Мобильная версия В настоящее время я использую RHEL-System-Roles-1.23.0-2.21.el8.noarch, несмотря на мои усилия, роль всегда пытается установить брандмауэр.
Это кажется, что Ansible_facts не очень хороший путь к моему include_role. Если брандмалд не используется, роль будет установлена (если не будет установлена), разоблачить и включить FireWalld. />https://github.com/linux-system-roles/f ... ymlобразно PrettyPrint-Override "> - name: Gather only required firewall facts
setup:
gather_subset:
- '!all'
- '!min'
- python_version
- service_mgr
- name: Mock package
set_fact:
__firewall_packages_base: []
- name: Include firewall role
include_role:
name: redhat.rhel_system_roles.firewall
vars:
firewall:
- service: ssh
state: enabled
Я подумал о переоценке роли вручную, добавив переменную, чтобы пропустить задачу установить брандмауэр. /> TASK [firewall : Ensure ansible_facts used by role] ***************************************************************************************************************
task path: /usr/share/ansible/collections/ansible_collections/redhat/rhel_system_roles/roles/firewall/tasks/firewalld.yml:2
skipping: [localhost] => {
"changed": false,
"skip_reason": "Conditional result was False"
}
TASK [firewall : Check if system is ostree]
ok: [localhost] => {
"changed": false,
"invocation": {
"module_args": {
"checksum_algorithm": "sha1",
"follow": false,
"get_attributes": true,
"get_checksum": true,
"get_md5": false,
"get_mime": true,
"path": "/run/ostree-booted"
}
},
"stat": {
"exists": false
}
}
TASK [firewall : Set flag to indicate system is ostree] ***********************************************************************************************************
task path: /usr/share/ansible/collections/ansible_collections/redhat/rhel_system_roles/roles/firewall/tasks/firewalld.yml:15
ok: [localhost] => {
"ansible_facts": {
"__firewall_is_ostree": false
},
"changed": false
}
TASK [firewall : Install firewalld] *******************************************************************************************************************************
task path: /usr/share/ansible/collections/ansible_collections/redhat/rhel_system_roles/roles/firewall/tasks/firewalld.yml:19
Running dnf
ESTABLISH LOCAL CONNECTION FOR USER: exploit
EXEC /bin/sh -c 'echo ~exploit && sleep 0'
EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/exploit/.ansible/tmp/ansible-tmp-1746175176.850642-7862754315108 `" && echo ansible-tmp-1746175176.850642-7862754315108="` echo /home/exploit/.ansible/tmp/ansible-tmp-1746175176.850642-7862754315108 `" ) && sleep 0'
Using module file /opt/ansible_venv/lib/python3.6/site-packages/ansible/modules/packaging/os/dnf.py
PUT /home/exploit/.ansible/tmp/ansible-local-3738394t7btox0_/tmpxog9lekc TO /home/exploit/.ansible/tmp/ansible-tmp-1746175176.850642-7862754315108/AnsiballZ_dnf.py
EXEC /bin/sh -c 'chmod u+x /home/exploit/.ansible/tmp/ansible-tmp-1746175176.850642-7862754315108/ /home/exploit/.ansible/tmp/ansible-tmp-1746175176.850642-7862754315108/AnsiballZ_dnf.py && sleep 0'
EXEC /bin/sh -c 'sudo -H -S -p "[sudo via ansible, key=mjanqipehlfiikdfmahfqildjkdewgkh] password:" -u root /bin/sh -c '"'"'echo BECOME-SUCCESS-mjanqipehlfiikdfmahfqildjkdewgkh ; /usr/libexec/platform-python /home/exploit/.ansible/tmp/ansible-tmp-1746175176.850642-7862754315108/AnsiballZ_dnf.py'"'"' && sleep 0'
EXEC /bin/sh -c 'rm -f -r /home/exploit/.ansible/tmp/ansible-tmp-1746175176.850642-7862754315108/ > /dev/null 2>&1 && sleep 0'
The full traceback is:
File "/tmp/ansible_dnf_payload_y1gkrn9h/ansible_dnf_payload.zip/ansible/modules/packaging/os/dnf.py", line 649, in _base
