Problem solved.
The ansible filesystem, containing all the playbooks, was mounted on mountpoint /ansible. /home/ansible/ansible was a symbolic link to /ansible.
We removed the symbolic link, unmounted the /ansible filesystem en changed the mountpoint of that filesystem to /home/ansible/ansible. After mounting the filesystem on the new mountpoint, everything is working as it should.
------------------------------
Philip Krab
------------------------------
Original Message:
Sent: Thu February 10, 2022 11:12 AM
From: Philip Krab
Subject: Running ansible-playbook as non-root failed
The directory, /ansible/base, is there. Otherwise the playbook won't run at all is my guess.
The user that is running the playbook is owner of the /ansible directory and all of the sub-directories of /ansible.
The become_user is root.
The python messages in my original post show up even before the playbook is being started.
------------------------------
Philip Krab
Original Message:
Sent: Thu February 10, 2022 09:23 AM
From: Stephen Ulmer
Subject: Running ansible-playbook as non-root failed
Is it possible that the current directory (the PWD from which you're running ansible-playbook) was deleted, or that either the running UID or the become_user doesn't have permission to stat that directory? Note that if you're using (or not using) "become" and you delegate_to: localhost, you're still going to switch (or not) UIDs unless you decorate that specific task with it's own "become:".
Maybe?
--
Stephen L. Ulmer
Enterprise Architect
Mainline Information Systems
(m) 352-870-8649
Original Message:
Sent: 2/10/2022 3:50:00 AM
From: Philip Krab
Subject: Running ansible-playbook as non-root failed
Hi all,
I recently migrated our AIX repository server (NIM and Toolbox) from AIX 7.2 to AIX 7.3. Curious as I was how Ansible would perform on the AIX platform, I installed ansible.noarch 2.9.14-1.
When running playbooks through the root user everything works fine. When running the same playbooks through a non-root user (ansible) I get the following error:
Traceback (most recent call last):
File "/usr/bin/ansible-playbook", line 62, in <module>
import ansible.constants as C
File "/opt/freeware/lib/python3.7/site-packages/ansible/constants.py", line 174, in <module>
config = ConfigManager()
File "/opt/freeware/lib/python3.7/site-packages/ansible/config/manager.py", line 283, in __init__
self._config_file = find_ini_config_file(self.WARNINGS)
File "/opt/freeware/lib/python3.7/site-packages/ansible/config/manager.py", line 240, in find_ini_config_file
potential_paths.append(unfrackpath("~/.ansible.cfg", follow=False))
File "/opt/freeware/lib/python3.7/site-packages/ansible/utils/path.py", line 55, in unfrackpath
b_basedir = to_bytes(os.getcwd(), errors='surrogate_or_strict')
PermissionError: [Errno 13] Permission denied
The user ansible is member of the group ansible. For the group ansible I created a file /etc/sudoers.d/ansible with the following content:
%ansible ALL=(ALL) NOPASSWD: ALL
In /etc/ansible/ansible.cfg the privilege escalation section looks like this:
[privilege_escalation]
become=True
become_method=sudo
become_user=root
become_ask_pass=False
We have the same construction on our Red Hat 8.5 Ansible server and on that server everything works flawless.
Any ideas would be welcome?
Regards,
Philip.
------------------------------
Philip Krab
------------------------------