I just noticed that some unknown folder has been created in my /etc/ansible directory.
Here it is ,
monitoring-server#monitoring-server:/etc/ansible$ ls
[' ansible.cfg hosts java.retry java.yml nginx.retry nginx.yml roles test.retry test.yml
This [' is the folder.
monitoring-server#monitoring-server:/etc/ansible$ ls -l
total 56
drw-r--r-- 3 root root 4096 Jul 27 07:12 ['
I need to be root to open it.
root#monitoring-server:/etc/ansible/['# tree
.
└── opt
└── rsyslog']
2 directories, 0 files
Well, the /opt/rsyslog is one of the directories I made on some remote servers using ansible.
How is this folder created and Why is it created?
Directory tree is ['/opt/rsyslog'] – seems like you mistyped string path as list sometime ago and fed it into module with local host as target.
As long as /etc/ansible also seems to be your working directory (which is really weird practice), path [' / opt / rsyslog'] has been created.
You may safely remove it.
Related
I am creating my dot files following this tutorial. It successfully works for emacs.d.
Since I am using NixOS, I tried doing exactly the same steps with symlink creation for the configuration.nix file. Thus, I did:
1 - On terminal:
[pedro#system:/etc/nixos]$ sudo mv /etc/nixos/configuration.nix ~/.dotfiles/
2 - Then:
[pedro#system:/etc/nixos]$ ln -sf ~/.dotfiles/configuration.nix configuration.nix~
3 - It seems to work fine, as I do:
[pedro#system:/etc/nixos]$ ls -la
total 12
drwxr-xr-x 2 root root 4096 Dec 1 21:41 .
drwxr-xr-x 32 root root 4096 Dec 1 22:00 ..
lrwxrwxrwx 1 root root 39 Dec 1 21:41 configuration.nix~ -> /home/pedro/.dotfiles/configuration.nix
-rw-r--r-- 1 root root 842 Nov 12 17:40 hardware-configuration.nix
After doing some editions and saving the changes, I can't do nixos-rebuild switch, though. It throws an error:
[pedro#system:/etc/nixos]$ sudo nixos-rebuild switch
warning: Nix search path entry '/etc/nixos/configuration.nix' does not exist, ignoring
error: file 'nixos-config' was not found in the Nix search path (add it using $NIX_PATH or -I), at /nix/var/nix/profiles/per-user/root/channels/nixos/nixos/default.nix:1:60
(use '--show-trace' to show detailed location information)
building Nix...
warning: Nix search path entry '/etc/nixos/configuration.nix' does not exist, ignoring
error: file 'nixos-config' was not found in the Nix search path (add it using $NIX_PATH or -I), at /nix/var/nix/profiles/per-user/root/channels/nixos/nixos/default.nix:1:60
(use '--show-trace' to show detailed location information)
building the system configuration...
warning: Nix search path entry '/etc/nixos/configuration.nix' does not exist, ignoring
error: file 'nixos-config' was not found in the Nix search path (add it using $NIX_PATH or -I), at /nix/var/nix/profiles/per-user/root/channels/nixos/nixos/default.nix:1:60
(use '--show-trace' to show detailed location information)
The ~ after configuration.nix~ might be the problem here. How can I fix this?
Thanks!
Your Step 2 seems to have cause the issue here: The symlink should be called configuration.nix not configuration.nix~ as you have noticed.
You could fix this by running mv configuration.nix~ configuration.nix in the /etc/nixos folder which would rename configuration.nix~ to the correct configuration.nix.
I want to set two groups to a directory
app_group
td-agent
If use file module, there is a group attribute can do
- name: Set group to directory
file:
path: /app
group: app_group
state: directory
recurse: true
mode: '0774'
The current permissions like
$ ls -la /app/app1/
drwxrwx---. 5 root app_group 31 Oct 11 14:12 .
drwxr-xr-x. 3 root root 21 May 12 2021 ..
drwxrwx---. 3 app_user app_group 12 Apr 28 13:30 product
But I want to set Fluentd's user group td-group can also read files in /app directory. Like /app/app1/product/001.log. How to do?
If change mode to mode: o+rx, other user can read/execute the directory. Will it change current permission for app_user and app_group?
Since the underlying operating system seems to be Linux, the answer to your question
How to set permission to a directory with multiple groups?
will be you can't do that. At least not in that way. Ansible can configure only what is available.
So you may have a look into the basic concepts of how to manage Linux permissions for users, groups, and others.
In example
Linux group permissions
Granting write permissions to a group to a folder
How does group permissions work?
and maybe put the fluentd user into app_group. An other approach could be introducing Access Control Lists (ACL).
In example
How can I give permissions of files to multiple groups?
Two Groups Separate Permissions, One Directory?
Since Ansible backup feature is questionable a little with lack of configuration. I'm looking into some solution.
Normally in script I would have backup function that you can call with file name and it would copy the file to separate location with changed name.. for example bkp_location = /tmp/backup//
Lets say I want to backup /etc/systemconf/network I pass it to function and it would copy it to backup directory under etc_systemconf_network ( it replace / with _ so we can tell where it come from )
What would be the best solution in Ansible for something like that ? That I could call it in every role etc...
Maybe one backup.yml in root directory and have it include and pass variable ( file name ) to it, would that work ?
