Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Variable set to 0755 in a list gets interpreted as 493 (mode must be in octal or symbolic form) #31952

Closed
ahuffman opened this issue Oct 19, 2017 · 3 comments
Closed

Variable set to 0755 in a list gets interpreted as 493 (mode must be in octal or symbolic form) #31952

ahuffman opened this issue Oct 19, 2017 · 3 comments
Labels
affects_2.3 This issue/PR affects Ansible v2.3 bug This issue/PR relates to a bug. support:core This issue/PR relates to code supported by the Ansible Engineering Team.

Comments

@ahuffman
Copy link
Contributor

ISSUE TYPE
  • Bug Report
  • Feature Idea
  • Documentation Report
COMPONENT NAME

ansible-playbook

ANSIBLE VERSION
ansible 2.3.1.0
  config file = /etc/ansible/ansible.cfg
  configured module search path = Default w/o overrides
  python version = 2.7.5 (default, May  3 2017, 07:55:04) [GCC 4.8.5 20150623 (Red Hat 4.8.5-14)]
CONFIGURATION

host_key_checking = False

OS / ENVIRONMENT

Ansible control server: Red Hat Enterprise Linux Server release 7.4 (Maipo)
Node: Red Hat Enterprise Linux Server release 7.4 (Maipo)

SUMMARY

I have a variable that is a list. Within that list I have a a value called mount_mode set to 0755. When iterating through the list in a loop (with_items) the 0755 value gets interpreted as 493. The only work-around I found is to wrap the 0755 with single-quotes. If I place a variable outside of the list called mode with value 0755 and refer to it in the loop, the 0755 gets interpreted properly without single-quotes.

STEPS TO REPRODUCE
- hosts: servers
  vars:
    lvm_lvs:
      - name: Data Volume
        vg: vg_myvg1
        lv: lv_data
        size: 25g
        mount: /data/mydata
        mount_owner: root
        mount_group: root
        mount_mode: 0755
        mount_dump: 1
        mount_passno: 2
        mount_opts: defaults
        fstype: xfs
  roles:
    - { role: lvm }
#Set permissions on mount points
- name: Ensure mount point has desired permissions
  file:
    path: "{{ item.mount }}"
    owner: "{{ item.mount_owner }}"
    group: "{{ item.mount_group }}"
    mode: "{{ item.mount_mode }}"
  with_items: "{{ lvm_lvs }}"
EXPECTED RESULTS

{{ item.mount_mode }} should be interpreted as 0755, but instead it gets interpreted as 493.

