ansible-middleware/keycloak

keycloak_quarkus: Permissions issue on controller-side install package

Closed this issue · 1 comments

aph3rson commented
SUMMARY

When installing onto a remote node, the locally-created ZIP file appears to be created as root.
It's unclear why this is the case - Ansible is not running as root on the controller node.

ISSUE TYPE
  • Bug Report
ANSIBLE VERSION
ansible [core 2.15.5]
  config file = None
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.10/dist-packages/ansible
  ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/local/bin/ansible
  python version = 3.10.12 (main, Jun 11 2023, 05:26:28) [GCC 11.4.0] (/usr/bin/python3)
  jinja version = 3.0.3
  libyaml = True
COLLECTION VERSION
# /home/ubuntu/.ansible/collections/ansible_collections
Collection                     Version
------------------------------ -------
community.general              7.5.0  
freeipa.ansible_freeipa        1.11.1 
middleware_automation.common   1.1.4  
middleware_automation.keycloak 1.3.0
STEPS TO REPRODUCE
- name: Provision Keycloak
  hosts: keycloak
  # We gather facts after our VM comes up
  gather_facts: false
  tasks:
    - name: Wait for SSH connectivity
      ansible.builtin.wait_for_connection:
    - name: Gathering Facts
      ansible.builtin.setup:
    - name: Install QEMU Guest Agent
      become: true
      ansible.builtin.yum:
        name:
          - qemu-guest-agent
    - name: Install Keycloak
      vars:
        keycloak_quarkus_admin_pass: "{{ lookup('ansible.builtin.password', hostvars.localhost.keycloak_dir.path + '/keycloak_admin_password') }}"
      ansible.builtin.include_role:
        name: middleware_automation.keycloak.keycloak_quarkus
EXPECTED RESULTS

I expected the installation to continue.

ACTUAL RESULTS

The installation fails, with a permissions issue on the locally-copied ZIP file.
The file itself is owned by root:root.

TASK [middleware_automation.keycloak.keycloak_quarkus : Copy archive to target nodes] ***
fatal: [keycloak]: FAILED! => {"msg": "an error occurred while trying to read the file '/home/ubuntu/keycloak-22.0.3.zip': [Errno 13] Permission denied: b'/home/ubuntu/keycloak-22.0.3.zip'. [Errno 13] Permission denied: b'/home/ubuntu/keycloak-22.0.3.zip'"}
guidograzioli commented

Hello and thanks for reporting; I tried to reproduce the problem several times, but the download was always owned by the user running the playbook on the controller host. Did you try to delete the file and re-run? Can you provide the output of the playbook up the error while passing -vvv to ansible-playbook?