Using "shell" with a switch

Kai_Stian_Olstad · December 4, 2018, 9:32pm

Can you stop hijacking thread that has nothing to do with your problem.

Kai_Stian_Olstad · December 4, 2018, 9:44pm

rndc is usually located in /usr/sbin so you can't use which to determine if it's installed since /usr/sbin in some distribution is only in root's path.

The problem in this long thread you have not showed the complete command you are running, neither with Ansible or manually on the command line with the result.

With ansible-playbook it's preferably to have that with -vvvv and to make the output easier to read the debug callback plugin.
Then the command will be
ANSIBLE_STDOUT_CALLBACK=debug ansible-playbook .........
Because of the missing output these thread have a tendency to be longer than they could have been.

su usually require a root password so do you use -K/--ask-become-pass on the command line.

dyioulos · December 4, 2018, 9:52pm

Piotr,

Well, not quite. It’s true that Bind isn’t installed on the host in which the script is installed and runs. If I run the script from there, after su’ing to root, it works fine. But, why doesn’t the script execute from Ansible as written - running rndc on the dns servers that are identified in the script?

Dimitri

powcarz · December 4, 2018, 10:14pm

Piotr

Karl_Auer · December 4, 2018, 10:26pm

Hullo Piotr.

No, it’s just that people very often do not post their entire playbook or the complete output from their runs. This it often misleads responders, who go down various dead ends before finally requesting that the OP post everything, then at last the problem gets resolved. In a long thread, this often happens more than once, as different people take and interest and get involved.

There’s no problem with long threads, I think Kai was just making the point that with too little info from the OP, resolutions can take longer… When some one provides only edited versions of their playbook or its output, they are making assumptions about the location and cause of the problem that may be unwarranted. It’s very understandable - Ansible output is quite verbose - but still mostly a bad idea.

Like you, I will often “have a go” at a question that is within my grasp, but if a question is not one I can answer I stay silent.

Regards, K.

powcarz · December 4, 2018, 10:54pm

Karl,
Yeah, I have already noticed that some people act like they learned internet forums yesterday. I feel totally noob now, but what do you do if the question is within within your grasp, but you lack a little information?

Piotr

dyioulos · December 5, 2018, 3:02pm

My sincere apologies for creating such a long thread - never my intention. I’ve received a lot of great help from this list, and don’t want to jeopardize that. As I mentioned earlier, I’m not always quick on the uptake. Thank you for sticking with me. And, all of your effort have paid off, as I’ve come to the solution! This is what my playbook looks like now:

hosts: all
gather_facts: false
become: yes
become_method: su
become_flags: ‘-’
vars:
ansible_become_pass: “rootpass”
tasks:

shell: /scripts/dnscopy.pl -f
register: script_output

debug:
var: script_output.stdout_lines

It returns the same output as if I ran the script on the remote host:

TASK [command] ****************************************************************
task path: /etc/ansible/playbooks/rundeck/dnscopy.yml:13
Using module file /usr/lib/python2.7/site-packages/ansible/modules/commands/command.py
ESTABLISH SSH CONNECTION FOR USER: a-scripting
SSH: EXEC sshpass -d12 ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o User=a-scripting -o ConnectTimeout=300 -o ControlPath=/root/.ansible/cp/00d0d0be4b admin1 ‘/bin/sh -c ‘"’“‘echo ~ && sleep 0’”’“‘’
(0, ‘/home/a-scripting\n’, ‘’)
ESTABLISH SSH CONNECTION FOR USER: a-scripting
SSH: EXEC sshpass -d12 ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o User=a-scripting -o ConnectTimeout=300 -o ControlPath=/root/.ansible/cp/00d0d0be4b admin1 '/bin/sh -c '”‘"’( umask 77 && mkdir -p “echo /home/a-scripting/.ansible/tmp/ansible-tmp-1544020870.43-70326662458073” && echo ansible-tmp-1544020870.43-70326662458073=“echo /home/a-scripting/.ansible/tmp/ansible-tmp-1544020870.43-70326662458073” ) && sleep 0’“'”‘’
(0, ‘ansible-tmp-1544020870.43-70326662458073=/home/a-scripting/.ansible/tmp/ansible-tmp-1544020870.43-70326662458073\n’, ‘’)
PUT /tmp/tmpKrQPZW TO /home/a-scripting/.ansible/tmp/ansible-tmp-1544020870.43-70326662458073/command.py
SSH: EXEC sshpass -d12 sftp -o BatchMode=no -b - -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o User=a-scripting -o ConnectTimeout=300 -o ControlPath=/root/.ansible/cp/00d0d0be4b ‘[admin1]’
(0, ‘sftp> put /tmp/tmpKrQPZW /home/a-scripting/.ansible/tmp/ansible-tmp-1544020870.43-70326662458073/command.py\n’, ‘’)
ESTABLISH SSH CONNECTION FOR USER: a-scripting
SSH: EXEC sshpass -d12 ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o User=a-scripting -o ConnectTimeout=300 -o ControlPath=/root/.ansible/cp/00d0d0be4b admin1 ‘/bin/sh -c ‘"’“‘chmod u+x /home/a-scripting/.ansible/tmp/ansible-tmp-1544020870.43-70326662458073/ /home/a-scripting/.ansible/tmp/ansible-tmp-1544020870.43-70326662458073/command.py && sleep 0’”’“‘’
(0, ‘’, ‘’)
ESTABLISH SSH CONNECTION FOR USER: a-scripting
SSH: EXEC sshpass -d12 ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o User=a-scripting -o ConnectTimeout=300 -o ControlPath=/root/.ansible/cp/00d0d0be4b -tt admin1 '/bin/sh -c '”‘“'su - root -c '”’“'”‘"’“'”‘"’“'/bin/sh -c '”‘"’“'”‘"’“'”‘"’“'”‘"’“'”‘"’“'”‘"’“'”‘"’“'”‘"’“'”‘“‘echo BECOME-SUCCESS-ekoalvjsxgctatfhsngmjohojiatrsbx; /usr/bin/python /home/a-scripting/.ansible/tmp/ansible-tmp-1544020870.43-70326662458073/command.py; rm -rf “/home/a-scripting/.ansible/tmp/ansible-tmp-1544020870.43-70326662458073/” > /dev/null 2>&1’”’“'”‘"’“'”‘"’“'”‘"’“'”‘"’“'”‘"’“'”‘"’“'”‘"’“'”‘"’“‘’”‘"’“'”‘"’“'”‘"’ && sleep 0’“'”‘’
(0, ‘\r\n\r\n{“changed”: true, “end”: “2018-12-05 09:41:14.641125”, “stdout”: “server reload successful\nserver reload successful\nserver reload successful\nserver reload successful”, “cmd”: “/scripts/dnscopy.pl -f”, “rc”: 0, “start”: “2018-12-05 09:41:10.058261”, “stderr”: “”, “delta”: “0:00:04.582864”, “invocation”: {“module_args”: {“warn”: true, “executable”: null, “_uses_shell”: true, “_raw_params”: “/scripts/dnscopy.pl -f”, “removes”: null, “creates”: null, “chdir”: null}}, “warnings”: }\r\n’, ‘Shared connection to admin1 closed.\r\n’)
changed: [admin1] => {
“changed”: true,
“cmd”: “/scripts/dnscopy.pl -f”,
“delta”: “0:00:04.582864”,
“end”: “2018-12-05 09:41:14.641125”,
“invocation”: {
“module_args”: {
“_raw_params”: “/scripts/dnscopy.pl -f”,
“_uses_shell”: true,
“chdir”: null,
“creates”: null,
“executable”: null,
“removes”: null,
“warn”: true
}
},
“rc”: 0,
“start”: “2018-12-05 09:41:10.058261”
}
STDOUT:
server reload successful
server reload successful
server reload successful
server reload successful

TASK [debug] ****************************************************************
task path: /etc/ansible/playbooks/rundeck/dnscopy.yml:15
ok: [admin1] => {
“script_output.stdout_lines”: [
“server reload successful”,
“server reload successful”,
“server reload successful”,
“server reload successful”
]
}

I’m very grateful to Piotr and Kai for their kind and expert assistance!!! Thank you so much.

Kai_Stian_Olstad · December 5, 2018, 3:32pm

Kai,

What are you trying to say?

I could just say, what Karl said because that was well written, but I add some answers since your post is addressed to me.

Are there limits to thread lenght in this group?

There is no limit, and my answer was not meant as any criticism of you since my relay was to the OP.
For what it's worth, I think you have done a great job in the thread.

I recenty posted a question in another thread and noticed, that this mail
group is seriously lacking involvment, which I totally get - people asking
trivial questions don't deserve expert's answers, I totally get it. More
experienced people have better things to do than answering dumb questions,
and here I am, with an intermediate experience in Ansible.

Your first post was in a relative old thread, you should have created your own.
Old thread might not get all that attention and when people see that it is a reply to a thread the think it's an answer and not actually a question as it was in your first post to the list.

I did read the post but did not understand the problem since you had not provided enough information.
In fear of being caught in a long thread(waste of time) like you did here, because OP did not give enough information I just click on the next unread message to see if it was a lot easier to help that person instead.

I thought, since
Ansible is helping me, why don't I help Ansible in answering trivial
questions?

As I already have mention, my post was addressed to OP not you.
That you are willing to help is a huge plus.

I am spending this week at a hotel, days are short, not much to
do, why don't I educate myself and help the others? Let me know if I am
doing anything wrong and I will stop it.

You did nothing wrong at all, I truly hope you keep contribute to the list.

Kai_Stian_Olstad · December 5, 2018, 3:40pm

I do recommend you ask.

I did that in the beginning, but now I have mostly stopped doing that since it do take up a lot of time.

Kai_Stian_Olstad · December 5, 2018, 3:56pm

My sincere apologies for creating such a long thread - never my intention.
I've received a lot of great help from this list, and don't want to
jeopardize that.

No worry, you haven't.
My mail was about you to provide more information, I could have left out the "long thread" in my reply, but I didn't since you/we where back to the stating point.

As I mentioned earlier, I'm not always quick on the
uptake. Thank you for sticking with me. And, all of your effort have paid
off, as I've come to the solution! This is what my playbook looks like now:

---
> - hosts: all
> gather_facts: false
> become: yes
> become_method: su
> become_flags: '-'
> vars:
> ansible_become_pass: "rootpass"
> tasks:
> - shell: /scripts/dnscopy.pl -f
> register: script_output
> - debug:
> var: script_output.stdout_lines

So it was just about missing password.
(The fun thing is that if you had provided complete output, as you did in this post, in your first post I guessing you had gotten an answer the same day.
But no harm done, since you have a working solution.)

It returns the same output as if I ran the script on the remote host:

TASK [command]
> ****************************************************************
> task path: /etc/ansible/playbooks/rundeck/dnscopy.yml:13
> Using module file
> /usr/lib/python2.7/site-packages/ansible/modules/commands/command.py
> <admin1> ESTABLISH SSH CONNECTION FOR USER: a-scripting
> <admin1> SSH: EXEC sshpass -d12 ssh -C -o ControlMaster=auto -o
> ControlPersist=60s -o StrictHostKeyChecking=no -o User=a-scripting -o
> ConnectTimeout=300 -o ControlPath=/root/.ansible/cp/00d0d0be4b admin1
> '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
> <admin1> (0, '/home/a-scripting\n', '')
> <admin1> ESTABLISH SSH CONNECTION FOR USER: a-scripting
> <admin1> SSH: EXEC sshpass -d12 ssh -C -o ControlMaster=auto -o
> ControlPersist=60s -o StrictHostKeyChecking=no -o User=a-scripting -o
> ConnectTimeout=300 -o ControlPath=/root/.ansible/cp/00d0d0be4b admin1
> '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo
> /home/a-scripting/.ansible/tmp/ansible-tmp-1544020870.43-70326662458073 `"
> && echo ansible-tmp-1544020870.43-70326662458073="` echo
> /home/a-scripting/.ansible/tmp/ansible-tmp-1544020870.43-70326662458073 `"
> ) && sleep 0'"'"''
> <admin1> (0,
> 'ansible-tmp-1544020870.43-70326662458073=/home/a-scripting/.ansible/tmp/ansible-tmp-1544020870.43-70326662458073\n',
> '')
> <admin1> PUT /tmp/tmpKrQPZW TO
> /home/a-scripting/.ansible/tmp/ansible-tmp-1544020870.43-70326662458073/command.py
> <admin1> SSH: EXEC sshpass -d12 sftp -o BatchMode=no -b - -C -o
> ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o
> User=a-scripting -o ConnectTimeout=300 -o
> ControlPath=/root/.ansible/cp/00d0d0be4b '[admin1]'
> <admin1> (0, 'sftp> put /tmp/tmpKrQPZW
> /home/a-scripting/.ansible/tmp/ansible-tmp-1544020870.43-70326662458073/command.py\n',
> '')
> <admin1> ESTABLISH SSH CONNECTION FOR USER: a-scripting
> <admin1> SSH: EXEC sshpass -d12 ssh -C -o ControlMaster=auto -o
> ControlPersist=60s -o StrictHostKeyChecking=no -o User=a-scripting -o
> ConnectTimeout=300 -o ControlPath=/root/.ansible/cp/00d0d0be4b admin1
> '/bin/sh -c '"'"'chmod u+x
> /home/a-scripting/.ansible/tmp/ansible-tmp-1544020870.43-70326662458073/
> /home/a-scripting/.ansible/tmp/ansible-tmp-1544020870.43-70326662458073/command.py
> && sleep 0'"'"''
> <admin1> (0, '', '')
> <admin1> ESTABLISH SSH CONNECTION FOR USER: a-scripting
> <admin1> SSH: EXEC sshpass -d12 ssh -C -o ControlMaster=auto -o
> ControlPersist=60s -o StrictHostKeyChecking=no -o User=a-scripting -o
> ConnectTimeout=300 -o ControlPath=/root/.ansible/cp/00d0d0be4b -tt admin1
> '/bin/sh -c '"'"'su - root -c '"'"'"'"'"'"'"'"'/bin/sh -c
> '"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'echo
> BECOME-SUCCESS-ekoalvjsxgctatfhsngmjohojiatrsbx; /usr/bin/python
> /home/a-scripting/.ansible/tmp/ansible-tmp-1544020870.43-70326662458073/command.py;
> rm -rf
> "/home/a-scripting/.ansible/tmp/ansible-tmp-1544020870.43-70326662458073/"
> > /dev/null
> 2>&1'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"''"'"'"'"'"'"'"'"'
> && sleep 0'"'"''
> <admin1> (0, '\r\n\r\n{"changed": true, "end": "2018-12-05
> 09:41:14.641125", "stdout": "server reload successful\\nserver reload
> successful\\nserver reload successful\\nserver reload successful", "cmd":
> "/scripts/dnscopy.pl -f", "rc": 0, "start": "2018-12-05 09:41:10.058261",
> "stderr": "", "delta": "0:00:04.582864", "invocation": {"module_args":
> {"warn": true, "executable": null, "_uses_shell": true, "_raw_params":
> "/scripts/dnscopy.pl -f", "removes": null, "creates": null, "chdir":
> null}}, "warnings": }\r\n', 'Shared connection to admin1 closed.\r\n')
> changed: [admin1] => {
> "changed": true,
> "cmd": "/scripts/dnscopy.pl -f",
> "delta": "0:00:04.582864",
> "end": "2018-12-05 09:41:14.641125",
> "invocation": {
> "module_args": {
> "_raw_params": "/scripts/dnscopy.pl -f",
> "_uses_shell": true,
> "chdir": null,
> "creates": null,
> "executable": null,
> "removes": null,
> "warn": true
> }
> },
> "rc": 0,
> "start": "2018-12-05 09:41:10.058261"
> }
> STDOUT:
>
>
>
> *server reload successfulserver reload successfulserver reload
> successfulserver reload successful*
>
> TASK [debug]
> ****************************************************************
> task path: /etc/ansible/playbooks/rundeck/dnscopy.yml:15
> ok: [admin1] => {
> "script_output.stdout_lines": [
>
>
>
> * "server reload successful", "server reload successful",
> "server reload successful", "server reload successful"*
> ]
> }

This output is a huge help for us to help you when you have problem.
Keep that in mind next time you have a problem you need help with.

-vvvv is not need all the time, but are you unsure it's better to include it that not.

Topic		Replies	Views
Running a script as root user. Ansible Project	1	2	October 24, 2019
Ansible execute remote shell script with source to other files Ansible Project	3	2	February 10, 2022
Unable to execute shell script Ansible Project	14	37	August 21, 2024
become module executable shell problem Ansible Project	1	9	November 14, 2016
shell module with become_user does not function correctly Ansible Project	4	3	September 28, 2023

Using "shell" with a switch

Related topics