Issue with script not working on Windows/Cygwin

25 views
Skip to first unread message

lpesc...@google.com

unread,
Mar 13, 2018, 4:27:24 PM3/13/18
to Ansible Project
Hi, all.
I have an issue with a certain script (permissions) whilst using ansible. 
First of all, I have one script that does work:

#!/bin/bash

set -xe

chmod 660 /etc/rsyncd.secrets
mkpasswd > /etc/passwd
sed -i 's/^YRunner/yrunner/' /etc/passwd

I run it with this command set in the playbook:

- name: Run chmod script
  win_command: 'cmd.exe /c "start C:\cygwin\bin\bash.exe /cygdrive/c/TEMP/chmod1.sh"'
  become: yes
  become_method: runas
  become_user: SYSTEM

And the expected result is achieved:

$ stat /etc/rsyncd.secrets
  File: /etc/rsyncd.secrets
  Size: 17              Blocks: 1          IO Block: 65536  regular file
Device: d22da4adh/3526206637d   Inode: 9288674231979766  Links: 1
Access: (0660/-rw-rw----)  Uid: (  544/Administrators)   Gid: (197121/    None)
Access: 2018-03-13 08:26:32.696649400 -0700
Modify: 2018-03-13 08:26:31.182425000 -0700
Change: 2018-03-13 13:14:37.662372900 -0700
 Birth: 2018-03-13 08:26:32.696649400 -0700

However, when I run THIS script:

#!/bin/bash

set -xe

chmod 700 -R ~/.ssh
chmod 700 -R /home/YRunner
chown yrunner -R /home/YRunner
chmod 600 -R ~/.ssh/authorized_keys

With this command set in the playbook:

- name: Run chmod script 2
  win_command: 'cmd.exe /c "start C:\cygwin\bin\bash.exe /cygdrive/c/TEMP/chmod2.sh"'
  become: yes
  become_method: runas
  become_user: SYSTEM

I do NOT get the expected result:

$ stat ~/.ssh
  File: /home/YRunner/.ssh
  Size: 0               Blocks: 0          IO Block: 65536  directory
Device: d22da4adh/3526206637d   Inode: 8162774325137173  Links: 1
Access: (0777/drwxrwxrwx)  Uid: (197609/ YRunner)   Gid: (197121/    None)
Access: 2018-03-13 08:32:35.164358900 -0700
Modify: 2018-03-13 08:32:35.164358900 -0700
Change: 2018-03-13 13:24:24.376928300 -0700
 Birth: 2018-03-13 08:27:52.540239800 -0700

But, when I run this script as admin from cygwin, it works.

$ ./chmod2.sh
+ chmod 700 -R /home/YRunner/.ssh
+ chmod 700 -R /home/YRunner
+ chown yrunner -R /home/YRunner
+ chmod 600 -R /home/YRunner/.ssh/authorized_keys

YRunner@YRUNNERW-01 /cygdrive/c/TEMP
$ stat ~/.ssh
  File: /home/YRunner/.ssh
  Size: 0               Blocks: 0          IO Block: 65536  directory
Device: d22da4adh/3526206637d   Inode: 8162774325137173  Links: 1
Access: (0700/drwx------)  Uid: (197609/ YRunner)   Gid: (197121/    None)
Access: 2018-03-13 08:32:35.164358900 -0700
Modify: 2018-03-13 08:32:35.164358900 -0700
Change: 2018-03-13 13:25:32.829368400 -0700
 Birth: 2018-03-13 08:27:52.540239800 -0700

The difference I see is that the Uid on the working script is Administrator, while the non-working script Uid is YRunner (my user).

What am I doing wrong? Can I adjust my script in any way to make these mods happen?

Jordan Borean

unread,
Mar 13, 2018, 4:54:52 PM3/13/18
to Ansible Project
I can't say why it isn't working as most of the time I avoid Cygwin due to issues like these. One thing you should look into is changing your win_command tasks from

- win_command: cmd.exe /c "start something.exe"

to just

- win_command: something.exe

For example your 2nd task would look like

- name: Run chmod script 2

  win_command: C:\cygwin\bin\bash.exe /cygdrive/c/TEMP/chmod2.sh

What you are effectively doing in your examples, is starting a new cmd process (cmd.exe) and then getting that to start another executable (C:\cygwin\bin\bash.exe), there is no point in this as win_command is designed to run executables and all you are doing is adding another layer that could be causing trouble.

As for the issue itself, I would think it could be that you are running it as the SYSTEM account and from a cygwin user permissions perspective it is unable to access the home directory for YRunner. While SYSTEM pretty much has full rights in Windows, I'm unsure how that translates to Cygwin and to me seems to be the reason why it may be failing.

Thanks

Jordan

lpesc...@google.com

unread,
Mar 14, 2018, 1:31:35 PM3/14/18
to Ansible Project
Hi Jordan, Thanks for your help. 
I tried running the commands the way you said, but they do not work for me without the cmd.exe /c start portions. 
Anyway, I got this to work. The way I did it was make a win_acl play, give the C:\cygwin folder full control to everyone, and then run the scripts I posted. 
It works great!
Just wanted to post that so someone else might learn from my mistakes.

Peace: Larry

Jordan Borean

unread,
Mar 14, 2018, 4:37:14 PM3/14/18
to Ansible Project
Weird, maybe cygwin's bash.exe relies on being part of the cmd shell to work (another reason why cygwin is quite painful). Glad you got it working though.

Thanks

Jordan

lpesc...@google.com

unread,
Mar 14, 2018, 4:51:59 PM3/14/18
to Ansible Project
Cygwin is a real PITA in relation to windows permissions. I hate it. But, it's doable. 


On Tuesday, March 13, 2018 at 1:27:24 PM UTC-7, lpesc...@google.com wrote:
Reply all
Reply to author
Forward
0 new messages