这是我所拥有的:
- name: Create directories that will be used as persistent volumes
become: yes
become_method: sudo
file:
path: /tmp/pv-{{ item }}
state: directory
mode: "g=rwx"
group: "root"
selevel: _default
seuser: _default
serole: _default
setype: svirt_sandbox_file_t
with_items:
- cassandra
- services
正确创建了两个目录,group a权限就ok了。但是 SE Linux 上下文是错误的。
$ ll -dZ /tmp/pv-cassandra
drwxrwxr-x. 2 jkremser root unconfined_u:object_r:user_tmp_t:s0 40 Mar 9 15:19 /tmp/pv-cassandra
这是调试输出的一部分:
ok: [localhost] => (item=cassandra) => {
"changed": false,
"diff": {
"after": {
"path": "/tmp/pv-cassandra"
},
"before": {
"path": "/tmp/pv-cassandra"
}
},
"gid": 0,
"group": "root",
"invocation": {
"module_args": {
"backup": null,
"content": null,
"delimiter": null,
"diff_peek": null,
"directory_mode": null,
"follow": false,
"force": false,
"group": "root",
"mode": "g=rwx",
"original_basename": null,
"owner": null,
"path": "/tmp/pv-cassandra",
"recurse": false,
"regexp": null,
"remote_src": null,
"selevel": "_default",
"serole": "_default",
"setype": "svirt_sandbox_file_t",
"seuser": "_default",
"src": null,
"state": "directory",
"unsafe_writes": null,
"validate": null
},
"module_name": "file"
},
"item": "cassandra",
"mode": "0775",
"owner": "root",
"path": "/tmp/pv-cassandra",
"size": 80,
"state": "directory",
"uid": 0
}
我究竟做错了什么?我的操作系统是 Fedora 25。