ansible - 无法启动 munge - 错误：日志文件不安全：“/var/log/munge”的所有权无效

问题描述

我正在运行我自己的 Ansible 角色，该角色依赖于 munge。这里我使用的 munge ansible 角色会引发以下错误：

Error: Logfile is insecure: invalid ownership of "/var/log/munge"

这是journalctl -xe命令的输出：

Mar 20 10:29:03 server systemd[1]: munge.service: control process exited, code=exited status=1
Mar 20 10:29:03 server systemd[1]: Failed to start MUNGE authentication service.
-- Subject: Unit munge.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit munge.service has failed.
-- 
-- The result is failed.
Mar 20 10:29:03 server systemd[1]: Unit munge.service entered failed state.
Mar 20 10:29:03 server systemd[1]: munge.service failed.
Mar 20 10:29:03 server polkitd[1478]: Unregistered Authentication Agent for unix-process:13743:81934 (system bus name :1.69, object path /org/freedesktop/PolicyKit1/Authentication
Mar 20 10:30:03 server sshd[12068]: Received disconnect from 127.0.0.1 port 56954:11: disconnected by user
Mar 20 10:30:03 server sshd[12068]: Disconnected from 127.0.0.1 port 56954
Mar 20 10:30:03 server sshd[12068]: pam_unix(sshd:session): session closed for user root
Mar 20 10:30:03 serverr systemd-logind[1481]: Removed session 7.

权限似乎很好：

ls -lh /var/log/
...
drwx------. 2 munge   munge   4.0K Mar 20 10:23 munge
...

这是单元文件：

vi /usr/lib/systemd/system/munge.service
[Unit]
Description=MUNGE authentication service
Documentation=man:munged(8)
After=network.target
After=syslog.target
After=time-sync.target

[Service]
Type=forking
ExecStart=/usr/sbin/munged
PIDFile=/var/run/munge/munged.pid
User=munge
Group=munge
Restart=on-abort

[Install]
WantedBy=multi-user.target

怎么了？

标签： ansiblemunge