Ansible을 통한 보안 패치에 문제가 있습니다. 기계가 두 대 있어요
1) Ansible 마스터 서버(버전 2.8.4) RHEL8을 사용하는 서버에 보안 업데이트를 적용하고 싶습니다. 그러나 패치가 실패하고 다음 오류가 발생했습니다.
fatal: [lrhel8.exam.local]: FAILED! => {"changed": false, "failures": [], "msg": "Depsolve Error occured: \n Problem 1: cannot install both bind-license-32:9.11.4-26.P2.el8.noarch and bind-license-32:9.11.4-17.P2.el8_0.1.noarch\n - package bind-libs-32:9.11.4-17.P2.el8_0.1.x86_64 requires bind-license = 32:9.11.4-17.P2.el8_0.1, but none of the providers can be installed\n - cannot install the best update candidate for package bind-license-32:9.11.4-16.P2.el8.noarch\n - cannot install the best update candidate for package bind-libs-32:9.11.4-16.P2.el8.x86_64\n Problem 2: cannot install both gvfs-client-1.36.2-6.el8.x86_64 and gvfs-client-1.36.2-2.el8_0.1.x86_64\n - package gvfs-1.36.2-6.el8.x86_64 requires gvfs-client(x86-64) = 1.36.2-6.el8, but none of the providers can be installed\n - cannot install the best update candidate for package gvfs-client-1.36.2-1.el8.x86_64\n - cannot install the best update candidate for package gvfs-1.36.2-1.el8.x86_64\n Problem 3: cannot install both python3-libs-3.6.8-15.1.el8.x86_64 and python3-libs-3.6.8-2.el8_0.x86_64\n - package platform-python-3.6.8-2.el8_0.x86_64 requires python3-libs(x86-64) = 3.6.8-2.el8_0, but none of the providers can be installed\n - cannot install the best update candidate for package python3-libs-3.6.8-1.el8.x86_64\n - cannot install the best update candidate for package platform-python-3.6.8-1.el8.x86_64\n Problem 4: package systemd-container-239-18.el8.x86_64 requires systemd(x86-64) = 239-18.el8, but none of the providers can be installed\n - cannot install both systemd-239-18.el8.x86_64 and systemd-239-13.el8_0.3.x86_64\n - cannot install the best update candidate for package systemd-container-239-13.el8.x86_64\n - cannot install the best update candidate for package systemd-239-13.el8.x86_64\n Problem 5: package bind-libs-32:9.11.4-26.P2.el8.x86_64 requires bind-libs-lite(x86-64) = 32:9.11.4-26.P2.el8, but none of the providers can be installed\n - package bind-utils-32:9.11.4-26.P2.el8.x86_64 requires bind-libs(x86-64) = 32:9.11.4-26.P2.el8, but none of the providers can be installed\n - cannot install both bind-libs-lite-32:9.11.4-26.P2.el8.x86_64 and bind-libs-lite-32:9.11.4-17.P2.el8_0.1.x86_64\n - cannot install the best update candidate for package bind-utils-32:9.11.4-16.P2.el8.x86_64\n - cannot install the best update candidate for package bind-libs-lite-32:9.11.4-16.P2.el8.x86_64", "rc": 1, "results": []}
하지만 전체 서버( )를 업데이트하려고 하면 yum update
문제가 되지 않습니다.
2) RHEL8 서버
yum update --security
문제없이 통과되었습니다.
이 문제를 해결하는 데 도움을 줄 수 있는 사람이 있나요? 감사해요
역할(과제):
- name: Ensure all packages are updated
yum:
name: '*'
state: latest
conf_file: "{{ conf_file | default(omit) }}"
disable_gpg_check: "{{ disable_gpg_check }}"
disablerepo: "{{ disablerepo | default(omit, true) }}"
enablerepo: "{{ enablerepo | default(omit, true) }}"
exclude: "{{ exclude | default(omit, true) }}"
security: "{{ security_only }}"
update_cache: "{{ update_cache }}"
validate_certs: "{{ validate_certs }}"
skip_broken: "{{ skip_broken }}"
register: yum_result
역할(기본값):
disable_gpg_check: false
update_cache: false
validate_certs: true
var_free_space: 524288 # 512 MB = 512 * 1024 KB
security_only: true
skip_broken: true
...
스크립트:
- role: yum-update
when: ansible_os_family == "RedHat"
tags:
- yum-update