将文件复制到远程服务器但位于属于其他用户的目录中?

本文介绍了将文件复制到远程服务器但位于属于其他用户的目录中?的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我正在编写 ansible playbook，它将我的 tasks.tar.gz 文件复制到远程服务器并将其解压缩到远程服务器上的特定目录中.

I am working on an ansible playbook which copies my tasks.tar.gz file to remote servers and uncompress it into a particular directory on remote servers.

我在 machineA 上以用户 david 运行我的剧本，所以我从 machineA 添加了 david 用户的公钥> 到所有远程服务器的 authorized_key 文件，以便我无需输入密码就可以 ssh，因为我想无密码地运行我的 ansible playbook.

I am running my playbook on machineA as user david so I added public key of david user from machineA to all the remote servers authorized_key file so that I can ssh without typing my password because I want to run my ansible playbook passwordless.

---
- hosts: ALL
  serial: 3
  tasks:
      - name: copy and untar latest tasks.tar.gz file
        unarchive: src=tasks.tar.gz dest=/data/files/tasks/

      - name: sleep for few seconds
        pause: seconds=20

现在我遇到的问题是因为远程服务器上的这个/data/files/tasks/"目录属于其他用户(goldy)所以它不能复制和解压缩tasks.tar.gz 文件，因为我想我以 david 用户身份运行我的剧本.

Now problem I am having is since this "/data/files/tasks/" directory on remote servers belongs to some other user (goldy) so it can't copy and uncompress tasks.tar.gz file because I am running my playbook as david user I guess.

ansible-playbook -e 'host_key_checking=False' test2.yml

我想以无密码用户 david 的身份运行我的 ansible playbook，但它应该能够将文件复制到属于用户 goldy 的目录中的所有远程服务器.我尝试使用 become 和 become_user 但它对我不起作用.还有什么我需要做的吗?

I want to run my ansible playbook as user david passwordless but it should be able to copy files into all the remote servers in a directory which belongs to user goldy. I tried playing with become and become_user but it didn't worked for me. Is there anything else I need to do?

  - name: copy and untar latest tasks.tar.gz file
    unarchive: src=tasks.tar.gz dest=/data/files/tasks/
    become: true
    become_user: goldy
    become_method: sudo

这是我得到的错误:

"msg": "Failed to set permissions on the temporary files Ansible needs to create when becoming an unprivileged user (rc: 1, err: chown: changing ownership of ‘/tmp/ansible-tmp-1518323151.21-195554555527544/’: Operation not permitted\nchown: changing ownership of ‘/tmp/ansible-tmp-1518323151.21-195554555527544/stat.py’: Operation not permitted\n}).

推荐答案

既然您暗示已为连接用户 david 配置了 sudo，那么您可以做的最简单的事情就是使用提升的权限来复制文件并通过 unarchive 模块的 owner 参数将其所有权设置为 goldy:

Since you hint on having sudo configured for your connecting user david, the simplest thing you can do is use elevated permissions to copy the file and set its an ownership to goldy through owner parameter of the unarchive module:

- name: copy and untar latest tasks.tar.gz file
  unarchive:
    src: tasks.tar.gz
    dest: /data/files/tasks/
    owner: goldy
  become: true

关于如何配置 sudoers 以允许代表 root 以外的用户执行命令的问题，您需要了解 sudo 和 sudoers 实际工作(参见手册).

For the question of how to configure sudoers to allow for executing commands on behalf of a user other than root, you need to learn how sudo and sudoers actually work (see the manual).

这篇关于将文件复制到远程服务器但位于属于其他用户的目录中?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！