Import EPEL GPG key: cannot open Packages index using db5

[dmccue]

TASK [geerlingguy.repo-epel : Import EPEL GPG key.] **** Thursday 04 February 2021 12:04:54 +0000 (0:00:00.556) 0:02:09.191 * FAILED - RETRYING: Import EPEL GPG key. (5 retries left). FAILED - RETRYING: Import EPEL GPG key. (4 retries left). FAILED - RETRYING: Import EPEL GPG key. (3 retries left). FAILED - RETRYING: Import EPEL GPG key. (2 retries left). FAILED - RETRYING: Import EPEL GPG key. (1 retries left). fatal: [i-0301e3f7*****]: FAILED! => {"attempts": 5, "changed": false, "msg": "error: cannot open Packages index using db5 - Permission denied (13)\nerror: cannot open Packages database in /var/lib/rpm\nerror: /tmp/tmpNqccQQ: key 1 import failed.\n"}

It's version 3.0.0 of geerlingguy.repo-epel

Tested the epel_repo_gpg_key_url variable which shows: "https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7"

Tested it's valid too: curl https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7 | wc -l 29

cat /etc/redhat-release Red Hat Enterprise Linux Server release 7.9 (Maipo)

https://github.com/geerlingguy/ansible-role-repo-epel/blob/c03007d5dadbb34e36dfd3459f55880a220605d2/tasks/main.yml#L7

[dmccue]

Ah ok I didn't see this, assumed the roles elevated using become themselves, i've tested with become: true and it now works: https://github.com/geerlingguy/ansible-role-docker/issues/87#issuecomment-418431607

"become: yes" needs to be in flashing red in the Readme.md as it's often easy to overlook

Thanks

[dmccue]

If anyone else is reading this is how I had to use the role:

- name: enable epel on RHEL systems
  include_role:
    name: geerlingguy.repo-epel
    apply:
      become: true
  when: ansible_os_family == "RedHat"