Tricky shell syntax error
2,083 views
Skip to first unread message
Steven Haddox
Nov 29, 2013, 6:27:46 PM11/29/13
to ansible...@googlegroups.com
I'm trying to run a task that invokes bash as part of the task. The command works directly from the user's command line on the box but fails when run via Ansible:
Here's the task that's running:
- name: Install User RVM via RVM::FW
when: rvm_fw == True and rvm_version.rc != 0
shell: \bash < <( curl {{rvm_fw_url}}/releases/rvm-install-latest )
register: rvm_install
failed_when: rvm_install.rc != 0
And the resulting output:
TASK: [ruby | Install User RVM via RVM::FW] ***********************************
failed: [33.33.33.10] => {"changed": true, "cmd": "\\bash < <( curl http://rvm-fw.herokuapp.com/releases/rvm-install-latest ) ", "delta": "0:00:00.002708", "end": "2013-11-29 18:23:45.768494", "failed": true, "failed_when_result": true, "item": "", "rc": 2, "start": "2013-11-29 18:23:45.765786", "stdout_lines": []}
stderr: /bin/sh: -c: line 0: syntax error near unexpected token `<'
/bin/sh: -c: line 0: `\bash < <( curl http://rvm-fw.herokuapp.com/releases/rvm-install-latest ) '
Any ideas on how to tweak this line so that Ansible's shell module will pass it through properly?
Ansible version is 1.4.0 currently.
Thanks for everyone's help as always,
Steven
Steven Haddox
Nov 29, 2013, 6:29:39 PM11/29/13
to ansible...@googlegroups.com
Sorry, the shell action line should read:
shell: bash < <( curl {{rvm_fw_url}}/releases/rvm-install-latest )
I tried to escape it as a debug measure with no success.
Thanks!
Michel Blanc
Nov 29, 2013, 6:53:56 PM11/29/13
to ansible...@googlegroups.com
On 30/11/2013 00:29, Steven Haddox wrote:
> Sorry, the shell action line should read:
>
> shell: bash < <( curl {{rvm_fw_url}}/releases/rvm-install-latest )
>
> I tried to escape it as a debug measure with no success.
Hi Steven,
> Sorry, the shell action line should read:
>
> shell: bash < <( curl {{rvm_fw_url}}/releases/rvm-install-latest )
>
> I tried to escape it as a debug measure with no success.
Any chance this can be solved by changing 'bash < <( curl
{{rvm_fw_url}}/releases/rvm-install-latest )' to 'curl
{{rvm_fw_url}}/releases/rvm-install-latest | bash' ?
The shell module is a bit tricky sometimes :)
M
--
Michel Blanc
{ :github => "@leucos", :twitter => "@b9m", :gpg => "0X24B35C22" }
Steven Haddox
Nov 29, 2013, 9:03:40 PM11/29/13
to ansible...@googlegroups.com
Michel,
It's definitely not the way old school RVM instructions said it had to be done, but it seems to work on this particular instance just fine!
Thanks!
Lars Hansson
Nov 30, 2013, 2:35:56 AM11/30/13
to ansible...@googlegroups.com
Try:
shell: "bash < <( curl {{rvm_fw_url}}/releases/rvm-install-latest )"
Cheers,
Lars
Lars
Steven Haddox
Nov 30, 2013, 2:40:12 AM11/30/13
to ansible...@googlegroups.com
Lars,
Thanks. I actually tried wrapping it in quotes before posting with no change. Sorry I forgot to mention that.
--
You received this message because you are subscribed to a topic in the Google Groups "Ansible Project" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/ansible-project/K2pixPHXlpI/unsubscribe.
To unsubscribe from this group and all its topics, send an email to ansible-proje...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Michael DeHaan
Nov 30, 2013, 8:01:46 AM11/30/13
to ansible...@googlegroups.com
You should probably download a local copy of that install script, review it personally, and save it to a server or in a location you trust. Then deploy that script with the script module, which is native in Ansible.
Package systems like EPEL are at least generally signed, but it's ridiculously easy to see a webserver compromised, for instance, in taking advantage of a bug in wordpress.
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
Steven Haddox
Nov 30, 2013, 8:13:45 AM11/30/13
to ansible...@googlegroups.com
Michael,
Thanks! This is incredibly wise advice. The script itself is actually from the first year of RVM's installation process itself. The new installation script they have is considerably too complicated for me to follow and so I've stuck to maintaining the original one on my RVM::FW project.
I actually created and maintain the RVM::FW project (including this script). Rather than duplicating this script and copying it out myself, since others use this on internal production networks already, is there a tutorial or suggestion on how to learn about properly signing this script or securing it more soundly?
I appreciate your help as always. Ansible has already made learning it an extremely wise choice if only to help me improve some of my basic sysadmin habits.
Thanks!
Jerome Wagner
Dec 1, 2013, 1:12:01 PM12/1/13
to ansible...@googlegroups.com
for information on why
shell: bash < <( curl {{rvm_fw_url}}/releases/rvm-install-latest )
did not work when you tried with ansible.
the notation "<(commands)" is called "process substitution" and is a bash extension that does not exist in the bourne shell /bin/sh. It exists in other shells too.
by default, ansible systematically executes commands inside a /bin/sh shell so the <(command) breaks with the message you got.
if you really want to execute it after Michael's warning, it should work with :
shell: bash < <( curl {{rvm_fw_url}}/releases/rvm-install-latest ) executable=/usr/bin/bash
--
Jerome
Reply all
Reply to author
Forward
0 new messages