Bug in 0.4: Playbook with non-root user play after a root-user play fails with permissions errors

I encountered the following today with ansible 0.4. Here’s a section of my playbook:

• hosts: dev

user: root
tasks:

• include: tasks/yum_common.yml

• include: tasks/cpan_common.yml

• include: tasks/users_common.yml

• hosts: dev

user: jbcsys
tasks:

• include: tasks/install_wordpress.yml

The first play runs fine, but I get the following error when the second play is being run:

PLAY [dev] ****************************

SETUP PHASE ****************************

fatal: [dev] => failed to parse: Traceback (most recent call last):

File “//home/jbcsys/.ansible/tmp/ansible.Zan2Lf/setup”, line 386, in

f = open(ansible_file, “w+”)

IOError: [Errno 13] Permission denied: u’/etc/ansible/setup’
/Traceback (most recent call last):

File “//home/jbcsys/.ansible/tmp/ansible.Zan2Lf/setup”, line 386, in

f = open(ansible_file, “w+”)

IOError: [Errno 13] Permission denied: u’/etc/ansible/setup’
/setup {
“branch”: “master”,
“db_host”: “dev”,
“group_names”: [
“ungrouped”
],
“inventory_hostname”: “dev”,
“ip_address”: “209.151.236.32”,
“jbcsysroot”: “/home/jbcsys/live”,
“metadata”: “/etc/ansible/setup”,
“package_state”: “latest”,
“www_hostname”: “dev”
}
fatal: [dev] => failed to parse: Traceback (most recent call last):

File “//home/jbcsys/.ansible/tmp/ansible.Zan2Lf/setup”, line 386, in

f = open(ansible_file, “w+”)

IOError: [Errno 13] Permission denied: u’/etc/ansible/setup’
/Traceback (most recent call last):

File “//home/jbcsys/.ansible/tmp/ansible.Zan2Lf/setup”, line 386, in

f = open(ansible_file, “w+”)

IOError: [Errno 13] Permission denied: u’/etc/ansible/setup’
/setup {
“branch”: “master”,
“db_host”: “dev”,
“group_names”: [
“ungrouped”
],
“inventory_hostname”: “dev”,
“ip_address”: “209.151.236.32”,
“jbcsysroot”: “/home/jbcsys/live”,
“metadata”: “/etc/ansible/setup”,
“package_state”: “latest”,
“www_hostname”: “dev”
}

TASK: [expand wordpress installs from extern/wordpress] *********

no hosts matched or remaining

[John again]

Interestingly, if I create a separate playbook that only contains that second play, I can run it with ansible-playbook without a problem. The issue appears to be specific to my attempting to run a play as a non-root user, after running a play against the same host as the root user in the same playbook. At least, that’s my interpretation of what I’m seeing.

It seems somewhat similar to this issue:

https://github.com/ansible/ansible/issues/353

…though I have the fix for that issue in my ansible code, and it is not helping in this case.

I can just use a workaround of using separate playbooks and wrapping them in a shell script, which I was doing already to workaround the issue with being unable to include playbooks within other playbooks. But it seems like the sort of thing that shouldn’t be happening.

I did some poking around to try to figure out more specifically what the problem was, but I’m not much of a python guy, and so far have not been able to track it down.

John

You're not showing the full playbook in this email so it's hard to say, but when not using the root user the code is *supposed* to not use /etc/ansible/setup as the metadata location.

If you can work the playbook down to the minimal example and paste it contiguously, that would be useful.

--Michael

Sorry about that. Here’s a minimal version with the full playbook that demonstrates the issue:

Thanks, that will be very useful. Please make sure this is filed in
github so we can keep track of open issues.

--Michael

I’ve created an issue now. See:

https://github.com/ansible/ansible/issues/440

Thanks.

John

Fixed on devel branch.

SETUP_CACHE wasn't being reset between plays.