ACTUAL RESULTS
TASK [lvm : Ensure mount point has desired permissions] ****************************************************************************************************************
task path: /home/TESTNET/ap574009/rhel5-eol/migrate_9306/roles/lvm/tasks/main.yml:40
Using module file /usr/lib/python2.7/site-packages/ansible/modules/files/file.py
<rhel5_test7> ESTABLISH SSH CONNECTION FOR USER: ap574009
<rhel5_test7> SSH: EXEC sshpass -d12 ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o User=ap574009 -o ConnectTimeout=30 -o ControlPath=/home/TESTNET/ap574009/.ansible/cp/1049f838b2 rhel5_test7 '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
<rhel5_test7> (0, '/home/TESTNET/ap574009\n', 'OpenSSH_7.4p1, OpenSSL 1.0.1e-fips 11 Feb 2013\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 58: Applying options for *\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 4 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: done pid = 1655\r\ndebug3: mux_client_request_session: session request sent\r\ndebug1: mux_client_request_session: master session id: 2\r\ndebug3: mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received exit status from master 0\r\n')
<rhel5_test7> ESTABLISH SSH CONNECTION FOR USER: ap574009
<rhel5_test7> SSH: EXEC sshpass -d12 ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o User=ap574009 -o ConnectTimeout=30 -o ControlPath=/home/TESTNET/ap574009/.ansible/cp/1049f838b2 rhel5_test7 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo /home/TESTNET/ap574009/.ansible/tmp/ansible-tmp-1508446533.04-211671926774447 `" && echo ansible-tmp-1508446533.04-211671926774447="` echo /home/TESTNET/ap574009/.ansible/tmp/ansible-tmp-1508446533.04-211671926774447 `" ) && sleep 0'"'"''
<rhel5_test7> (0, 'ansible-tmp-1508446533.04-211671926774447=/home/TESTNET/ap574009/.ansible/tmp/ansible-tmp-1508446533.04-211671926774447\n', 'OpenSSH_7.4p1, OpenSSL 1.0.1e-fips 11 Feb 2013\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 58: Applying options for *\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 4 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: done pid = 1655\r\ndebug3: mux_client_request_session: session request sent\r\ndebug1: mux_client_request_session: master session id: 2\r\ndebug3: mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received exit status from master 0\r\n')
<rhel5_test7> PUT /tmp/tmptaK6vo TO /home/TESTNET/ap574009/.ansible/tmp/ansible-tmp-1508446533.04-211671926774447/file.py
<rhel5_test7> SSH: EXEC sshpass -d12 sftp -o BatchMode=no -b - -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o User=ap574009 -o ConnectTimeout=30 -o ControlPath=/home/TESTNET/ap574009/.ansible/cp/1049f838b2 '[rhel5_test7]'
<rhel5_test7> (0, 'sftp> put /tmp/tmptaK6vo /home/TESTNET/ap574009/.ansible/tmp/ansible-tmp-1508446533.04-211671926774447/file.py\n', 'OpenSSH_7.4p1, OpenSSL 1.0.1e-fips 11 Feb 2013\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 58: Applying options for *\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 4 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: done pid = 1655\r\ndebug3: mux_client_request_session: session request sent\r\ndebug1: mux_client_request_session: master session id: 2\r\ndebug2: Remote version: 3\r\ndebug2: Server supports extension "posix-rename@openssh.com" revision 1\r\ndebug2: Server supports extension "statvfs@openssh.com" revision 2\r\ndebug2: Server supports extension "fstatvfs@openssh.com" revision 2\r\ndebug2: Server supports extension "hardlink@openssh.com" revision 1\r\ndebug2: Server supports extension "fsync@openssh.com" revision 1\r\ndebug3: Sent message fd 6 T:16 I:1\r\ndebug3: SSH_FXP_REALPATH . -> /home/TESTNET/ap574009 size 0\r\ndebug3: Looking up /tmp/tmptaK6vo\r\ndebug3: Sent message fd 6 T:17 I:2\r\ndebug3: Received stat reply T:101 I:2\r\ndebug1: Couldn\'t stat remote file: No such file or directory\r\ndebug3: Sent message SSH2_FXP_OPEN I:3 P:/home/TESTNET/ap574009/.ansible/tmp/ansible-tmp-1508446533.04-211671926774447/file.py\r\ndebug3: Sent message SSH2_FXP_WRITE I:4 O:0 S:32768\r\ndebug3: SSH2_FXP_STATUS 0\r\ndebug3: In write loop, ack for 4 32768 bytes at 0\r\ndebug3: Sent message SSH2_FXP_WRITE I:5 O:32768 S:28758\r\ndebug3: SSH2_FXP_STATUS 0\r\ndebug3: In write loop, ack for 5 28758 bytes at 32768\r\ndebug3: Sent message SSH2_FXP_CLOSE I:4\r\ndebug3: SSH2_FXP_STATUS 0\r\ndebug3: mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received exit status from master 0\r\n')
<rhel5_test7> ESTABLISH SSH CONNECTION FOR USER: ap574009
<rhel5_test7> SSH: EXEC sshpass -d12 ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o User=ap574009 -o ConnectTimeout=30 -o ControlPath=/home/TESTNET/ap574009/.ansible/cp/1049f838b2 rhel5_test7 '/bin/sh -c '"'"'chmod u+x /home/TESTNET/ap574009/.ansible/tmp/ansible-tmp-1508446533.04-211671926774447/ /home/TESTNET/ap574009/.ansible/tmp/ansible-tmp-1508446533.04-211671926774447/file.py && sleep 0'"'"''
