Actions
Bug #617
closed
dc-monitoring Ansible role: Group trusted-proc does not exist
Start date:
2018-04-23
Due date:
% Done:
100%
Estimated time:
Patch Available:
Confirmed:
No
Branch:
Entity:
DuckCorp
Security:
Help Needed:
Description
trusted-proc group is required but group creation isn't handled by Ansible:
ansible-playbook -l Toushirou -i hosts.yml -v --start-at-task "install security tools" playbooks/common.yml
[...]
TASK [dc-monitoring : Give Rights on /proc to Zabbix User] ***************************************************************************************************
fatal: [Toushirou]: FAILED! => {"changed": false, "msg": "Group trusted-proc does not exist"}
```
Updated by Marc Dequènes about 6 years ago
True, good catch.
It is more of a global parameter from a DC perspective. Thus I would suggest adding the rules in the `dc-base` role and making it an optional parameter of the `dc-monitoring` role (to make the role more generic and reusable in other places).
Updated by Marc Dequènes about 6 years ago
- Status changed from New to In Progress
- Assignee set to Marc Dequènes
Updated by Marc Dequènes about 6 years ago
- Status changed from In Progress to Resolved
- % Done changed from 0 to 100
The group is now created. The fstab entry is updated (now using the group name for more readability).
As suggested the special group is passed as role argument.
Actions