Comments (14)
My team is seeing the same error in our workflow on Ubuntu 18.04. For our use-case, the role executes successfully on a new host, but additional configuration code is changing permissions that is causing the above error on a subsequent run if the installed packages have been changed in any way.
Would it be possible to somehow allow the user of the role to specify to not override become_user
with ansible_user
for installing the necessary packages? For us the error goes away if become_user
is still root
. Connecting as root
is not an option for us.
from ansible-role-bootstrap.
I can confirm that I am also seeing the "This command has to be run under the root user." issue for python3 and sudo on bento/centos-8 and generic/rhel8 via vagrant+virtualbox when just having this role run on a brand new VM. I've tried multiple variations of become_user, become_method, become, bootstrap_user, etc
I keep hitting:
TASK [robertdebock.bootstrap : install bootstrap packages (package)] ***********
Tuesday 01 February 2022 12:07:34 -0600 (0:00:01.214) 0:00:03.702 ******
failed: [vagrant-centos8-starter-role] (item=python3) => changed=false
ansible_loop_var: item
item: python3
msg: This command has to be run under the root user.
results: []
failed: [vagrant-centos8-starter-role] (item=sudo) => changed=false
ansible_loop_var: item
item: sudo
msg: This command has to be run under the root user.
results: []
Edit: I should add this works fine on bento/centos-7
Edit 2: Rolled back to version 5.2.3 and that seems to work fine
from ansible-role-bootstrap.
@robertdebock Nope, it did not. c7cc6d4 Broke it again. I reverted your changes and it fixed it.
from ansible-role-bootstrap.
I'll have a look, sorry for the issue, thanks for the feedback.
from ansible-role-bootstrap.
About the xrdp role; you can prepare a system with the roles listed in the README.md, but you can also prepare a system differently. Most people do prepare a system differently, that's why almost no role use dependencies:
in meta/main.yml
.
About the issue reported; I can't reproduce it. Can I ask you to show me the playbook and variables applicable to reproduce the issue?
Regards, Robert.
from ansible-role-bootstrap.
And; was there ever a version of this role that has worked for you?
from ansible-role-bootstrap.
I'm able to reproduce with a Vagrant environment using the same play configuration from molecule/converge.yml
vagrant init ubuntu/bionic
vagrant up
ansible-playbook -i '127.0.0.1:2200,' --private-key ./.vagrant/machines/default/virtualbox/private_key -b -u vagrant play.yml
It seems like #53 is a related issue, the issue being that your have to be root
to install packages, but the install bootstrap packages (package)
is becoming the remote user. It seems like since the role assumes that sudo
is not available, you have to run as root.
from ansible-role-bootstrap.
Edit: My scenario was a bit different. I had disabled the root
account at (Fedora) installation.
Workaround: enable the root
account, but disable ssh login. So become
uses the sudo
method.
And; was there ever a version of this role that has worked for you?
The golden question! I always suspect selinux... I'm getting this on a fresh Fedora 35 server:
TASK [robertdebock.bootstrap : install bootstrap packages (package)] *********************************************************************************************
failed: [localhost] (item=python3) => {"ansible_loop_var": "item", "changed": false, "item": "python3", "msg": "This command has to be run under the root user.", "results": []}
failed: [localhost] (item=sudo) => {"ansible_loop_var": "item", "changed": false, "item": "sudo", "msg": "This command has to be run under the root user.", "results": []}
from ansible-role-bootstrap.
I'm able to reproduce with a Vagrant environment
Me too. Used the robertdebock.development_environment collection the Vagrant.libvirt with fedora-35.
A workarround was to explicit set become_user to root.
https://github.com/robertdebock/ansible-role-bootstrap/blob/master/tasks/main.yml#L67
from ansible-role-bootstrap.
The difference between master
and 5.2.3
is mostly:
5.2.3 (Working)
vars:
ansible_user: "{{ bootstrap_ansible_user | default(omit) }}"
latest (Broken)
become: yes
become_user: "{{ bootstrap_ansible_user | default(bootstrap_user) }}"
Let me revert that part.
It's difficult to automatically test this; the containers I use are root by default.
from ansible-role-bootstrap.
It's difficult to automatically test this; the containers I use are root by default.
It would make sense to have a specialized Dockerfiles.j2 file for the molecule scenarios to adapt to the vagrant-libvirt based images with a non-priviledged-user. I use it quite frequently in that way to test roles. Was one of the first things I did when testing your roles - switching to official centos/almalinux images which are enhanced and prepared by the molecule docker driver on the fly and even the reuse of already build images ( cached ) works.
see for details:
https://molecule.readthedocs.io/en/latest/examples.html#docker-with-non-privileged-user
from ansible-role-bootstrap.
With version 6.0.0 (released yesterday) this issue should be resolved. Thanks all for helping!
from ansible-role-bootstrap.
Can also confirm on Alma Linux 8
failed: [almalinux8.examle.com] (item=python3) => {"ansible_loop_var": "item", "changed": false, "item": "python3", "msg": "This command has to be run under the root user.", "results": []}
from ansible-role-bootstrap.
This is still broken for RHEL 8. Seems to work fine for CentOS 7 for some reason?
from ansible-role-bootstrap.
Related Issues (20)
- "test if bootstrap_wait_for_host is set correctly" fails HOT 9
- running bootstrap against centos8 fails with "The conditional check 'bootstrap_wait_for_host is boolean' failed" HOT 2
- Error executing on Ubuntu 20.04.1 LTS HOT 7
- OpenSUSE stumbling on python3 HOT 1
- Error on Ubuntu 20.04 - "ERROR! this task 'ansible.builtin.include_tasks' has extra params" HOT 2
- This role is incompatible with ansible 4.0.0 HOT 1
- A system managed by ansible can be Windows or Darwin HOT 1
- Alpine support HOT 12
- Can the bootstrap_user log in without being root? HOT 2
- Impossible to install any package excepting when I am root user. HOT 2
- Unable to bootstrap Ubuntu hirsute HOT 2
- Execution failed: No package matching 'gnupg' is available HOT 2
- At least allow non root bootstrap - root bootstrap default but with override flag HOT 1
- ansible connection local fo Vagrant testing
- install bootstrap packages mkstemp (13: Permission denied) HOT 6
- Alma 8 Failing Bootstrap install bootstrap packages (package)
- Version 5.2.3 is currently unavailable from Ansible Galaxy? HOT 3
- Unable to install latest galaxy version 6.1.2 HOT 3
- README Galaxy role downloads badge fix HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ansible-role-bootstrap.