<rhel5_test7> (0, '', 'OpenSSH_7.4p1, OpenSSL 1.0.1e-fips 11 Feb 2013\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 58: Applying options for *\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 4 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: done pid = 1655\r\ndebug3: mux_client_request_session: session request sent\r\ndebug1: mux_client_request_session: master session id: 2\r\ndebug3: mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received exit status from master 0\r\n')
<rhel5_test7> ESTABLISH SSH CONNECTION FOR USER: ap574009
<rhel5_test7> SSH: EXEC sshpass -d12 ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o User=ap574009 -o ConnectTimeout=30 -o ControlPath=/home/TESTNET/ap574009/.ansible/cp/1049f838b2 -tt rhel5_test7 '/bin/sh -c '"'"'sudo -H -S -n -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-pxllydjcdclgergkezgvynrsosfwocjq; /usr/bin/python /home/TESTNET/ap574009/.ansible/tmp/ansible-tmp-1508446533.04-211671926774447/file.py; rm -rf "/home/TESTNET/ap574009/.ansible/tmp/ansible-tmp-1508446533.04-211671926774447/" > /dev/null 2>&1'"'"'"'"'"'"'"'"' && sleep 0'"'"''
<rhel5_test7> (0, '\r\n{"group": "root", "uid": 0, "mode": "0755", "failed": true, "state": "directory", "gid": 0, "secontext": "system_u:object_r:unlabeled_t:s0", "details": "bad symbolic permission for mode: 493", "invocation": {"module_args": {"directory_mode": null, "force": false, "remote_src": null, "path": "/data/mydata", "owner": "root", "follow": false, "group": "root", "unsafe_writes": null, "state": null, "content": null, "serole": null, "diff_peek": null, "setype": null, "selevel": null, "original_basename": null, "regexp": null, "validate": null, "src": null, "seuser": null, "recurse": false, "delimiter": null, "mode": "493", "attributes": null, "backup": null}}, "owner": "root", "path": "/data/mydata", "size": 6, "msg": "mode must be in octal or symbolic form"}\r\n', 'OpenSSH_7.4p1, OpenSSL 1.0.1e-fips 11 Feb 2013\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 58: Applying options for *\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 4 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: done pid = 1655\r\ndebug3: mux_client_request_session: session request sent\r\ndebug1: mux_client_request_session: master session id: 2\r\ndebug3: mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received exit status from master 0\r\nShared connection to rhel5_test7 closed.\r\n')
Using module file /usr/lib/python2.7/site-packages/ansible/modules/files/file.py
<rhel5_test7> ESTABLISH SSH CONNECTION FOR USER: ap574009
<rhel5_test7> SSH: EXEC sshpass -d12 ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o User=ap574009 -o ConnectTimeout=30 -o ControlPath=/home/TESTNET/ap574009/.ansible/cp/1049f838b2 rhel5_test7 '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
failed: [rhel5_test7] (item={u'name': u'Data Volume', u'vg': u'vg_myvg1', u'mount_group': u'root', u'mount': u'/data/mydata', u'fstype': u'xfs', u'lv': u'lv_data', u'mount_owner': u'root', u'mount_mode': 493, u'mount_dump': 1, u'mount_passno': 2, u'mount_opts': u'defaults', u'size': u'25g'}) => {
    "details": "bad symbolic permission for mode: 493",
    "failed": true,
    "gid": 0,
    "group": "root",
    "invocation": {
        "module_args": {
            "attributes": null,
            "backup": null,
            "content": null,
            "delimiter": null,
            "diff_peek": null,
            "directory_mode": null,
            "follow": false,
            "force": false,
            "group": "root",
            "mode": "493",
            "original_basename": null,
            "owner": "root",
            "path": "/data/mydata",
            "recurse": false,
            "regexp": null,
            "remote_src": null,
            "selevel": null,
            "serole": null,
            "setype": null,
            "seuser": null,
            "src": null,
            "state": null,
            "unsafe_writes": null,
            "validate": null
        }
    },
    "item": {
        "fstype": "xfs",
        "lv": "lv_data",
        "mount": "/data/mydata",
        "mount_dump": 1,
        "mount_group": "root",
        "mount_mode": 493,
        "mount_opts": "defaults",
        "mount_owner": "root",
        "mount_passno": 2,
        "name": "Data Volume",
        "size": "25g",
        "vg": "vg_myvg1"
    },
    "mode": "0755",
    "msg": "mode must be in octal or symbolic form",
    "owner": "root",
    "path": "/data/mydata",
    "secontext": "system_u:object_r:unlabeled_t:s0",
    "size": 6,
    "state": "directory",
    "uid": 0
}
@ansibot ansibot added affects_2.3 This issue/PR affects Ansible v2.3 bug_report needs_triage Needs a first human triage before being processed. support:core This issue/PR relates to code supported by the Ansible Engineering Team. labels Oct 19, 2017
@sivel
Copy link
Member

