need to replace a line in config file

visar

unread,

Nov 5, 2018, 1:21:17 AM11/5/18

to Ansible Project

Hi Experts,

Please help me with your guidance here.

I want to comment a line in one config file and need to uncomment the other lline using ansible.

My file content as below.

________________________________________________________________________________________________________________________

<include location="conf/basicUserRegistry.xml"/> -------------------------this i want to comment

--------------------------- this line i want to uncomment

__________________________________________________________________________________________________________________________

I tried with the below play book and its not showing any error even though its not changing any changes to the file.

---------------------------------------------------------------------------------------------------------------------------------------------------

- name: enable LDAP

hosts: localhost

tasks:

- name: disbale basic user-registry

lineinfile:

path: /opt/IBM/605CLM/JazzTeamServer/server/liberty/servers/clm/server.xml

regexp: '^\s*<include location="conf/basicUserRegistry.xml">.*$'

line: ';'

backrefs: yes

become: true

-----------------------------------------------------------------------------------------------------------------------------------------------------------

---

- name: enable LDAP USER_REGISTRY

hosts: localhost

tasks:

lineinfile:

dest: /opt/IBM/605CLM/JazzTeamServer/server/liberty/servers/clm/server.xml

regexp: '^(.*)(.*)$'

line: '<include location="conf/ldapUserRegistry.xml">;'

backrefs: yes

_____________________________________________________________________________________________________________

Output:

PLAY [enable LDAP] ******************************************************************************************************************************************

TASK [Gathering Facts] **************************************************************************************************************************************

ok: [localhost]

TASK [disbale basic user-registry] **************************************************************************************************************************

ok: [localhost]

PLAY RECAP **************************************************************************************************************************************************

localhost : ok=2 changed=0 unreachable=0 failed=0

visar

unread,

Nov 5, 2018, 6:34:34 AM11/5/18

to Ansible Project

Hi Experts,

Any suggestion here ?

Dick Visser

unread,

Nov 5, 2018, 8:50:52 AM11/5/18

to ansible...@googlegroups.com

Hi

I would not use lineinfile and regular expressions to manipulate XML.
You might get it to work, but it will be very fragile.
Instead have a look at the xml module, which (if you can get it to
work) will be more robust:

https://docs.ansible.com/ansible/2.4/xml_module.html

Dick

> --
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
> To post to this group, send email to ansible...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/0f7ae057-ba2d-44e1-aaba-29b802acfca7%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

Kai Stian Olstad

unread,

Nov 5, 2018, 8:56:25 AM11/5/18

to ansible...@googlegroups.com

On 05.11.2018 12:34, visar wrote:
> Hi Experts,
>
> Any suggestion here ?

People do work in different timezone and/or are busy so you cant expect
an answer one the hour.

> On Monday, November 5, 2018 at 11:51:17 AM UTC+5:30, visar wrote:
>>
>> My file content as below.
>>
>> ________________________________________________________________________________________________________________________
>>
>> <include location="conf/basicUserRegistry.xml"/>
>> -------------------------this i want to
>> comment
>> 
>> --------------------------- this line i want
>> to
>> uncomment
>>
>>
>> __________________________________________________________________________________________________________________________
>>

Note the / on the end.

Both of you regexp is missing a / at the end

--
Kai Stian Olstad

visar

unread,

Nov 5, 2018, 9:45:16 AM11/5/18

to Ansible Project

Hello Kai,

Thanks a lot for your gudance here. Its really appreciated.

I am very new to ansible and thought like this is a normal task already done by experts like you and was eager to get a reply on that..

Here i just gone through the xml module and couldnt dfind any information to replace lines as we seen in the lineinfile module. Please correct me if i missed any..

Dick Visser

unread,

Nov 5, 2018, 10:46:40 AM11/5/18

to ansible...@googlegroups.com

On Mon, 5 Nov 2018 at 15:45, visar <vivu...@gmail.com> wrote:
>
> Hello Kai,
>
> Thanks a lot for your gudance here. Its really appreciated.
>
> I am very new to ansible and thought like this is a normal task already done by experts like you and was eager to get a reply on that..
>
> Here i just gone through the xml module and couldnt dfind any information to replace lines as we seen in the lineinfile module. Please correct me if i missed any..

Hi Visar

Correct.
The point I was trying to make is that using string manipulation to
edit an XML configuration file might not be the best way to go about
it.
A regular expression might work - until it doesn't. For instance when
the content is split over lines, uses inconsistent spacing, the regex
eats multiple instances which you didn't want, etc.
The XML module does not "replace lines" , but will operate on the
actual XML elements, which is more robust.

For this to work you need to know the structure of the XML - can you
supply the server.xml?

Thanks

Dick

visar

unread,

Nov 5, 2018, 10:58:57 AM11/5/18

to Ansible Project

Hello kai,

This is the xml file , where i want to enable Ldap user registry and disable basic local registry using ansible

____________________________________________________________________________________________________

<!--

Licensed Materials - Property of IBM

Note to U.S. Government Users Restricted Rights:

Use, duplication or disclosure restricted by GSA ADP Schedule

Contract with IBM Corp.

-->

<feature>monitor-1.0</feature>

<feature>servlet-3.0</feature>

<feature>appSecurity-2.0</feature>

<feature>adminCenter-1.0</feature>

</featureManager>

<httpEndpoint id="defaultHttpEndpoint"

host="*"

httpPort="9080"

httpsPort="9443" />

<!-- The deferServletLoad attribute value can be changed to "false" to force all applications

to load on startup, instead of when they are first accessed -->

<!-- Edit the following, after setting up the user registry,

to define the user(s) and/or group(s) that can perform Liberty server administration

(e.g. access the Admin Center) -->

<administrator-role>

<user>ADMIN</user>

<group>JazzAdmins</group>

<group>vwjazzadmin</group>

</administrator-role>

<writeDir>${server.config.dir}</writeDir>

</remoteFileAccess>

</server>

Dick Visser

unread,

Nov 5, 2018, 1:54:26 PM11/5/18

to ansible...@googlegroups.com

On Mon, 5 Nov 2018 at 16:59, visar <vivu...@gmail.com> wrote:
>
> Hello kai,
>
> This is the xml file , where i want to enable Ldap user registry and disable basic local registry using ansible

Your XML file actually has multiple include locations, so you'd have
to loop through them.
Since this is the case, you also need to make sure there are no
additional include locations.
Something like this should do the trick:

vars:
locations:
- conf/ldapUserRegistry.xml
- conf/application.xml

tasks:
- name: Ensure locations are configured
xml:
path: server.xml
xpath: "/server/include[{{ i + 1 }}]"
attribute: location
value: "{{ item }}"
loop: "{{ locations }}"
loop_control:
index_var: i

- name: Ensure no other locations are configured
xml:
path: server.xml
xpath: "/server/include[position()>{{ (locations | length) }}]"
state: absent

--
Dick Visser
Trust & Identity Service Operations Manager
GÉANT
T: +31205304488
PGP key fingerprint: F575 58C6 62C6 FD5B A9CD 217C 2667 13D4 E6EF 488D
GÉANT Vereniging (Association) is registered with the Chamber of
Commerce in Amsterdam with registration number 40535155 and operates
in the UK as a branch of GÉANT Vereniging. Registered office:
Hoekenrode 3, 1102 BR Amsterdam, The Netherlands. UK branch address:
City House, 126-130 Hills Road, Cambridge CB2 1PQ, UK.

visar

unread,

Nov 9, 2018, 7:27:05 AM11/9/18

to Ansible Project

Hello Visser,

Appreciate your time for checking this.

Here i am little confused that,

Here I just want to modify the server.xml file only.

(comment basicuserregistry.xml and uncomment ldapuseruserregistry.xml file).

Both the files are already present there in the defined location already, but just want to edit the server.xml file to comment and uncomment..

visar

unread,

Nov 12, 2018, 9:53:56 AM11/12/18

to Ansible Project

I tried with below play book but its not changing anything but playbook is running without any issues.

- name: LDAP Settings
 hosts: myserver
 vars:
   mark_1: 'include location="conf/basicUserRegistry.xml"/'
   mark_2: 'include location="conf/ldapUserRegistry.xml"/'
 tasks:
    - replace:
       path: /opt/IBM/server/liberty/servers/clm/server.xml
       regexp: "^<!--{{ mark_2 }}-->"
       replace: "<{{ mark_2 }}>"
    - replace:
       path: /opt/IBM/server/liberty/servers/clm/server.xml
       regexp: "^<{{ mark_1 }}>"
       replace: "<!--{{ mark_1 }}-->"
       backup: yes'

Dick Visser

unread,

Nov 12, 2018, 11:14:32 AM11/12/18

to ansible...@googlegroups.com

On Fri, 9 Nov 2018 at 13:27, visar <vivu...@gmail.com> wrote:
>
> Hello Visser,
>
> Appreciate your time for checking this.
>
> Here i am little confused that,
>
> Here I just want to modify the server.xml file only.
> (comment basicuserregistry.xml and uncomment ldapuseruserregistry.xml file).
>
> Both the files are already present there in the defined location already, but just want to edit the server.xml file to comment and uncomment..

It would rather see the appreciation for my time by trying out the
playbook that I sent.
Because there is a very good chance that it will solve your problem.
Please let me know how it went.

Dick

visar

unread,

Nov 12, 2018, 12:23:39 PM11/12/18

to Ansible Project

Hello Dick,

Yes, You are right that the given play is working .

The playbook is making changes on the xml file, but not as expected. Its making double entry for same ldap settings. one is commented another is uncommented.

But here I want a result like comment only the basic user registry line and uncomment ldap line

here the basic registry line itself got removed..

visar

unread,

Nov 12, 2018, 12:32:06 PM11/12/18

to Ansible Project

Hello Dick,

Now this is the output.

<!-- The deferServletLoad attribute value can be changed to "false" to force all applications

to load on startup, instead of when they are first accessed -->

Here ldapUserRegistry line is repeating twice where one should be basicUserRegistry xml file which should be commented..

Thanks in advance for your help here

Dick Visser

unread,

Nov 12, 2018, 1:06:14 PM11/12/18

to ansible...@googlegroups.com

Hi Visar

You keep thinking in terms of "commenting out lines" in your XML
configuration file.
But what you really want (although you might not realise it), is to
configure your application server the right way.
This playbook does exactly that.
Ignore what is commented out - like your application server does.

At this moment you're all set!

Dick

> --
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
> To post to this group, send email to ansible...@googlegroups.com.

> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/27f3060b-739c-4b4a-839f-c6b1f7727f4c%40googlegroups.com.

vivek vijayan

unread,

Nov 12, 2018, 2:16:38 PM11/12/18

to ansible...@googlegroups.com

Hi Dick,

By editing this configuration xml file I am disabling the default basicregistry file user authentication which is local and I am enabling the LDAP setting by commenting out. Once the LDAP line got uncommented I have my own LDAP settings in the ldapuser registry file. Also in some situations where LDAP is not working I want to use the default basic user registry as well.

That's why I am looking for enabling LDAP file and disabling basicregistry file here.

In the given playbook ldapuser registry is enabled and disabled in different lines as I given in prevy example

To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAL8fbwPVx2HeW1RHw32cXmhvJ55pjZwceeL5_ueXNHZtmras7w%40mail.gmail.com.

Dick Visser

unread,

Nov 13, 2018, 6:17:35 AM11/13/18

to ansible...@googlegroups.com

Hi Vivek

It seems that the basics of XML and system configuration are not clear.
There is no use in continuing this conversation for me.

Regards

Dick

> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAJztPtRnpVx0K7s8FyL5c1wCsbt%2BXwE%3D9rbgqHtW_6LMbztRWQ%40mail.gmail.com.

visar

unread,

Nov 13, 2018, 7:23:45 AM11/13/18

to Ansible Project

Hello Visser,

I am sorry if i couldn't explain you the way which i was looking for here.

Please find the default server.xml file which is by default pointing to the "basicUserRegistry.xml" file located in applications conf directory. Here in order to proceed further installation step of our application, we have to enable "ldapUserRegistry.xml" file in the same directory. Because we cant proceed the further steps with "basicUserRegistry" user. We have already "ldapUserRegistry.xml" file edited with our domain properties and it will be replaced by another play book in the same applications conf directory.

Now our requirement is to just enable the "ldapUserRegistry.xml" file and disable "basicUserRegistry.xml" ( We dont want to remove this parameter because in some troubleshooting scenarios, we can authenticate the application with basic user registry and check the things, where ldapuser is failing)

here nothing else we want to modify in this file as mistake in this file modification will result the application down..

__________________________________________________

<!-- The deferServletLoad attribute value can be changed to "false" to force all applications

to load on startup, instead of when they are first accessed -->

<!-- Edit the following, after setting up the user registry,

to define the user(s) and/or group(s) that can perform Liberty server administration

(e.g. access the Admin Center) -->

<administrator-role>

<user>ADMIN</user>

<group>JazzAdmins</group>

</administrator-role>

<writeDir>${server.config.dir}</writeDir>

</remoteFileAccess>

</server>

_______________________________________________________________________________________

I tried with your playbook and its result was not as we expected.. Its making two entries for same "ldapUserRegistry.xml" file (one is commented and another is uncommented), and removed the "basicUserRegistry.xml" file paramter itself.

This was the result of the given playbook in server.xml file.

-----------------------------------------------------------------------

-->

<feature>monitor-1.0</feature>

<feature>servlet-3.0</feature>

<feature>appSecurity-2.0</feature>

<feature>adminCenter-1.0</feature>

</featureManager>

<httpEndpoint id="defaultHttpEndpoint"

host="*"

httpPort="9080"

httpsPort="9443" />

<!-- The deferServletLoad attribute value can be changed to "false" to force all applications

to load on startup, instead of when they are first accessed -->

<!-- Edit the following, after setting up the user registry,

to define the user(s) and/or group(s) that can perform Liberty server administration

(e.g. access the Admin Center) -->

<administrator-role>

<user>ADMIN</user>

<group>JazzAdmins</group>

</administrator-role>

<writeDir>${server.config.dir}</writeDir>

</remoteFileAccess>

</server>

-------------------------------------------------------------------------

Maria MacCallum

unread,

Nov 13, 2018, 11:23:33 AM11/13/18

to Ansible Project

Dear Visar,

By no means am I an ansible expert but I thought of 2 ideas around the problem for you:

1) Have 2 files on the server you can copy between the 2 files to be the 'active' file using ansible, one with the commented out section, one with it active

- When you have changes to make to the xml file use ansible to copy the new ones to the server

2) If you are using unix, you can use shell to use sed to search and replace.

Hope this helps in the interim while you find a proper ansible solution to your problem

Regards, Maria

vivek vijayan

unread,

Nov 13, 2018, 12:31:30 PM11/13/18

to ansible...@googlegroups.com

Thanks Maria,

I will check for that. Do u have any scenario like where you could modify the xml file with see command and how we can automate this using ansible..

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/ae990a2d-84ca-42be-9793-88056d60687a%40googlegroups.com.

Maria MacCallum

unread,

Nov 14, 2018, 5:00:19 AM11/14/18

to Ansible Project

Hello,

Here's a cobbled together example from a script of mine, sed uses regular expressions but can be slightly different how it works depending on your 'nix 'flavour', this comments out a specific line:

sed -e "s/\<name\>pkg:\/\/puppetlabs\.com\/puppet-agent\<\/name\>/\<\!-- \<name\>pkg:\/system\/management\/puppet\<\/name\> --\>/" TEMPLATE-FILENAME > FINAL-FILENAME

If I break it down a bit:

sed -e "s

# 1st forward slash means the search field is next

/

# have to escape lots of chars with backslashes

\<name\>pkg:\/\/puppetlabs\.com\/puppet-agent\<\/name\>

# next forward slash is for the replace field

/

\<\!-- \<name\>pkg:\/system\/management\/puppet\<\/name\> --\>

# ends with a forward slash and quotes

/"

# Then the source filename comes next

TEMPLATE-FILENAME

# then however your shell can pipe to a new file

>

# Then your final filename

FINAL-FILENAME

Do lots of local testing 1st!!!

Regards, Maria

On Monday, 5 November 2018 06:21:17 UTC, visar wrote:

visar

unread,

Nov 15, 2018, 3:44:57 AM11/15/18

to Ansible Project

Thanks Maria,

I will make a try on this. Really appreciate your help here

Reply all

Reply to author

Forward