[ansible-project] how can I use ansible openssl_certificate module to gather facts about installed ssl certificates on application servers?
Dear ansible friends here: I got a request to collect the facts like expiration date, issuer for each ssl certificates on linux servers. I plan to use openssl_certificate module and use the return values to pop out the records into csv file. But the example doesn't list how to gather all the facts, can anyone here help me with this ? if this module is not the best module, which one is good for me. I got a Bach script to do it,but could like to use ansiable to run on multiple servers. thanks. jason -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/0f506139-ec96-462c-a9f9-34bc75236182%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] how could I use python 3 for ansible command
I have two versions of python installed. If I don't run the scl command, I will use python 2.7, but when I use scl command, it swith to use python 3. What is the difference between these two methods? When I try to see which verion of python ansible uses, it says version 2.7. how could I make anislbe use version 3. [root@g0dvlnxjyu01 ~]# python -V Python 2.7.5 [root@g0dvlnxjyu01 ~]# scl enable rh-python36 bash [root@g0dvlnxjyu01 ~]# python -V Python 3.6.3 [root@g0dvlnxjyu01 ~]# ansible --version | grep "python version" python version = 2.7.5 (default, Sep 12 2018, 05:31:16) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)] [root@g0dvlnxjyu01 ~]# which version /usr/bin/which: no version in (/opt/rh/rh-python36/root/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin:/opt/omi/bin:/root/.local/bin:/root/Repo/DevOps/AWS/terra-test:/root) [root@g0dvlnxjyu01 ~]# which python /opt/rh/rh-python36/root/usr/bin/python [root@g0dvlnxjyu01 ~]# -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/b19c712e-c292-490b-a26a-77f0d9ee505f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] Re: why i cannot remove this file /etc/yum.repos.d/redhat-rhui,repo even with the root permission.
*I got it reoslved by using a different user. running packer under root
will not escalate the privilege to root. not sure if it's a bug
or something. *
On Fri, Feb 22, 2019 at 3:37 PM Jason Yu wrote:
> Here is the output with --vvv option:
>
>
>amazon-ebs: TASK [Remove AWS RHUI repos]
> ***
> amazon-ebs: failed: [default] (item=/etc/yum.repos.d/redhat-rhui.repo)
> => {"changed": false, "gid": 0, "group": "root", "item":
> "/etc/yum.repos.d/redhat-rhui.repo", "mode": "0644", "msg": "unlinking
> failed: [Errno 13] Permission denied: '/etc/yum.repos.d/redhat-rhui.repo'
> ", "owner": "root", "path": "/etc/yum.repos.d/redhat-rhui.repo",
> "secontext": "system_u:object_r:system_conf_t:s0", "size": 8679, "state":
> "file", "uid": 0}
> amazon-ebs: failed: [default]
> (item=/etc/yum.repos.d/rhui-load-balancers.conf) => {"changed": false,
> "gid": 0, "group": "root", "item":
> "/etc/yum.repos.d/rhui-load-balancers.conf", "mode": "0644", "msg":
> "unlinking failed: [Errno 13] Permission denied:
> '/etc/yum.repos.d/rhui-load-balancers.conf' ", "owner": "root", "path":
> "/etc/yum.repos.d/rhui-load-balancers.conf", "secontext":
> "system_u:object_r:system_conf_t:s0", "size": 80, "state": "file", "uid": 0}
> amazon-ebs: failed: [default]
> (item=/etc/yum.repos.d/redhat-rhui-client-config.repo) => {"changed":
> false, "gid": 0, "group": "root", "item":
> "/etc/yum.repos.d/redhat-rhui-client-config.repo", "mode": "0644", "msg":
> "unlinking failed: [Errno 13] Permission denied:
> '/etc/yum.repos.d/redhat-rhui-client-config.repo' ", "owner": "root",
> "path": "/etc/yum.repos.d/redhat-rhui-client-config.repo", "secontext":
> "system_u:object_r:system_conf_t:s0", "size": 607, "state": "file", "uid":
> 0}
> amazon-ebs: failed: [default]
> (item=/etc/yum/pluginconf.d/amazon-id.conf) => {"changed": false, "gid": 0,
> "group": "root", "item": "/etc/yum/pluginconf.d/amazon-id.conf", "mode":
> "0644", "msg": "unlinking failed: [Errno 13] Permission denied:
> '/etc/yum/pluginconf.d/amazon-id.conf' ", "owner": "root", "path":
> "/etc/yum/pluginconf.d/amazon-id.conf", "secontext":
> "system_u:object_r:etc_t:s0", "size": 17, "state": "file", "uid": 0}
> amazon-ebs: failed: [default]
> (item=/etc/yum/pluginconf.d/rhui-lb.conf) => {"changed": false, "gid": 0,
> "group": "root", "item": "/etc/yum/pluginconf.d/rhui-lb.conf", "mode":
> "0644", "msg": "unlinking failed: [Errno 13] Permission denied:
> '/etc/yum/pluginconf.d/rhui-lb.conf' ", "owner": "root", "path":
> "/etc/yum/pluginconf.d/rhui-lb.conf", "secontext":
> "system_u:object_r:etc_t:s0", "size": 74, "state": "file", "uid": 0}
> amazon-ebs: to retry, use: --limit
> @/workdir/Ansible/playbooks/common/Configure_Base_Linux.retry
> amazon-ebs:
> amazon-ebs: PLAY RECAP
> *
> amazon-ebs: default: ok=6changed=3
> unreachable=0failed=1
> amazon-ebs:
> ==> amazon-ebs: Terminating the source AWS instance...
> ==> amazon-ebs: Cleaning up any extra volumes...
> ==> amazon-ebs: No volumes to clean up, skipping
> ==> amazon-ebs: Deleting temporary security group...
> ==> amazon-ebs: Deleting temporary keypair...
> Build 'amazon-ebs' errored: Error executing Ansible: Non-zero exit status:
> exit status 2
>
>
>
>
>
>
>
> On Friday, February 22, 2019 at 3:28:09 PM UTC-8, Jason Yu wrote:
>>
>> Dear Ansible Gurus and friends:
>>
>> I have the following ansible script to remove the default AWS repos on an
>> new created RHEL ec2 instance from Packer.
>>
>> It works well untill the "Remove AWS RHUI repos" module. For some reason,
>> the priv
[ansible-project] Re: why i cannot remove this file /etc/yum.repos.d/redhat-rhui,repo even with the root permission.
Here is the output with --vvv option:
amazon-ebs: TASK [Remove AWS RHUI repos]
***
amazon-ebs: failed: [default] (item=/etc/yum.repos.d/redhat-rhui.repo)
=> {"changed": false, "gid": 0, "group": "root", "item":
"/etc/yum.repos.d/redhat-rhui.repo", "mode": "0644", "msg": "unlinking
failed: [Errno 13] Permission denied: '/etc/yum.repos.d/redhat-rhui.repo'
", "owner": "root", "path": "/etc/yum.repos.d/redhat-rhui.repo",
"secontext": "system_u:object_r:system_conf_t:s0", "size": 8679, "state":
"file", "uid": 0}
amazon-ebs: failed: [default]
(item=/etc/yum.repos.d/rhui-load-balancers.conf) => {"changed": false,
"gid": 0, "group": "root", "item":
"/etc/yum.repos.d/rhui-load-balancers.conf", "mode": "0644", "msg":
"unlinking failed: [Errno 13] Permission denied:
'/etc/yum.repos.d/rhui-load-balancers.conf' ", "owner": "root", "path":
"/etc/yum.repos.d/rhui-load-balancers.conf", "secontext":
"system_u:object_r:system_conf_t:s0", "size": 80, "state": "file", "uid": 0}
amazon-ebs: failed: [default]
(item=/etc/yum.repos.d/redhat-rhui-client-config.repo) => {"changed":
false, "gid": 0, "group": "root", "item":
"/etc/yum.repos.d/redhat-rhui-client-config.repo", "mode": "0644", "msg":
"unlinking failed: [Errno 13] Permission denied:
'/etc/yum.repos.d/redhat-rhui-client-config.repo' ", "owner": "root",
"path": "/etc/yum.repos.d/redhat-rhui-client-config.repo", "secontext":
"system_u:object_r:system_conf_t:s0", "size": 607, "state": "file", "uid":
0}
amazon-ebs: failed: [default]
(item=/etc/yum/pluginconf.d/amazon-id.conf) => {"changed": false, "gid": 0,
"group": "root", "item": "/etc/yum/pluginconf.d/amazon-id.conf", "mode":
"0644", "msg": "unlinking failed: [Errno 13] Permission denied:
'/etc/yum/pluginconf.d/amazon-id.conf' ", "owner": "root", "path":
"/etc/yum/pluginconf.d/amazon-id.conf", "secontext":
"system_u:object_r:etc_t:s0", "size": 17, "state": "file", "uid": 0}
amazon-ebs: failed: [default] (item=/etc/yum/pluginconf.d/rhui-lb.conf)
=> {"changed": false, "gid": 0, "group": "root", "item":
"/etc/yum/pluginconf.d/rhui-lb.conf", "mode": "0644", "msg": "unlinking
failed: [Errno 13] Permission denied: '/etc/yum/pluginconf.d/rhui-lb.conf'
", "owner": "root", "path": "/etc/yum/pluginconf.d/rhui-lb.conf",
"secontext": "system_u:object_r:etc_t:s0", "size": 74, "state": "file",
"uid": 0}
amazon-ebs: to retry, use: --limit
@/workdir/Ansible/playbooks/common/Configure_Base_Linux.retry
amazon-ebs:
amazon-ebs: PLAY RECAP
*
amazon-ebs: default: ok=6changed=3
unreachable=0failed=1
amazon-ebs:
==> amazon-ebs: Terminating the source AWS instance...
==> amazon-ebs: Cleaning up any extra volumes...
==> amazon-ebs: No volumes to clean up, skipping
==> amazon-ebs: Deleting temporary security group...
==> amazon-ebs: Deleting temporary keypair...
Build 'amazon-ebs' errored: Error executing Ansible: Non-zero exit status:
exit status 2
On Friday, February 22, 2019 at 3:28:09 PM UTC-8, Jason Yu wrote:
>
> Dear Ansible Gurus and friends:
>
> I have the following ansible script to remove the default AWS repos on an
> new created RHEL ec2 instance from Packer.
>
> It works well untill the "Remove AWS RHUI repos" module. For some reason,
> the privilege escalation doesn't work for this native file module. However,
> if I use the command module with a sudo command, it works fine as " sudo
> rm -rf /etc/yum.repos.d/redhat-rhui.repo"
>
> I could not figure out why it behaves like this. Could anyone help me with
> this ? I have been stucked here for a few days for deliver this Packer
> script with ansible calls.
>
>
>
>
> - name: Configure BASE Linux Servers
> hosts: linux
> gather_facts: tr
[ansible-project] why i cannot remove this file /etc/yum.repos.d/redhat-rhui,repo even with the root permission.
Dear Ansible Gurus and friends:
I have the following ansible script to remove the default AWS repos on an
new created RHEL ec2 instance from Packer.
It works well untill the "Remove AWS RHUI repos" module. For some reason,
the privilege escalation doesn't work for this native file module. However,
if I use the command module with a sudo command, it works fine as " sudo
rm -rf /etc/yum.repos.d/redhat-rhui.repo"
I could not figure out why it behaves like this. Could anyone help me with
this ? I have been stucked here for a few days for deliver this Packer
script with ansible calls.
- name: Configure BASE Linux Servers
hosts: linux
gather_facts: true
become: yes
become_user: root
become_method: su
pre_tasks:
- name: Debug
raw: sleep 1
- name: get the username running the deploy
become: false
local_action: command whoami
register: username_on_the_host
- debug: var=username_on_the_host
- name: Show /etc/ssh/sshd_config file content
command: sudo cat /etc/ssh/sshd_config
register: cat
become: yes
become_method: su
become_user: root
- debug: var=cat.stdout_lines
- name: Remove AWS RHUI repos
file:
path: "{{ item }}"
state: absent
force: yes
with_items:
- /etc/yum.repos.d/redhat-rhui.repo
- /etc/yum.repos.d/rhui-load-balancers.conf
- /etc/yum.repos.d/redhat-rhui-client-config.repo
- /etc/yum/pluginconf.d/amazon-id.conf
- /etc/yum/pluginconf.d/rhui-lb.conf
roles:
- { role: linux_common, tags: linux_common }
- { role: deep_security_agent, tags: deep_security_agent }
The error is like below:
amazon-ebs: TASK [Remove AWS RHUI repos]
***
amazon-ebs: failed: [default] (item=/etc/yum.repos.d/redhat-rhui.repo)
=> {"changed": false, "gid": 0, "group": "root", "item":
"/etc/yum.repos.d/redhat-rhui.repo", "mode": "0644", "msg": "unlinking
failed: *[Errno 13] **Permission denied:
'/etc/yum.repos.d/redhat-rhui.repo' ", *"owner": "root", "path":
"/etc/yum.repos.d/redhat-rhui.repo", "secontext":
"system_u:object_r:system_conf_t:s0", "size": 8679, "state": "file", "uid":
0}
amazon-ebs: failed: [default]
(item=/etc/yum.repos.d/rhui-load-balancers.conf) => {"changed": false,
"gid": 0, "group": "root", "item":
"/etc/yum.repos.d/rhui-load-balancers.conf", "mode": "0644", "msg":
"unlinking failed: [Errno 13] Permission denied:
'/etc/yum.repos.d/rhui-load-balancers.conf' ", "owner": "root", "path":
"/etc/yum.repos.d/rhui-load-balancers.conf", "secontext":
"system_u:object_r:system_conf_t:s0", "size": 80, "state": "file", "uid": 0}
amazon-ebs: failed: [default]
(item=/etc/yum.repos.d/redhat-rhui-client-config.repo) => {"changed":
false, "gid": 0, "group": "root", "item":
"/etc/yum.repos.d/redhat-rhui-client-config.repo", "mode": "0644", "msg":
"unlinking failed: [Errno 13] Permission denied:
'/etc/yum.repos.d/redhat-rhui-client-config.repo' ", "owner": "root",
"path": "/etc/yum.repos.d/redhat-rhui-client-config.repo", "secontext":
"system_u:object_r:system_conf_t:s0", "size": 607, "state": "file", "uid":
0}
amazon-ebs: failed: [default]
(item=/etc/yum/pluginconf.d/amazon-id.conf) => {"changed": false, "gid": 0,
"group": "root", "item": "/etc/yum/pluginconf.d/amazon-id.conf", "mode":
"0644", "msg": "unlinking failed: [Errno 13] Permission denied:
'/etc/yum/pluginconf.d/amazon-id.conf' ", "owner": "root", "path":
"/etc/yum/pluginconf.d/amazon-id.conf", "secontext":
"system_u:object_r:etc_t:s0", "size": 17, "state": "file", "uid": 0}
amazon-ebs: failed: [default] (item=/etc/yum/pluginconf.d/rhui-lb.conf)
=> {"changed": false, "gid": 0, "group": "root", "item":
"/etc/yum/pluginconf.d/rhui-lb.conf", "mode": "0644", "msg": "unlinking
failed: [Errno 13] Permission denied: '/etc/yum/pluginconf.d/rhui-lb.conf'
", "owner": "root", "path": "/etc/yum/pluginconf.d/rhui-lb.conf",
"secontext": "system_u:object_r:etc_t:s0", "size": 74, "state": "file",
"uid": 0}
amazon-ebs: to retry, use: --limit
@/workdir/Ansible/playbooks/common/Configure_Base_Linux.retry
amazon-ebs:
amazon-ebs: PLAY RECAP
*
amazon-ebs: default: ok=6changed=3
unreachable=0failed=1
amazon-ebs:
==> amazon-ebs: Terminating the source AWS instance...
==> amazon-ebs: Cleaning up any extra volumes...
==> amazon-ebs: No volumes to clean up, skipping
==> amazon-ebs: Deleting temporary security group...
==> amazon-ebs: Deleting temporary keypair...
Build 'amazon-ebs' errored: Error executing Ansible: Non-zero exit status:
exit status 2
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
[ansible-project] ERROR! Problem running vault password script /root/.vault_pass ([Errno 8] Exec format error). If this is not a script, remove the executable bit from the file
I got the following error when I ran an ansible script from a docker container. It looks like the executable bit needs to be reset. I am using docker for windows which is running on my windows 10 desktop. Could anyone help me with it ? amazon-ebs: Running local shell script: /tmp/packer-shell828359150 amazon-ebs: [WARNING]: Error in vault password file loading (default): Problem running amazon-ebs: vault password script /root/.vault_pass ([Errno 8] Exec format error). If this amazon-ebs: is not a script, remove the executable bit from the file. amazon-ebs: ERROR! Problem running vault password script /root/.vault_pass ([Errno 8] Exec format error). If this is not a script, remove the executable bit from the file. ==> amazon-ebs: Terminating the source AWS instance... ==> amazon-ebs: Cleaning up any extra volumes... ==> amazon-ebs: No volumes to clean up, skipping ==> amazon-ebs: Deleting temporary security group... ==> amazon-ebs: Deleting temporary keypair... -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/61adcabf-c169-421f-a78c-eb1e5508db95%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
