I have playbook that installs shell scripts into /etc/profile.d/app.sh which appends my application start and stop scripts to $PATH, These 2 below steps runs as root user
- name: add binaries to PATH
copy:
args:
src: app.sh
dest: /etc/profile.d/
owner: root
group: root
mode: 0644
Then I am sourcing /etc/profile to reflect the changes
- name: reload profile
shell: source /etc/profile
After this I need to switch to my application user "appuser" to start the process
- name: start the application
shell: startMyapp application
become: yes
become_user: appuser
But I get error startMyapp: command not found, looks like when I use become_user /etc/profile is not getting executed to get the updated $PATH.
How can I make changes in my playbook that source /etc/profile when I use become_user?
Related
I am new to awx i use pre-exsisting playbook when i run it from ubuntu 20 terminal it works fine but i want to run it through awx when i run it from awx i get this error.
Failed to change ownership of the temporary files Ansible needs to create despite connecting as a privileged user. Unprivileged become user would be unable to read the file`
I install nextcloud from blog and i use these two commands at the end.
chown -R www-data:www-data /var/www/html/nextcloud
chmod -R 775 /var/www/html/nextcloud
the task where it throw error is this:
---
# tasks file for upgrade-nextcloud
- name: "[NC-Upgrade] - Get current version."
become_user: "{{ nextcloud_websrv_user }}"
command: php occ status --output=json
args:
chdir: "{{ nextcloud_webroot }}"
register: nc_current_version
changed_when: false
where become_user: "{{ nextcloud_websrv_user }}" is www-data. When i run it become_user: root then it say /var/www/html/nextcloud directory not found.
Do i need to mount the directory /var/www/html/nextcloud in awx_web container if i run it as a root.
The issue is fix the only problem is
connection:local
in main.yml so just need to remove it and i run it on a remote machine and also didn't provide the ssh credentials.
I login to server (CentOs 7) as my user and execute double sudo to become root. No password is required at such times.
Command: sudo sudo su
I need to install applications on such server as root user using Ansible (2.7)
Unfortunately, when i try following it gives: ""msg": "Timeout (12s) waiting for privilege escalation prompt: ""
---
- name: Copy file
become: true
become_method: su
hosts: all
tasks:
- name: Copy file
copy:
src: abc.txt
dest: /tmp/
I have tried other versions like changing become_method to sudo, etc. But they don't work. Any suggestion will help?
Im trying to run a shell script on the host machine after copying it over there using ansible. The script has 777 permissions.
Please read the below question as it gives the full scope of the actual issue that we are trying to deal with
Set different ORACLE_HOME and PATH environment variable using Ansible
- name: Run the Script [List]
shell: "/tmp/sqlscript/sql_select.sh {{item}} >> /tmp/sqlscript/output.out"
become: yes
become_method: sudo
become_user: oracle
register: orh
with_items: "{{ factor_dbs.split('\n') }}"
Below is the shell script
#!/bin/bash
source $HOME/bin/gsd_xenv $1 &> /dev/null
sqlplus -s <<EOF
/ as sysdba
set heading off
select d.name||','||i.instance_name||','||i.host_name||';' from v\$database d,v\$instance i;
EOF
Despite escalating the privileges, I observed that the task is not executing unless I add environment variables like below
- name: Run the script [List]
shell: "/tmp/sqlscript/oracle_home.sh {{item}} >> /tmp/sqlscript/orahome.out"
become: yes
become_method: sudo
become_user: oracle
environment:
PATH: "/home/oracle/bin:/usr/orasys/12.1.0.2r10/bin:/usr/bin:/bin:/usr/ucb:/sbin:/usr/sbin:/etc:/usr/local/bin:/oradata/epdmat/goldengate/config/sys"
ORACLE_HOME: "/usr/orasys/12.1.0.2r10"
register: orh
with_items: "{{ factor_dbs.split('\n') }}"
However this playbook needs to be run across different hosts which have different path and oracle_home variables.
My question is, why doest the task run despite escalating the permissions. When I try to run the same script manually by logging into the server and after doing "sudo su oracle", it seems to be running fine.
It depends on where you actually set your environment variables. There is a difference in executing a script when you are logged in at a remote machine, and running a script over ssh as Ansible does (see e.g., Differentiate Interactive login and non-interactive non-login shell). Depending on the type of shell and your system, different bash profiles are loaded.
I want to perform some actions, that do not require using the Administrator account. For example, cloning a git repo or creating a folder.
I tried this:
- name: Create gogo1 directory
win_shell: mkdir c:\tmp\gogo1
become: yes
become_user: vagrant
vars:
ansible_become_pass: vagrant
This creates the desired directoy, but when I am logged in as user vagrant and try to remove it I get:
You'll need to provide administrator permission to delete this folder.
The user Vagrant is not given any permissions to the folder gogo1.
I need to do this in addition:
- name: Change owner of gogo1
win_owner:
path: c:\tmp\gogo1
user: vagrant
recurse: yes
Using win_psexec works as intended. It creates the directory, gives user vagrant the permissions, and thus I can delete it without being prompted with the above message.
- name: Create gogo2 directory
win_psexec:
command: cmd /k "cd c:\tmp && mkdir gogo && exit"
username: vagrant
password: vagrant
How can I use become and become_user to create a folder (or do clone a git repo) and giving the user all necessary permissions and ownership (like win_psexec does?
For become to work as you want you need it to login interactively so the profile for the user is loaded when the folder is created.
To do this you can try to set the login_flags (Ansible 2.5+) on become like so:
- name: Create gogo1 directory
win_shell: mkdir c:\tmp\gogo1
become: yes
become_user: vagrant
become_flags: logon_type=interactive logon_flags=with_profile
vars:
ansible_become_pass: vagrant
You can read all the specifics on become_flags here: http://docs.ansible.com/ansible/latest/user_guide/become.html
Unable to run bashrc file using ansible.
- name: Source Bashrc
action: shell source /local/apps/actional/.bash_profile
is not working.
source is a build-in, not command.
Try this:
---
- hosts: target-server
gather_facts: no
tasks:
- copy:
content: export MYVAR=123
dest: /tmp/source_test
- shell: /bin/bash -c 'source /tmp/source_test; echo $MYVAR'
Keep in mind that you can use sourced environment only within one Ansible task – each task is executed in new shell.