Sorry I miss the first two tasks...
Il giorno mercoledì 6 marzo 2019 00:15:40 UTC+1, fusillator ha scritto:
>
> I also made a new version of the workaround to restore the not validated
> files
>
> - name: copy configuration file
template:
mode: 0600
dest: "/etc/{{ item }}"
src: "{{ item }}.j2"
with_items: "{{ monitrc.files }}"
register: template_result
- name: monit validation
command: /usr/bin/monit -c /etc/monitrc -t
register: validate_result
ignore_errors: true
> - name: validates the monit configuration
> command: /usr/bin/monit -c /etc/monitrc -t
> register: validate_result
> ignore_errors: true
>
> - name: restores the old version of the configuration files in the validation
> fails
> command: /usr/bin/mv {{ item.backup_file }} {{ item.dest }}
> with_items: "{{
> template_result.results|selectattr('changed')|selectattr('backup_file',
> 'defined')|list }}"
> when: validate_result.rc > 0
>
> - name: removes the new files for the restore of the old version because of
> the validation failure
> file:
> path: "{{ item.dest }}"
> state: absent
> with_items: "{{
> template_result.results|selectattr('changed')|selectattr('backup_file',
> 'undefined')|list }}"
> when: validate_result.rc > 0
>
> - name: removes backup files
> file:
> path: "{{ item.backup_file }}"
> state: absent
> with_items: "{{
> template_result.results|selectattr('changed')|selectattr('backup_file',
> 'defined')|list }}"
>
> - name: exits if the monit validation fails
> fail:
> msg: monit validation failure
> when: validate_result.rc > 0
>
>
>
>
>
> Il giorno mercoledì 6 marzo 2019 00:08:52 UTC+1, fusillator ha scritto:
>>
>> Unfortunately this morning I was in a hurry, and I posted the latest test
>> with the useless sudo
>>
>> Anyway I tried again getting the same error:
>>
>> $ cat roles/monit_install/tasks/main.yml
>> - name: copy configuration file
>> template:
>> mode: 0600
>> dest: /etc/monitrc
>> src: monitrc.j2
>> validate: /usr/bin/monit -c %s -t
>> $ ansible-playbook monit_install.yml --become --ask-become-pass
>> SUDO password:
>>
>> PLAY [server2]
>> ****************************************************************************************************************************************************************************************************************************************************************
>>
>> TASK [Gathering Facts]
>> ********************************************************************************************************************************************************************************************************************************************************
>> ok: [server2]
>>
>> TASK [monit_install : copy configuration file]
>> ********************************************************************************************************************************************************************************************************************************
>> fatal: [server2]: FAILED! => {"changed": false, "checksum":
>> "435dbc73eaa2ccd4efd4c442e75e59e080088c02", "exit_status": 1, "msg":
>> "failed to validate", "stderr": "The control file
>> '/home/fusillator/.ansible/tmp/ansible-tmp-1551826763.1-47158502331153/source'
>>
>> must be owned by you.\n", "stderr_lines": ["The control file
>> '/home/fusillator/.ansible/tmp/ansible-tmp-1551826763.1-47158502331153/source'
>>
>> must be owned by you."], "stdout": "", "stdout_lines": []}
>> to retry, use: --limit
>> @/home/fusillator/Code/ansible/monit_install.retry
>>
>> PLAY RECAP
>> ********************************************************************************************************************************************************************************************************************************************************************
>> server2 : ok=1 changed=0 unreachable=0
>> failed=1
>>
>> whereas the validation of the same file succeded using the user root:
>>
>> $ ansible-playbook monit_install.yml -u root -k
>> SSH password:
>>
>> PLAY [server2]
>> ****************************************************************************************************************************************************************************************************************************************************************
>>
>> TASK [Gathering Facts]
>> ********************************************************************************************************************************************************************************************************************************************************
>> ok: [server2]
>>
>> TASK [monit_install : copy configuration file]
>> ********************************************************************************************************************************************************************************************************************************
>> changed: [server2]
>>
>> PLAY RECAP
>> ********************************************************************************************************************************************************************************************************************************************************************
>> server2 : ok=2 changed=1 unreachable=0
>> failed=0
>>
>> Should I open a bug?
>> Do I miss something?
>>
>> Thanks
>>
>> Luca
>>
>> Il giorno martedì 5 marzo 2019 22:40:23 UTC+1, Kai Stian Olstad ha
>> scritto:
>>>
>>> On 05.03.2019 11:47, fusillator wrote:
>>> > Hi all, I've a very simple role to copy and validate a monit
>>> configuration
>>> > file
>>> >
>>> > cat roles/monit_install/tasks/main.yml
>>> > - name: copy configuration file
>>> > template:
>>> > mode: 0600
>>> > dest: /etc/monitrc
>>> > src: monitrc.j2
>>> > validate: /usr/bin/sudo /usr/bin/monit -c %s -t
>>> >
>>>
>>> <snip />
>>>
>>> > but it fails when I try to launch it with sudo/become as follows:
>>> > (after having removed the file monitrc on server2)
>>> >
>>> > $ ansible-playbook monit_install.yml --become --ask-become-pass
>>> > SUDO password:
>>>
>>> Since you are running the whole playbook with become/sudo there is no
>>> need to have sudo in the validate.
>>>
>>> --
>>> Kai Stian Olstad
>>>
>>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/c449d107-8d7c-4c46-afcb-59bb154fbd82%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
