Good day.
I want tp parse root’s history to return the last occurrence of yum update that includes the string “disablerepo”. I would have thought that this would work:
You can control the failure handling from the task using
'failed_when', for example:
failed_when: out is failed and not out.rc == 1
Thank you, Brian. Now, I want to print that output via debug, but am again running into “non-zero return code”.
when asking for help it is useful to show the full task and -vvv
output that includes the error (like your first post). It is hard to
debug from just a partial message out of context.
Apologies.
The playbook:
he, you'll need the same condition for debug (or use a block) since
debug the way you set it up returns `rc: 1` and fools it into thinking
there is an error.
You can also bypass the top level rc with msg={{ 'out: ' ~ out }}
Playbook:
I should have mentioned that this is the expected output, for example:
[dyioulos@myhost ~]$ history | grep -m 1 disablerepo
87 dnf install --disablerepo=somerepo https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
Your problem isn’t anything to do with Ansible. It’s a problem is an interaction between how history is implemented and privilege escalation via become.
To make your task work, you’ll need to change your shell script like this:
- name: Get last yum update which includes "disablerepo"
shell: |
HISTFILE=/root/.bash_history
history -n
history | tac | grep -m 1 disablerepo
register: out
Normally, HISTFILE isn’t set. The docs say it defaults to “~/.bash_history”, and it sort of does – for a broad enough definition of who “~” references. Anyway, in my testing, it’s necessary to explicitly set it as shown above.
Simply pointing HISTFILE at the right file isn’t enough. The shell normally reads in the HISTFILE early on, but we’re well past that by line 2 of the shell script. The “history -n” command reads “all history lines not already read from the history file and append[s] them to the history list”. The “history list” is not the same as the history file; it’s an in-memory construct that the shell manipulates until you close the shell. It’s then that the history list is written to the file. (Or when you invoke “history -a” or “history -w”.)
Now that you’ve got the history loaded, you can do your grep. The failure that was being reported before was the result of trying to construct the pipe between an uninitialized history list and your grep. A bare history command at that spot just does nothing, but as part of a pipeline it would fail.
However, you stated you want the last yum update which includes “disablerepo”. What you would have gotten - had it not been for the failure to build a pipeline with an uninitialized history - was the first command in the history which included “disablerepo”. Inserting tac in the pipeline reverses the order so your grep will match on the last occurrence.
Cheers,
Thank you, Todd! This works: