Ini_file deletes everything in the file that I did not specify

Get Help
1

I am simply trying to add a key=value to a specific section, however, ini_file seems to remove everything that was in the file originally and replace it with my key=value in [section]. I can’t imagine anyone would want that behavior. Is there something I’m doing wrong? I’ve tried it with exclusive=true and without exclusive and the result is the same.

Original Version of the file:

#This unit file replaces the traditional start-up script for systemd
#configurations, and is used when enabling boot-start for Splunk on
#systemd-based Linux distributions.

[Unit]
Description=Systemd service file for Splunk, generated by 'splunk enable boot-start'
After=network-online.target
Wants=network-online.target

[Service]
Type=simple
Restart=always
ExecStart=/opt/splunkforwarder/bin/splunk _internal_launch_under_systemd
KillMode=mixed
KillSignal=SIGINT
TimeoutStopSec=360
LimitNOFILE=65536
LimitRTPRIO=99
SuccessExitStatus=51 52
RestartPreventExitStatus=51
RestartForceExitStatus=52
User=splunkfwd
Group=splunkfwd
NoNewPrivileges=yes
PermissionsStartOnly=true
AmbientCapabilities=CAP_DAC_READ_SEARCH
ExecStartPre=-/bin/bash -c "chown -R splunkfwd:splunkfwd /opt/splunkforwarder"

[Install]
WantedBy=multi-user.target

My tasks:

  - name: Ensure "AmbientCapibilities is in section "[Service]" in the SplunkForwarder service config
    community.general.ini_file:
      path: /etc/systemd/system/SplunkForwarder.service
      section: Service
      option: AmbientCapabilities
      value: "{{ splunk_forwarder_ambient_capabilities | default(['CAP_DAC_READ_SEARCH']) | list | flatten | unique | join(' ') }}"
      mode: '0644'
      backup: true
      no_extra_spaces: true
      exclusive: true
    become: true

  - name: Add ExecStartPre in the "[Service]" section to set permissions on streamfwd file
    community.general.ini_file:
      path: /etc/systemd/system/SplunkForwarder.service
      section: Service
      option: ExecStartPre
      value: '-/bin/bash -c "chmod 4711 {{ splunk_forwarder_home }}/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwd"'
      mode: '0644'
      backup: true
      no_extra_spaces: true
    become: true

The resulting output:


[Service]
AmbientCapabilities=CAP_DAC_READ_SEARCH CAP_NET_RAW CAP_NET_ADMIN
ExecStartPre=-/bin/bash -c "chmod 4711 /opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwd"
2

Instead of starting a new thread for the exact same problem you should update your old one.

1 Like
3

I guess I’m getting old. I don’t remember making an old one.

4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.