I also made a new version of the workaround to restore the not validated
files
- name: validates the monit configuration
command: /usr/bin/monit -c /etc/monitrc -t
register: validate_result
ignore_errors: true
- name: restores the old version of the configuration files in the validation
fails
command: /usr/bin/mv {{ item.backup_file }} {{ item.dest }}
with_items: "{{
template_result.results|selectattr('changed')|selectattr('backup_file',
'defined')|list }}"
when: validate_result.rc > 0
- name: removes the new files for the restore of the old version because of the
validation failure
file:
path: "{{ item.dest }}"
state: absent
with_items: "{{
template_result.results|selectattr('changed')|selectattr('backup_file',
'undefined')|list }}"
when: validate_result.rc > 0
- name: removes backup files
file:
path: "{{ item.backup_file }}"
state: absent
with_items: "{{
template_result.results|selectattr('changed')|selectattr('backup_file',
'defined')|list }}"
- name: exits if the monit validation fails
fail:
msg: monit validation failure
when: validate_result.rc > 0
Il giorno mercoledì 6 marzo 2019 00:08:52 UTC+1, fusillator ha scritto:
>
> Unfortunately this morning I was in a hurry, and I posted the latest test
> with the useless sudo
>
> Anyway I tried again getting the same error:
>
> $ cat roles/monit_install/tasks/main.yml
> - name: copy configuration file
> template:
> mode: 0600
> dest: /etc/monitrc
> src: monitrc.j2
> validate: /usr/bin/monit -c %s -t
> $ ansible-playbook monit_install.yml --become --ask-become-pass
> SUDO password:
>
> PLAY [server2]
> ****************************************************************************************************************************************************************************************************************************************************************
>
> TASK [Gathering Facts]
> ********************************************************************************************************************************************************************************************************************************************************
> ok: [server2]
>
> TASK [monit_install : copy configuration file]
> ********************************************************************************************************************************************************************************************************************************
> fatal: [server2]: FAILED! => {"changed": false, "checksum":
> "435dbc73eaa2ccd4efd4c442e75e59e080088c02", "exit_status": 1, "msg":
> "failed to validate", "stderr": "The control file
> '/home/fusillator/.ansible/tmp/ansible-tmp-1551826763.1-47158502331153/source'
>
> must be owned by you.\n", "stderr_lines": ["The control file
> '/home/fusillator/.ansible/tmp/ansible-tmp-1551826763.1-47158502331153/source'
>
> must be owned by you."], "stdout": "", "stdout_lines": []}
> to retry, use: --limit
> @/home/fusillator/Code/ansible/monit_install.retry
>
> PLAY RECAP
> ********************************************************************************************************************************************************************************************************************************************************************
> server2 : ok=1 changed=0 unreachable=0
> failed=1
>
> whereas the validation of the same file succeded using the user root:
>
> $ ansible-playbook monit_install.yml -u root -k
> SSH password:
>
> PLAY [server2]
> ****************************************************************************************************************************************************************************************************************************************************************
>
> TASK [Gathering Facts]
> ********************************************************************************************************************************************************************************************************************************************************
> ok: [server2]
>
> TASK [monit_install : copy configuration file]
> ********************************************************************************************************************************************************************************************************************************
> changed: [server2]
>
> PLAY RECAP
> ********************************************************************************************************************************************************************************************************************************************************************
> server2 : ok=2 changed=1 unreachable=0
> failed=0
>
> Should I open a bug?
> Do I miss something?
>
> Thanks
>
> Luca
>
> Il giorno martedì 5 marzo 2019 22:40:23 UTC+1, Kai Stian Olstad ha scritto:
>>
>> On 05.03.2019 11:47, fusillator wrote:
>> > Hi all, I've a very simple role to copy and validate a monit
>> configuration
>> > file
>> >
>> > cat roles/monit_install/tasks/main.yml
>> > - name: copy configuration file
>> > template:
>> > mode: 0600
>> > dest: /etc/monitrc
>> > src: monitrc.j2
>> > validate: /usr/bin/sudo /usr/bin/monit -c %s -t
>> >
>>
>> <snip />
>>
>> > but it fails when I try to launch it with sudo/become as follows:
>> > (after having removed the file monitrc on server2)
>> >
>> > $ ansible-playbook monit_install.yml --become --ask-become-pass
>> > SUDO password:
>>
>> Since you are running the whole playbook with become/sudo there is no
>> need to have sudo in the validate.
>>
>> --
>> Kai Stian Olstad
>>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/4f66b1c8-8d05-4679-b5ea-3deb67b3cb42%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
