iisue when evaluating a complex var in become
39 views
Skip to first unread message
Mike C
Dec 13, 2017, 6:55:33 AM12/13/17
to Ansible Project
Hi all,
im trying to use a 'complex' expression to evaluate if a task should run as root or not.
Here is what i have defined:
```
debian_based_system: ansible_os_family == 'Debian' or ansible_os_family == 'Linuxmint'
```
My tasks look like this
```
- debug: var=ansible_os_family
- debug: var={{ debian_based_system }}
- debug: var=debian_based_system
- shell: echo $EUID
args:
executable: /bin/bash
become: "{{ debian_based_system }}"
- shell: echo $EUID
args:
executable: /bin/bash
become: true
- shell: echo $EUID
args:
executable: /bin/bash
become: debian_based_system
```
and when i run them, i get
```
TASK [test : debug] *********************************************************************************************************************************************************************************************************************************************************
ok: [localhost] => {
"ansible_os_family": "Linuxmint"
}
TASK [test : debug] *********************************************************************************************************************************************************************************************************************************************************
ok: [localhost] => {
"ansible_os_family == 'Debian' or ansible_os_family == 'Linuxmint'": true
}
TASK [test : debug] *********************************************************************************************************************************************************************************************************************************************************
ok: [localhost] => {
"debian_based_system": "ansible_os_family == 'Debian' or ansible_os_family == 'Linuxmint'"
}
TASK [test : command] *******************************************************************************************************************************************************************************************************************************************************
changed: [localhost] => {"changed": true, "cmd": "echo $EUID", "delta": "0:00:00.003180", "end": "2017-12-13 11:48:16.830302", "rc": 0, "start": "2017-12-13 11:48:16.827122", "stderr": "", "stderr_lines": [], "stdout": "1000", "stdout_lines": ["1000"]}
TASK [test : command] *******************************************************************************************************************************************************************************************************************************************************
changed: [localhost] => {"changed": true, "cmd": "echo $EUID", "delta": "0:00:00.002833", "end": "2017-12-13 11:48:16.988274", "rc": 0, "start": "2017-12-13 11:48:16.985441", "stderr": "", "stderr_lines": [], "stdout": "0", "stdout_lines": ["0"]}
TASK [test : command] *******************************************************************************************************************************************************************************************************************************************************
changed: [localhost] => {"changed": true, "cmd": "echo $EUID", "delta": "0:00:00.002869", "end": "2017-12-13 11:48:17.143074", "rc": 0, "start": "2017-12-13 11:48:17.140205", "stderr": "", "stderr_lines": [], "stdout": "1000", "stdout_lines": ["1000"]}
```
which means that only `become: true` gave my task sudo access (and not any of the other two).
If i change the definition to `debian_based_system: '{{ ansible_os_family == "Debian" or ansible_os_family == "Linuxmint" }}'`, then i get correct results for the first two shell tasks but i also get a warning about using {{ }} in when statements.
```
TASK [test : debug] *********************************************************************************************************************************************************************************************************************************************************
[WARNING]: when statements should not include jinja2 templating delimiters such as {{ }} or {% %}. Found: {{ ansible_os_family == "Debian" or ansible_os_family == "Linuxmint" }}
ok: [localhost] => {
"ansible_os_family": "Linuxmint"
}
TASK [test : debug] *********************************************************************************************************************************************************************************************************************************************************
[WARNING]: when statements should not include jinja2 templating delimiters such as {{ }} or {% %}. Found: {{ ansible_os_family == "Debian" or ansible_os_family == "Linuxmint" }}
ok: [localhost] => {
"true": "VARIABLE IS NOT DEFINED!"
}
TASK [test : debug] *********************************************************************************************************************************************************************************************************************************************************
[WARNING]: when statements should not include jinja2 templating delimiters such as {{ }} or {% %}. Found: {{ ansible_os_family == "Debian" or ansible_os_family == "Linuxmint" }}
ok: [localhost] => {
"debian_based_system": true
}
TASK [test : command] *******************************************************************************************************************************************************************************************************************************************************
[WARNING]: when statements should not include jinja2 templating delimiters such as {{ }} or {% %}. Found: {{ ansible_os_family == "Debian" or ansible_os_family == "Linuxmint" }}
changed: [localhost] => {"changed": true, "cmd": "echo $EUID", "delta": "0:00:00.002737", "end": "2017-12-13 11:51:29.057079", "rc": 0, "start": "2017-12-13 11:51:29.054342", "stderr": "", "stderr_lines": [], "stdout": "0", "stdout_lines": ["0"]}
TASK [test : command] *******************************************************************************************************************************************************************************************************************************************************
[WARNING]: when statements should not include jinja2 templating delimiters such as {{ }} or {% %}. Found: {{ ansible_os_family == "Debian" or ansible_os_family == "Linuxmint" }}
changed: [localhost] => {"changed": true, "cmd": "echo $EUID", "delta": "0:00:00.003077", "end": "2017-12-13 11:51:29.227123", "rc": 0, "start": "2017-12-13 11:51:29.224046", "stderr": "", "stderr_lines": [], "stdout": "0", "stdout_lines": ["0"]}
TASK [test : command] *******************************************************************************************************************************************************************************************************************************************************
[WARNING]: when statements should not include jinja2 templating delimiters such as {{ }} or {% %}. Found: {{ ansible_os_family == "Debian" or ansible_os_family == "Linuxmint" }}
changed: [localhost] => {"changed": true, "cmd": "echo $EUID", "delta": "0:00:00.003351", "end": "2017-12-13 11:51:29.386325", "rc": 0, "start": "2017-12-13 11:51:29.382974", "stderr": "", "stderr_lines": [], "stdout": "1000", "stdout_lines": ["1000"]}
```
What is the correct way to define this so that it works and i dont get the warning ?
Cheers,
Mike
```
$ ansible --version
ansible 2.3.1.0
config file =
configured module search path = Default w/o overrides
python version = 2.7.12 (default, Nov 20 2017, 18:23:56) [GCC 5.4.0 20160609]
```
Mike C
Dec 18, 2017, 7:12:53 AM12/18/17
to Ansible Project
bump
Kai Stian Olstad
Dec 19, 2017, 1:05:50 AM12/19/17
to ansible...@googlegroups.com
On 13.12.2017 12:55, Mike C wrote:
> Hi all,
>
> im trying to use a 'complex' expression to evaluate if a task should
> run as
> root or not.
>
> Here is what i have defined:
>
> ```
> debian_based_system: ansible_os_family == 'Debian' or ansible_os_family
> ==
> 'Linuxmint'
> ```
You don't say where you define this, but debian_based_system is
> Hi all,
>
> im trying to use a 'complex' expression to evaluate if a task should
> run as
> root or not.
>
> Here is what i have defined:
>
> ```
> debian_based_system: ansible_os_family == 'Debian' or ansible_os_family
> ==
> 'Linuxmint'
> ```
literally equal to the string
ansible_os_family == 'Debian' or ansible_os_family == 'Linuxmint'
I thing you are trying to make debian_based_system true or false, to do
this you need to enclose them in expression syntax {{ }}
ansible_os_family == "{{ 'Debian' or ansible_os_family == 'Linuxmint'
}}"
Kai Stian Olstad
Mike C
Dec 20, 2017, 6:21:22 AM12/20/17
to Ansible Project
Thanks for the reply.
> You don't say where you define this
I define this in `defaults/main.yml`. I didnt mention it as im not sure how that could make a difference.
> I thing you are trying to make debian_based_system true or false, to do
> this you need to enclose them in expression syntax {{ }}
> ansible_os_family == "{{ 'Debian' or ansible_os_family == 'Linuxmint'
}}"
> this you need to enclose them in expression syntax {{ }}
> ansible_os_family == "{{ 'Debian' or ansible_os_family == 'Linuxmint'
}}"
im failing to see how what you are suggesting is different to what i've mentioned already with:
> If i change the definition to `debian_based_system: '{{ ansible_os_family == "Debian" or ansible_os_family == "Linuxmint" }}'`,
This gives me a warning 'when statements should not include jinja2 templating delimiters'
Cheers,
Mike
Mike C
Dec 20, 2017, 7:30:40 AM12/20/17
to Ansible Project
I think this is fixed with https://github.com/ansible/ansible/pull/25092, so ill ignore the warnings for now and then fix them when i update ansible version.
Reply all
Reply to author
Forward
0 new messages