问题描述
我正在使用ansible剧本(可使用2.9版)通过wp-cli工具安装wordpress。
这是剧本:
- name: Create wordpress database
MysqL_db: name="{{ db_name }}"
state=present
login_user=root
login_password="{{ MysqL_root_password }}"
- name: Create wordpress DB user and grant permissions to wordpress DB
MysqL_user: name="{{ db_user }}"
password="{{ db_pwd }}"
priv="{{ db_name }}.*:ALL"
state=present
login_user="root"
login_password="{{ MysqL_root_password }}"
- name: Is wordpress downloaded?
stat: path="/var/www/{{ domain_name }}/html/index.PHP"
register: wp_dir
- name: Download wordpress
command: wp core download
args:
chdir: "/var/www/{{ domain_name }}/html/"
remote_user: "{{ web_user }}"
when: wp_dir.stat.isdir is not defined
- name: Configure wordpress
command: wp core config
--path="/var/www/{{ domain_name }}/html"
--dbname="{{ db_name }}"
--dbuser="{{ db_user }}"
--dbpass="{{ db_pwd }}"
--dbprefix="{{ db_prefix }}"
remote_user: "{{ web_user }}"
when: wp_dir.stat.isdir is not defined
- name: Is wordpress installed?
command: wp core is-installed
args:
chdir: "/var/www/{{ domain_name }}/html/"
register: wordpress_is_installed
ignore_errors: True
remote_user: "{{ web_user }}"
- name: Install wordpress tables
command: wp core install
--url="{{ wp_home_url }}"
--title="{{ wp_site_title }}"
--admin_user="{{ wp_admin_user }}"
--admin_password="{{ wp_admin_pwd }}"
--admin_email="{{ wp_admin_email }}"
args:
chdir: "/var/www/{{ domain_name }}/html/"
when: wordpress_is_installed|Failed
remote_user: "{{ web_user }}"
“错误:YIKES!您似乎是以root身份运行此文件。您可能打算以wordpress安装所在的用户身份运行它。”
我以sudo用户(主机文件中的“ ansible_user”)运行剧本。而且我还设置了一个额外的用户来管理wordpress设置(remote_user:“ {{web_user}}”)。
任何帮助将不胜感激!
解决方法
在任务中,您需要使用become和become_user代替remote_user,如下所示:
- name: Download WordPress
command: wp core download
args:
chdir: "/var/www/{{ domain_name }}/html/"
become: yes
become_user: "{{ web_user }}"
when: wp_dir.stat.isdir is not defined
现在运行相同代码时出现不同的错误:
FAILED! => {"msg": "Failed to set permissions on the temporary files Ansible needs to create when becoming an unprivileged user (rc: 1,err: chown: changing ownership of '/var/tmp/ansible-tmp-1613648876.307028-8235-221563540981220/': Operation not permitted\nchown: changing ownership of '/var/tmp/ansible-tmp-1613648876.307028-8235-221563540981220/AnsiballZ_command.py': Operation not permitted\n}). For information on working around this,see https://docs.ansible.com/ansible/become.html#becoming-an-unprivileged-user"}
我将 Ansible 更新到最新可用版本 (2.10)。
到目前为止我发现的唯一解决方案是将 allow_world_readable_tmpfiles = Yes 添加到 ansible.cfg 文件...
有什么想法吗?
谢谢