Edit:
Backup feature I speak of:
there is an option backup: yes for some modules ( this is shared function between them as far as I know ) but does not offer any modification to what it does.
Like what would be the backup file name, where it would be located... ? so I have to handle that externally... kind of mid-step between.. but seems like include backup.yml and pass variable to it will do the trick.
cat backup.yml
- name: creating backup
copy: src="{{ path_of_file }}" dest="{{ bkp_location }}/backup{{ path_of_file }}{{ contenttoaddwhilebackingup }}" remote_src=true
in running playbook
include: backup.yml
So if you run a playbook like this
ansible-playbook random.yml -e 'bkp_location=/tmp/backup/ path_of_file=/etc/systemconf/network contenttoaddwhilebackingup=26march2021'
It will create backup like this
ls -lrt /etc/systemconf/
-rw-r--r-- 1 root root 2 Mar 25 15:22 network
ls -lrt /tmp/backup/
-rw-r--r-- 1 root root 2 Mar 25 15:22 backupnetwork26march2021
There are couple of folders in the root dir of HDFS:
dir1
subdir1
table1
table2
subdir2
dir2
subdir1
table1
table2
dir3
They all have subfolders that contain different Parquet files that are queried with Hive.
I can't load one of the subfolders (for example table1 inside dir2) even though the permissions look ok to me, I get the EXECUTE error when trying to load it.
The code is running in a Jupyter notebook.
Users are organized in groups.
I've added rwx permissions for the directory in question to the group by using the following command:
hdfs dfs -setfacl -R -m group:user_group:rwx /dir2/subdir2
The error I'm getting looks like this:
Cannot create staging directory 'hdfs://server:8020/dir2/subdir1/table1/.hive-staging_hive_2019-08-01_13-04-22': Permission denied: user=username, access=EXECUTE, inode="/dir2":hdfs:supergroup:drwxrwx---
I've added read and execute permissions on dir2 to the user group but the error persists. It looks to me from this error that somehow the default permissions are applied and they are ---
So, to summarize;
group has read and execute privileges on the root dir, and read, write and execute privileges on the table directories, but it keeps failing with permissions for root directory.
This is how the permissions look:
# file: /dir2
# owner: hdfs
# group: supergroup
user::rwx
user:some_group1:r-x
group::---
group:some_group2:rwx
group:user_group:r-x
group:hive:rwx
group:some_group3:r-x
group:some_group4:r-x
mask::rwx
other::---
default:user::rwx
default:user:some_group1:r-x
default:group::---
default:group:some_group2:rwx
default:group:hive:rwx
default:group:some_group3:r-x
default:group:some_group4:r-x
default:mask::rwx
default:other::---
# file: /dir2/subdir1/table1
# owner: some_user
# group: supergroup
user::rwx
user:some_group1:r-x
group::---
group:some_group2:rwx
group:user_group:rwx
group:hive:rwx
group:some_group3:r-x
group:some_group4:rwx
mask::rwx
other::---
default:user::rwx
default:user:some_group1:r-x
default:group::---
default:group:some_group2:rwx
default:group:user_group:rwx
default:group:hive:rwx
default:group:some_group3:r-x
default:group:some_group4:rwx
default:mask::rwx
default:other::---
The problem was eventually solved by creating new directories that replaced the old ones. The new directories were created with the correct user and credentials.
For example, I created subdir1_new, moved the data there, renamed subdir1 to subdir1_old and renamed subdir1_new to subdir1. Not a lot of folders were affected by this issue so it didn't take a long time.
I know it's not the actual solution, but I couldn't figure out what exactly was happening and this workaround did the trick.
Bash-on-Ubuntu-on-Windows supports case-sensitive file paths. This means that I can create two files or directories with names only differing in capitalization. I have issues accessing those files, though.
Running
bash -c "touch Magic ; mkdir magic ; echo Secret! > magic/secret"
Creates a file names Magic, a directory named magic and a file names secret in that directory.
bash -c "ls -lR" yields
.:
total 0
drwxrwxrwx 2 root root 0 Aug 23 10:37 magic
-rwxrwxrwx 1 root root 0 Aug 23 10:37 Magic
./magic:
total 0
-rwxrwxrwx 1 root root 8 Aug 23 10:37 secret
(I am not sure why I get root, as it is not the default user, but that does not seem relevant to my question.)
Windows Explorer shows:
Now, while bash can easily access the magic/secret file in the directory, Windows seems to treat both the directory and the file as one and the same. So double-clicking the directory I get a "directory name invalid" error
Same goes for using cd, as I get The directory name is invalid. printed out.
Are there any APIs that allow me to access those case-sensitive paths, or create them? It seems that regular Windows APIs ignore character case completely when accessing existing files.
Case-sensitive paths can be used on Windows with NTFS, but it requires a bit of extra work.
First, case-sensitivity must be enabled system-wide. This is done by setting the HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\ dword:ObCaseInsensitive registry value to 0, then restarting the system.
I found this part here.
Once case-sensitivity is enabled, it is possible to use CreateFile to with case-sensitive paths. To do that, you have to pass the FILE_FLAG_POSIX_SEMANTICS as part of the dwFlagsAndAttributes parameter. From msdn:
Access will occur according to POSIX rules. This includes allowing multiple files with names, differing only in case, for file systems that support that naming.
I found this part in this answer.
By setting the registry setting and the CreateFile flag, I was able to access case-sensitive paths.