Ansible shell command adding backslash
742 views
Skip to first unread message
Mark T.
Apr 1, 2020, 1:14:36 PM4/1/20
to Ansible Project
Hello,
- name: Determining Source Account DB Password
shell: cat wp-config.php | grep DB_PASSWORD | awk -F"['']" '{print $4}'
register: wp_dbpw_source
shell: cat wp-config.php | grep DB_PASSWORD | awk -F"['']" '{print $4}'
register: wp_dbpw_source
If the password contains a backslash, the output doubles the number of backslashes.
abc\*# becomes abc\\*#
I'm aware extra escape characters are only for display purposes, and not actually sent to the command.
But the distorted password output prevents the script from accessing the database. When I remove the backslash from the password, the script works again.
Is there a way to output a shell command using grep, cat or awk that doesn't cause this distortion?
Thanks,
Mark T.
Dick Visser
Apr 1, 2020, 1:54:03 PM4/1/20
to ansible...@googlegroups.com
As much as I like them I would recommend against grep/cat/awk in this
case as it makes things very fragile.
Instead try to use something that PHP and ansible can both use - such as JSON.
For example my WordPress has:
define('DB_PASSWORD',
'(U>Trob!t]J=-APTjNr[b9()yL#-95r8[3s4MpM~S0dI=`Pb7td9$):M{kENu|i323');
This playbook then gets that password:
tasks:
- name: JSON encode constants
command: php -r 'require_once("wp-config.php");
echo json_encode(get_defined_constants(true)["user"]);'
register: php_out
- set_fact:
php_constants: "{{ php_out.stdout | from_json }}"
- debug: var=php_constants.DB_PASSWORD
TASK [debug] ***************************************************************************************************************************************
ok: [wp] =>
php_constants.DB_PASSWORD:
(U>Trob!t]J=-APTjNr[b9()yL#-95r8[3s4MpM~S0dI=`Pb7td9$):M{kENu|i323
DIck
> --
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/acbd9abb-8f6d-4847-8d46-7d87fa1d15b6%40googlegroups.com.
--
Dick Visser
Trust & Identity Service Operations Manager
GÉANT
case as it makes things very fragile.
Instead try to use something that PHP and ansible can both use - such as JSON.
For example my WordPress has:
define('DB_PASSWORD',
'(U>Trob!t]J=-APTjNr[b9()yL#-95r8[3s4MpM~S0dI=`Pb7td9$):M{kENu|i323');
This playbook then gets that password:
tasks:
- name: JSON encode constants
command: php -r 'require_once("wp-config.php");
echo json_encode(get_defined_constants(true)["user"]);'
register: php_out
- set_fact:
php_constants: "{{ php_out.stdout | from_json }}"
- debug: var=php_constants.DB_PASSWORD
TASK [debug] ***************************************************************************************************************************************
ok: [wp] =>
php_constants.DB_PASSWORD:
(U>Trob!t]J=-APTjNr[b9()yL#-95r8[3s4MpM~S0dI=`Pb7td9$):M{kENu|i323
DIck
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/acbd9abb-8f6d-4847-8d46-7d87fa1d15b6%40googlegroups.com.
--
Dick Visser
Trust & Identity Service Operations Manager
GÉANT
Dick Visser
Apr 1, 2020, 2:17:22 PM4/1/20
to ansible...@googlegroups.com
Obviously this method gets you all the other constants as welll
Sent from a mobile device - please excuse the brevity, spelling and punctuation.
Mark T.
May 14, 2020, 3:38:36 PM5/14/20
to Ansible Project
Hello,
Thanks for the feedback. Your code works with all special characters that I've used, but I run into a problem when there are two backslashes (\\) side-by-side in a password.
Is there any way to fix this?
Regards,
Mark
Dick Visser
May 14, 2020, 5:26:49 PM5/14/20
to ansible...@googlegroups.com
Do you mean the actual password has two, or the escaped string had two (meaning the password has one)?
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/77081a97-1bcd-45b9-a506-a36e9417d689%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages