I am using AWX version 23.1.0 with a custom execution environment based on CentOS Stream 9 built with ansible-builder and docker. Everything ran fine, I had appropriate requirements in my EE container image, but I made a change to mount an NFS volume on the localhost as I need access to the files on the NFS volume before hosts are created, so I cannot mount the volume on the hosts being automated.
I am using the file module to create the "/queues" directory where i will then use the mount module to mount the NFS volume to that directory.
---
- name: Create NFS Queue mount directory
file:
path: "{{ queue_mount_dir }}"
state: "directory"
mode: 0777
delegate_to: localhost
- name: Mount Queues directory
mount:
fstype: "nfs"
src: "{{ tools_nfs_host }}:{{ queue_share_name }}"
path: "{{ queue_mount_dir }}"
state: "ephemeral"
opts: rw
delegate_to: localhost
The first task of creating the directory is failing. The error is as follows:
fatal: [test-var-db -> localhost]: FAILED! => {"changed": false, "msg": "There was an issue creating /queues as requested: [Errno 13] Permission denied: b'/queues'", "path": "/queues"}
I have not tried this on the AWX Default EE as it does not fulfill my custom requirements, I need this to work on a custom EE. Is there something I need to do to my container image at build time to allow access to the file system outside of the default job execution path (/tmp), or should Ansible have access to the container filesystem regardless?
I have checked the UID of the user ansible uses with a task calling whoami and it comes up with UID of 1000. I get that the user ansible uses does not have access to root directories, but I don't see why it can't create new directories. I do not know what permissions the user ansible uses in the container localhost, so I tried becoming root with su and it did not work.