File "/usr/lib/python3.6/site-packages/dnf/base.py", line 400, in fill_sack
self._add_repo_to_sack(r)
File "/usr/lib/python3.6/site-packages/dnf/base.py", line 140, in _add_repo_to_sack
repo.load()
File "/usr/lib/python3.6/site-packages/dnf/repo.py", line 580, in load
raise dnf.exceptions.RepoError(str(e))
fatal: [localhost]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"allow_downgrade": false,
"autoremove": false,
"bugfix": false,
"conf_file": null,
"disable_excludes": null,
"disable_gpg_check": false,
"disable_plugin": [],
"disablerepo": [],
"download_dir": null,
"download_only": false,
"enable_plugin": [],
"enablerepo": [],
"exclude": [],
"install_repoquery": true,
"install_weak_deps": true,
"installroot": "/",
"list": null,
"lock_timeout": 30,
"name": [],
"releasever": null,
"security": false,
"skip_broken": false,
"state": "present",
"update_cache": false,
"update_only": false,
"validate_certs": true
}
},
"msg": "Failed to download metadata for repo 'appstream_local': Cannot download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried",
"rc": 1,
"results": []
}
Подробнее здесь: https://stackoverflow.com/questions/796 ... -firewalld
Ansible Rhel-System-Roles-FireWalld всегда пытается установить брандмалд ⇐ Linux
1746176003
Anonymous
В настоящее время я использую RHEL-System-Roles-1.23.0-2.21.el8.noarch, несмотря на мои усилия, роль всегда пытается установить брандмауэр.
Это кажется, что Ansible_facts не очень хороший путь к моему include_role. Если брандмалд не используется, роль будет установлена (если не будет установлена), разоблачить и включить FireWalld. />https://github.com/linux-system-roles/firewall/blob/1.7.5/tasks/firewalld.ymlобразно PrettyPrint-Override "> - name: Gather only required firewall facts
setup:
gather_subset:
- '!all'
- '!min'
- python_version
- service_mgr
- name: Mock package
set_fact:
__firewall_packages_base: []
- name: Include firewall role
include_role:
name: redhat.rhel_system_roles.firewall
vars:
firewall:
- service: ssh
state: enabled
Я подумал о переоценке роли вручную, добавив переменную, чтобы пропустить задачу установить брандмауэр. /> TASK [firewall : Ensure ansible_facts used by role] ***************************************************************************************************************
task path: /usr/share/ansible/collections/ansible_collections/redhat/rhel_system_roles/roles/firewall/tasks/firewalld.yml:2
skipping: [localhost] => {
"changed": false,
"skip_reason": "Conditional result was False"
}
TASK [firewall : Check if system is ostree]
ok: [localhost] => {
"changed": false,
"invocation": {
"module_args": {
"checksum_algorithm": "sha1",
"follow": false,
"get_attributes": true,
"get_checksum": true,
"get_md5": false,
"get_mime": true,
"path": "/run/ostree-booted"
}
},
"stat": {
"exists": false
}
}
TASK [firewall : Set flag to indicate system is ostree] ***********************************************************************************************************
task path: /usr/share/ansible/collections/ansible_collections/redhat/rhel_system_roles/roles/firewall/tasks/firewalld.yml:15
ok: [localhost] => {
"ansible_facts": {
"__firewall_is_ostree": false
},
"changed": false
}
TASK [firewall : Install firewalld] *******************************************************************************************************************************
task path: /usr/share/ansible/collections/ansible_collections/redhat/rhel_system_roles/roles/firewall/tasks/firewalld.yml:19
Running dnf
ESTABLISH LOCAL CONNECTION FOR USER: exploit
EXEC /bin/sh -c 'echo ~exploit && sleep 0'
EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/exploit/.ansible/tmp/ansible-tmp-1746175176.850642-7862754315108 `" && echo ansible-tmp-1746175176.850642-7862754315108="` echo /home/exploit/.ansible/tmp/ansible-tmp-1746175176.850642-7862754315108 `" ) && sleep 0'
Using module file /opt/ansible_venv/lib/python3.6/site-packages/ansible/modules/packaging/os/dnf.py
PUT /home/exploit/.ansible/tmp/ansible-local-3738394t7btox0_/tmpxog9lekc TO /home/exploit/.ansible/tmp/ansible-tmp-1746175176.850642-7862754315108/AnsiballZ_dnf.py
EXEC /bin/sh -c 'chmod u+x /home/exploit/.ansible/tmp/ansible-tmp-1746175176.850642-7862754315108/ /home/exploit/.ansible/tmp/ansible-tmp-1746175176.850642-7862754315108/AnsiballZ_dnf.py && sleep 0'
EXEC /bin/sh -c 'sudo -H -S -p "[sudo via ansible, key=mjanqipehlfiikdfmahfqildjkdewgkh] password:" -u root /bin/sh -c '"'"'echo BECOME-SUCCESS-mjanqipehlfiikdfmahfqildjkdewgkh ; /usr/libexec/platform-python /home/exploit/.ansible/tmp/ansible-tmp-1746175176.850642-7862754315108/AnsiballZ_dnf.py'"'"' && sleep 0'
EXEC /bin/sh -c 'rm -f -r /home/exploit/.ansible/tmp/ansible-tmp-1746175176.850642-7862754315108/ > /dev/null 2>&1 && sleep 0'
The full traceback is:
File "/tmp/ansible_dnf_payload_y1gkrn9h/ansible_dnf_payload.zip/ansible/modules/packaging/os/dnf.py", line 649, in _base
File "/usr/lib/python3.6/site-packages/dnf/base.py", line 400, in fill_sack
self._add_repo_to_sack(r)
File "/usr/lib/python3.6/site-packages/dnf/base.py", line 140, in _add_repo_to_sack
repo.load()
File "/usr/lib/python3.6/site-packages/dnf/repo.py", line 580, in load
raise dnf.exceptions.RepoError(str(e))
fatal: [localhost]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"allow_downgrade": false,
"autoremove": false,
"bugfix": false,
"conf_file": null,
"disable_excludes": null,
"disable_gpg_check": false,
"disable_plugin": [],
"disablerepo": [],
"download_dir": null,
"download_only": false,
"enable_plugin": [],
"enablerepo": [],
"exclude": [],
"install_repoquery": true,
"install_weak_deps": true,
"installroot": "/",
"list": null,
"lock_timeout": 30,
"name": [],
"releasever": null,
"security": false,
"skip_broken": false,
"state": "present",
"update_cache": false,
"update_only": false,
"validate_certs": true
}
},
"msg": "Failed to download metadata for repo 'appstream_local': Cannot download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried",
"rc": 1,
"results": []
}
Подробнее здесь: [url]https://stackoverflow.com/questions/79603057/ansible-rhel-system-roles-firewalld-always-trying-to-install-firewalld[/url]
Ответить
1 сообщение
• Страница 1 из 1
Перейти
- Кемерово-IT
- ↳ Javascript
- ↳ C#
- ↳ JAVA
- ↳ Elasticsearch aggregation
- ↳ Python
- ↳ Php
- ↳ Android
- ↳ Html
- ↳ Jquery
- ↳ C++
- ↳ IOS
- ↳ CSS
- ↳ Excel
- ↳ Linux
- ↳ Apache
- ↳ MySql
- Детский мир
- Для души
- ↳ Музыкальные инструменты даром
- ↳ Печатная продукция даром
- Внешняя красота и здоровье
- ↳ Одежда и обувь для взрослых даром
- ↳ Товары для здоровья
- ↳ Физкультура и спорт
- Техника - даром!
- ↳ Автомобилистам
- ↳ Компьютерная техника
- ↳ Плиты: газовые и электрические
- ↳ Холодильники
- ↳ Стиральные машины
- ↳ Телевизоры
- ↳ Телефоны, смартфоны, плашеты
- ↳ Швейные машинки
- ↳ Прочая электроника и техника
- ↳ Фототехника
- Ремонт и интерьер
- ↳ Стройматериалы, инструмент
- ↳ Мебель и предметы интерьера даром
- ↳ Cантехника
- Другие темы
- ↳ Разное даром
- ↳ Давай меняться!
- ↳ Отдам\возьму за копеечку
- ↳ Работа и подработка в Кемерове
- ↳ Давай с тобой поговорим...