sivel commented Oct 19, 2017
edited

The problem is that you define as an octal first, which is good, however pyyaml converts that to an int, which is ok too. But later when you use "{ item.mount_mode }}" that value is then converted to a string of "493". Python assumes that string values are octals, so you are now getting into a problem.

You should start off just quoting the mode to make it "0755" and things should just work.

@ahuffman
Copy link
Contributor Author

@sivel I discovered by trial and error that quoting the value fixes the problem. What I don't understand is that if I set a variable called mode: 0755 outside of the list and then reference it in the loop it does not have the same issue. The loop would then look like:

#Set permissions on mount points
- name: Ensure mount point has desired permissions
  file:
    path: "{{ item.mount }}"
    owner: "{{ item.mount_owner }}"
    group: "{{ item.mount_group }}"
    mode: "{{ mode }}"
  with_items: "{{ lvm_lvs }}"

@sivel
Copy link
Member

sivel commented Oct 19, 2017

It's indeed a complicated issue, and one we are actively working on trying to solve (pallets/jinja#708)

The short of the problem, is that jinja (the templating language/module we use) only has the ability to return strings. We can sometimes get around that and make inferences, but not always.

When that variable is part of the list/array that you are looping over in with_items you are sending it through jinja templating again, and our ability to infer the type is unreliable.

If you have further questions please stop by IRC or the mailing list:

@sivel sivel closed this as completed Oct 19, 2017
@mkrizek mkrizek removed the needs_triage Needs a first human triage before being processed. label Oct 20, 2017
@sivel sivel mentioned this issue Oct 31, 2017
Closed
@ansibot ansibot added bug This issue/PR relates to a bug. and removed bug_report labels Mar 7, 2018
@mohag mohag mentioned this issue Jul 10, 2018
Closed
gozer-gerrit pushed a commit to ArdanaCLM/nova-ansible that referenced this issue Aug 6, 2018
Bypass setting hugepage directory file permissions (bsc#1092431)
915f9b6 
There seems to be a defect/problem in ansible which
prevents it from using the mode option in the file module.
A quick search on "mode must be in octal or symbolic form"
turn up examples like:

ansible/ansible#31952

The "mode" option is not required at
thispoint in the installation (nova deployment),
because the directory already has the correct mode
from os-config section of the installation. Thus
setting the hugepage directories file permissions
can be bypassed.

Change-Id: Ie19c5b655ad61ccbfba28ff8f0ad7c462e6b573b
@ansible ansible locked and limited conversation to collaborators Apr 26, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
affects_2.3 This issue/PR affects Ansible v2.3 bug This issue/PR relates to a bug. support:core This issue/PR relates to code supported by the Ansible Engineering Team.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@sivel @mkrizek @ahuffman @ansibot