Custom facts that require sudo
249 views
Skip to first unread message
ProfHase
Sep 10, 2014, 12:08:48 PM9/10/14
to ansible...@googlegroups.com
I ' ve written some custom facts that require sudo to be executed (Those are scripts that parse some files in /etc/) .
My custom facts scripts are of course not executed when ansible is gathering facts. On the other hand I need the facts gathered as ansible user.
My workaround for this is now:
Is there a feature to cover this problem? Maybe some way to tell ansible to complete nonsudo facts by sudo facts?
Thanks
My custom facts scripts are of course not executed when ansible is gathering facts. On the other hand I need the facts gathered as ansible user.
My workaround for this is now:
- name: retrieve nonsudo facts
setup:
register: nsfacts
- name: retr. sudo facts
setup:
sudo: yes
Is there a feature to cover this problem? Maybe some way to tell ansible to complete nonsudo facts by sudo facts?
Thanks
Michael DeHaan
Sep 10, 2014, 12:22:23 PM9/10/14
to ansible...@googlegroups.com
"My custom facts scripts are of course not executed when ansible is gathering facts. "
I'm confused about this, do you mean "facts.d" facts?
If you are writing local facts they would in fact be gathered when you are gathering facts.
It seems you might be calling your own facts module and named it "setup", which you should not do, really, but I'm unclear if you did.
You can also set "sudo: True" at play level.
It may be that you want to write a "my_facts" module instead, unless you have a specific need for facts.d.
Let me know a bit more info and we'll get closer to the answer.
Thanks!
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/bdf5c95e-65ae-4bfc-ab6b-cada3d54c138%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
ProfHase
Sep 10, 2014, 12:54:30 PM9/10/14
to ansible...@googlegroups.com
Sorry for the confusion.
I got a custom fact script on the remote machine.
which looks like this:
'
I got a custom fact script on the remote machine.
/etc/ansible/facts.d/node_guid.factwhich looks like this:
#! /usr/bin/env python
import sys
import json
def get_prop(line):
return line.split("=")[1].strip()
try:
f = open('/etc/zypp/credentials.d/NCCcredentials')
except IOError:
print("{}")
sys.exit(0)
context = {}
keys = ['username']
for line in f:
for key in keys:
if line.startswith(key):
context[key] = get_prop(line)
print json.dumps(context)
sys.exit(0)
'
/etc/zypp/credentials.d/NCCcredentials' is set readable only for root. Therefore 'node_guid.fact' only returns facts as sudo. Which is the reason why I call the setup module with `sudo:yes`Michael DeHaan
Sep 11, 2014, 10:16:30 AM9/11/14
to ansible...@googlegroups.com
Yeah that seems fine.
You will want to turn off "gather_facts" and call it explicitly.
What you are doing with site facts is a little weird, most folks would probably do a fact module and rather than calling it twice, split different things into different modules.
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/d8c410ce-bbdf-49c6-bce5-ccaaf712405d%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages