Мобильная версия В настоящее время я использую RHEL-System-Roles-1.23.0-2.21.el8.noarch, несмотря на мои усилия, роль всегда пытается установить брандмауэр.
Это кажется, что Ansible_facts не очень хороший путь к моему include_role. Если брандмалд не используется, роль будет установлена (если не будет установлена), разоблачить и включить FireWalld. />https://github.com/linux-system-roles/f ... ymlобразно PrettyPrint-Override "> - name: Gather only required firewall facts
setup:
gather_subset:
- '!all'
- '!min'
- python_version
- service_mgr
- name: Mock package
set_fact:
__firewall_packages_base: []
- name: Include firewall role
include_role:
name: redhat.rhel_system_roles.firewall
vars:
firewall:
- service: ssh
state: enabled
Я подумал о переоценке роли вручную, добавив переменную, чтобы пропустить задачу установить брандмауэр. /> TASK [firewall : Ensure ansible_facts used by role] ***************************************************************************************************************
task path: /usr/share/ansible/collections/ansible_collections/redhat/rhel_system_roles/roles/firewall/tasks/firewalld.yml:2
skipping: [localhost] => {
"changed": false,
"skip_reason": "Conditional result was False"
}
TASK [firewall : Check if system is ostree]
ok: [localhost] => {
"changed": false,
"invocation": {
"module_args": {
"checksum_algorithm": "sha1",
"follow": false,
"get_attributes": true,
"get_checksum": true,
"get_md5": false,
"get_mime": true,
"path": "/run/ostree-booted"
}
},
"stat": {
"exists": false
}
}
TASK [firewall : Set flag to indicate system is ostree] ***********************************************************************************************************
task path: /usr/share/ansible/collections/ansible_collections/redhat/rhel_system_roles/roles/firewall/tasks/firewalld.yml:15
ok: [localhost] => {
"ansible_facts": {
"__firewall_is_ostree": false
},
"changed": false
}
TASK [firewall : Install firewalld] *******************************************************************************************************************************
task path: /usr/share/ansible/collections/ansible_collections/redhat/rhel_system_roles/roles/firewall/tasks/firewalld.yml:19
Running dnf
ESTABLISH LOCAL CONNECTION FOR USER: exploit
EXEC /bin/sh -c 'echo ~exploit && sleep 0'
EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/exploit/.ansible/tmp/ansible-tmp-1746175176.850642-7862754315108 `" && echo ansible-tmp-1746175176.850642-7862754315108="` echo /home/exploit/.ansible/tmp/ansible-tmp-1746175176.850642-7862754315108 `" ) && sleep 0'
Using module file /opt/ansible_venv/lib/python3.6/site-packages/ansible/modules/packaging/os/dnf.py
PUT /home/exploit/.ansible/tmp/ansible-local-3738394t7btox0_/tmpxog9lekc TO /home/exploit/.ansible/tmp/ansible-tmp-1746175176.850642-7862754315108/AnsiballZ_dnf.py
EXEC /bin/sh -c 'chmod u+x /home/exploit/.ansible/tmp/ansible-tmp-1746175176.850642-7862754315108/ /home/exploit/.ansible/tmp/ansible-tmp-1746175176.850642-7862754315108/AnsiballZ_dnf.py && sleep 0'
EXEC /bin/sh -c 'sudo -H -S -p "[sudo via ansible, key=mjanqipehlfiikdfmahfqildjkdewgkh] password:" -u root /bin/sh -c '"'"'echo BECOME-SUCCESS-mjanqipehlfiikdfmahfqildjkdewgkh ; /usr/libexec/platform-python /home/exploit/.ansible/tmp/ansible-tmp-1746175176.850642-7862754315108/AnsiballZ_dnf.py'"'"' && sleep 0'
EXEC /bin/sh -c 'rm -f -r /home/exploit/.ansible/tmp/ansible-tmp-1746175176.850642-7862754315108/ > /dev/null 2>&1 && sleep 0'
The full traceback is:
File "/tmp/ansible_dnf_payload_y1gkrn9h/ansible_dnf_payload.zip/ansible/modules/packaging/os/dnf.py", line 649, in _base
File "/usr/lib/python3.6/site-packages/dnf/base.py", line 400, in fill_sack
self._add_repo_to_sack(r)
File "/usr/lib/python3.6/site-packages/dnf/base.py", line 140, in _add_repo_to_sack
repo.load()
File "/usr/lib/python3.6/site-packages/dnf/repo.py", line 580, in load
raise dnf.exceptions.RepoError(str(e))
fatal: [localhost]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"allow_downgrade": false,
"autoremove": false,
"bugfix": false,
"conf_file": null,
"disable_excludes": null,
"disable_gpg_check": false,
"disable_plugin": [],
"disablerepo": [],
"download_dir": null,
"download_only": false,
"enable_plugin": [],
"enablerepo": [],
"exclude": [],
"install_repoquery": true,
"install_weak_deps": true,
"installroot": "/",
"list": null,
"lock_timeout": 30,
"name": [],
"releasever": null,
"security": false,
"skip_broken": false,
"state": "present",
"update_cache": false,
"update_only": false,
"validate_certs": true
}
},
"msg": "Failed to download metadata for repo 'appstream_local': Cannot download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried",
"rc": 1,
"results": []
}
Подробнее здесь: https://stackoverflow.com/questions/796 ... -firewalld
Ansible Rhel-System-Roles-FireWalld всегда пытается установить брандмалд ⇐ Linux
-
- Похожие темы
- Ответы
- Просмотры
- Последнее сообщение
-
-
Ansible не может найти nodejs и npm, установленные с помощью FNM на Linux-сервере RHEL
Anonymous » » в форуме Linux - 0 Ответы
- 38 Просмотры
-
Последнее сообщение Anonymous
-
