Issue with script not working on Windows/Cygwin

Archives Ansible Project
1

Hi, all.
I have an issue with a certain script (permissions) whilst using ansible.
First of all, I have one script that does work:

#!/bin/bash

set -xe

chmod 660 /etc/rsyncd.secrets
mkpasswd > /etc/passwd
sed -i ‘s/^YRunner/yrunner/’ /etc/passwd

I run it with this command set in the playbook:

- name: Run chmod script
win_command: ‘cmd.exe /c “start C:\cygwin\bin\bash.exe /cygdrive/c/TEMP/chmod1.sh”’
become: yes
become_method: runas
become_user: SYSTEM

And the expected result is achieved:

$ stat /etc/rsyncd.secrets
File: /etc/rsyncd.secrets
Size: 17 Blocks: 1 IO Block: 65536 regular file
Device: d22da4adh/3526206637d Inode: 9288674231979766 Links: 1
Access: (0660/-rw-rw----) Uid: ( 544/Administrators) Gid: (197121/ None)
Access: 2018-03-13 08:26:32.696649400 -0700
Modify: 2018-03-13 08:26:31.182425000 -0700
Change: 2018-03-13 13:14:37.662372900 -0700
Birth: 2018-03-13 08:26:32.696649400 -0700

However, when I run THIS script:

#!/bin/bash

set -xe

chmod 700 -R ~/.ssh
chmod 700 -R /home/YRunner
chown yrunner -R /home/YRunner
chmod 600 -R ~/.ssh/authorized_keys

With this command set in the playbook:

- name: Run chmod script 2
win_command: ‘cmd.exe /c “start C:\cygwin\bin\bash.exe /cygdrive/c/TEMP/chmod2.sh”’
become: yes
become_method: runas
become_user: SYSTEM

I do NOT get the expected result:

$ stat ~/.ssh
File: /home/YRunner/.ssh
Size: 0 Blocks: 0 IO Block: 65536 directory
Device: d22da4adh/3526206637d Inode: 8162774325137173 Links: 1
Access: (0777/drwxrwxrwx) Uid: (197609/ YRunner) Gid: (197121/ None)
Access: 2018-03-13 08:32:35.164358900 -0700
Modify: 2018-03-13 08:32:35.164358900 -0700
Change: 2018-03-13 13:24:24.376928300 -0700
Birth: 2018-03-13 08:27:52.540239800 -0700

But, when I run this script as admin from cygwin, it works.

$ ./chmod2.sh
+ chmod 700 -R /home/YRunner/.ssh
+ chmod 700 -R /home/YRunner
+ chown yrunner -R /home/YRunner
+ chmod 600 -R /home/YRunner/.ssh/authorized_keys

YRunner@YRUNNERW-01 /cygdrive/c/TEMP
$ stat ~/.ssh
File: /home/YRunner/.ssh
Size: 0 Blocks: 0 IO Block: 65536 directory
Device: d22da4adh/3526206637d Inode: 8162774325137173 Links: 1
Access: (0700/drwx------) Uid: (197609/ YRunner) Gid: (197121/ None)
Access: 2018-03-13 08:32:35.164358900 -0700
Modify: 2018-03-13 08:32:35.164358900 -0700
Change: 2018-03-13 13:25:32.829368400 -0700
Birth: 2018-03-13 08:27:52.540239800 -0700

The difference I see is that the Uid on the working script is Administrator, while the non-working script Uid is YRunner (my user).

What am I doing wrong? Can I adjust my script in any way to make these mods happen?

2

I can’t say why it isn’t working as most of the time I avoid Cygwin due to issues like these. One thing you should look into is changing your win_command tasks from

`

  • win_command: cmd.exe /c “start something.exe”
    `

to just

`

  • win_command: something.exe
    `

For example your 2nd task would look like

`

  • name: Run chmod script 2
    win_command: C:\cygwin\bin\bash.exe /cygdrive/c/TEMP/chmod2.sh
    `

What you are effectively doing in your examples, is starting a new cmd process (cmd.exe) and then getting that to start another executable (C:\cygwin\bin\bash.exe), there is no point in this as win_command is designed to run executables and all you are doing is adding another layer that could be causing trouble.

As for the issue itself, I would think it could be that you are running it as the SYSTEM account and from a cygwin user permissions perspective it is unable to access the home directory for YRunner. While SYSTEM pretty much has full rights in Windows, I’m unsure how that translates to Cygwin and to me seems to be the reason why it may be failing.

Thanks

Jordan

3

Hi Jordan, Thanks for your help.
I tried running the commands the way you said, but they do not work for me without the cmd.exe /c start portions.
Anyway, I got this to work. The way I did it was make a win_acl play, give the C:\cygwin folder full control to everyone, and then run the scripts I posted.
It works great!
Just wanted to post that so someone else might learn from my mistakes.

Peace: Larry

4

Weird, maybe cygwin’s bash.exe relies on being part of the cmd shell to work (another reason why cygwin is quite painful). Glad you got it working though.

Thanks

Jordan

5

Cygwin is a real PITA in relation to windows permissions. I hate it. But, it’s doable.