为什么Ansible不能像sudo用户那样运行Pip？

Question

我有一本确保所有要求都在本地安装的手册。我使用ansible 2.0.0

ansible-playbook site.yml -i staging 

site.yml：

--- 
    - hosts: localhost 
    become: yes 
    become_user: "{{ sudo_user }}" 
    connection: local 

    vars_files: 
     - vars/main.yml 

    roles: 
     - do 

sudo_user在瓦尔surfer190。

做/任务/ main.yml：

- name: make sure everything is installed 
    apt: name={{item}} state=installed 
    with_items: 
    - python-apt 
    - python-pycurl 
    - python-pip 
    - python-setuptools 

- name: Install dopy 
    pip: name={{ item }} 
    with_items: 
    - virtualenv 
    - dopy 
    - passlib 

我得到以下错误：

failed: [localhost] => (item=passlib) => {"cmd": "/usr/local/bin/pip install passlib", "failed": true, "invocation": {"module_args": {"name": "passlib"}, "module_name": "pip"}, "item": "passlib", "msg": "stdout: Collecting passlib\n Using cached passlib-1.6.5-py2.py3-none-any.whl\nInstalling collected packages: passlib\n\n:stderr: Exception:\nTraceback (most recent call last):\n File \"/usr/local/lib/python2.7/dist-packages/pip/basecommand.py\", line 211, in main\n status = self.run(options, args)\n File \"/usr/local/lib/python2.7/dist-packages/pip/commands/install.py\", line 311, in run\n root=options.root_path,\n File \"/usr/local/lib/python2.7/dist-packages/pip/req/req_set.py\", line 646, in install\n **kwargs\n File \"/usr/local/lib/python2.7/dist-packages/pip/req/req_install.py\", line 803, in install\n self.move_wheel_files(self.source_dir, root=root)\n File \"/usr/local/lib/python2.7/dist-packages/pip/req/req_install.py\", line 998, in move_wheel_files\n isolated=self.isolated,\n File \"/usr/local/lib/python2.7/dist-packages/pip/wheel.py\", line 339, in move_wheel_files\n clobber(source, lib_dir, True)\n File \"/usr/local/lib/python2.7/dist-packages/pip/wheel.py\", line 310, in clobber\n ensure_dir(destdir)\n File \"/usr/local/lib/python2.7/dist-packages/pip/utils/__init__.py\", line 71, in ensure_dir\n os.makedirs(path)\n File \"/usr/lib/python2.7/os.py\", line 157, in makedirs\n mkdir(name, mode)\nOSError: [Errno 13] Permission denied: '/usr/local/lib/python2.7/dist-packages/passlib'\n"} 

这基本上是一个permission denied。所以它没有使用sudo运行命令。正如我尝试sudo pip install passlib，它的工作原理。

即使我使用-k运行并输入sudo密码，它也不起作用。请注意，surfer190用户需要密码才能sudo。

我在做什么错？

Answer 1

因此，它看起来像你需要的最低配置为：

--- 
    - hosts: localhost 
    become: yes 
    become_user: "{{ sudo_user }}" 
    connection: local 

    vars_files: 
     - vars/main.yml 

    roles: 
     - ... 

所以become_user需要是可以须藤没有通，我认为用户。 如果没有become_user它将失败：

failed: [localhost] => (item=passlib) => {"failed": true, "item": "passlib", "parsed": false} 
[sudo via ansible, key=sgidbrejgqoibeozxncyhixnwsukxjbe] password: 

Answer 2

添加“须藤：是”安装dopy任务

- name: make sure everything is installed 
    apt: name={{item}} state=installed 
    with_items: 
    - python-apt 
    - python-pycurl 
    - python-pip 
    - python-setuptools 

- name: Install dopy 
    pip: name={{ item }} 
    with_items: 
    - virtualenv 
    - dopy 
    - passlib 
    sudo: yes 

如果您发现该剧本的执行，同时执行任务挂起，那么很可能是对须藤passoword ansible等待，但没有你可以输入密码的方式。有办法解决这个问题。更新以下指定部分位于你的sudoers文件“的/ etc/sudoers文件”

# Allow members of group sudo to execute any command 
%sudo ALL=(ALL:ALL) ALL 
yourusername ALL=NOPASSWD: ALL 

要小心，在编辑/ etc/sudoers文件，具有不正确的项可能会阻止您以后再登录到服务器。