/main.yml
roles:
- do
sudo_user
在瓦尔surfer190
。
做/任务/ main.yml:
- name: make sure everything is installed
apt: name={{item}} state=installed
with_items:
- python-apt
- python-pycurl
- python-pip
- python-setuptools
- name: Install dopy
pip: name={{ item }}
with_items:
- virtualenv
- dopy
- passlib
我得到以下错误:
failed: [localhost] => (item=passlib) => {"cmd": "/usr/local/bin/pip install passlib", "failed": true, "invocation": {"module_args": {"name": "passlib"}, "module_name": "pip"}, "item": "passlib", "msg": "stdout: Collecting passlib\n Using cached passlib-1.6.5-py2.py3-none-any.whl\nInstalling collected packages: passlib\n\n:stderr: Exception:\nTraceback (most recent call last):\n File \"/usr/local/lib/python2.7/dist-packages/pip/basecommand.py\", line 211, in main\n status = self.run(options, args)\n File \"/usr/local/lib/python2.7/dist-packages/pip/commands/install.py\", line 311, in run\n root=options.root_path,\n File \"/usr/local/lib/python2.7/dist-packages/pip/req/req_set.py\", line 646, in install\n **kwargs\n File \"/usr/local/lib/python2.7/dist-packages/pip/req/req_install.py\", line 803, in install\n self.move_wheel_files(self.source_dir, root=root)\n File \"/usr/local/lib/python2.7/dist-packages/pip/req/req_install.py\", line 998, in move_wheel_files\n isolated=self.isolated,\n File \"/usr/local/lib/python2.7/dist-packages/pip/wheel.py\", line 339, in move_wheel_files\n clobber(source, lib_dir, True)\n File \"/usr/local/lib/python2.7/dist-packages/pip/wheel.py\", line 310, in clobber\n ensure_dir(destdir)\n File \"/usr/local/lib/python2.7/dist-packages/pip/utils/__init__.py\", line 71, in ensure_dir\n os.makedirs(path)\n File \"/usr/lib/python2.7/os.py\", line 157, in makedirs\n mkdir(name, mode)\nOSError: [Errno 13] Permission denied: '/usr/local/lib/python2.7/dist-packages/passlib'\n"}
这基本上是一个permission denied
。所以它没有使用sudo运行命令。正如我尝试sudo pip install passlib
,它的工作原理。
即使我使用-k
运行并输入sudo密码,它也不起作用。请注意,surfer190
用户需要密码才能sudo。
我在做什么错?
答
因此,它看起来像你需要的最低配置为:
---
- hosts: localhost
become: yes
become_user: "{{ sudo_user }}"
connection: local
vars_files:
- vars/main.yml
roles:
- ...
所以become_user
需要是可以须藤没有通,我认为用户。 如果没有become_user
它将失败:
failed: [localhost] => (item=passlib) => {"failed": true, "item": "passlib", "parsed": false}
[sudo via ansible, key=sgidbrejgqoibeozxncyhixnwsukxjbe] password:
答
添加“须藤:是”安装dopy任务
- name: make sure everything is installed
apt: name={{item}} state=installed
with_items:
- python-apt
- python-pycurl
- python-pip
- python-setuptools
- name: Install dopy
pip: name={{ item }}
with_items:
- virtualenv
- dopy
- passlib
sudo: yes
如果您发现该剧本的执行,同时执行任务挂起,那么很可能是对须藤passoword ansible等待,但没有你可以输入密码的方式。有办法解决这个问题。更新以下指定部分位于你的sudoers文件“的/ etc/sudoers文件”
# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL
yourusername ALL=NOPASSWD: ALL
要小心,在编辑/ etc/sudoers文件,具有不正确的项可能会阻止您以后再登录到服务器。
你在哪个操作系统? '/ usr/local'并不总是拥有root权限。 – cel
对我来说,运行'GNU/Linux''Ubuntu 14.04' – surfer190
@ surfer190你尝试过'become_method'吗? – frank