Thank you, Todd! This works:
*---- hosts: all gather_facts: false become: yes become_user: root
become_method: sudo tasks: - name: Get last yum update which includes
"disablerepo" shell: | HISTFILE=/root/.bash_history
history -n history | tac | grep -m 1 disablerepo register:
out - debug: msg={{ out.stdout }}*
On Thursday, March 21, 2024 at 2:28:54 PM UTC-4 Todd Lewis wrote:
> Your problem isn't anything to do with Ansible. It's a problem is an
> interaction between how history is implemented and privilege escalation
> via become.
>
> To make your task work, you'll need to change your shell script like this:
>
> - name: Get last yum update which includes "disablerepo"
> shell: |
> HISTFILE=/root/.bash_history
> history -n
> history | tac | grep -m 1 disablerepo
> register: out
>
> Normally, HISTFILE isn't set. The docs say it defaults to "~/.bash_history",
> and it sort of does – for a broad enough definition of who "~"
> references. Anyway, in my testing, it's necessary to explicitly set it as
> shown above.
>
> Simply pointing HISTFILE at the right file isn't enough. The shell
> normally reads in the HISTFILE early on, but we're well past that by line
> 2 of the shell script. The "history -n" command reads "*all history lines
> not already read from the history file and append[s] them to the history
> list*". The "history list" is not the same as the history file; it's an
> in-memory construct that the shell manipulates until you close the shell.
> It's then that the history list is written to the file. (Or when you invoke
> "history -a" or "history -w".)
>
> Now that you've got the history loaded, you can do your grep. The failure
> that was being reported before was the result of trying to construct the
> pipe between an uninitialized history list and your grep. A bare history
> command at that spot just does nothing, but as part of a pipeline it would
> fail.
>
> However, you stated you want the last yum update which includes "
> disablerepo". What you would have gotten - had it not been for the
> failure to build a pipeline with an uninitialized history - was the
> *first* command in the history which included "disablerepo". Inserting tac
> in the pipeline reverses the order so your grep will match on the last
> occurrence.
>
> Cheers,
> --
> Todd
>
>
> On 3/21/24 10:00 AM, Dimitri Yioulos wrote:
>
> Good day.
>
> I want tp parse root's history to return the last occurrence of yum update
> that includes the string "disablerepo". I would have thought that this
> would work:
>
>
>
>
>
>
>
>
>
>
>
> *--- - hosts: all gather_facts: false become: yes tasks: - name:
> Get last yum update which includes "disablerepo" shell: 'history |
> grep -m 1 disablerepo' register: out*
>
> but, I get this error:
>
>
>
>
>
>
>
>
>
>
>
>
>
> *fatal: [myhost1]: FAILED! => changed=true ansible_facts:
> discovered_interpreter_python: /usr/bin/python3 cmd: history | grep -m 1
> disablerepo delta: '0:00:00.013135' end: '2024-03-21 09:54:12.391498'
> msg: non-zero return code rc: 1 start: '2024-03-21 09:54:12.378363'
> stderr: '' stderr_lines: <omitted> stdout: '' stdout_lines: <omitted>*
>
> The command "history | grep -m 1 disablerepo" works fine at the command
> line. I've tried every manner of escaping characters and changing the
> command itself, but get errors regardless. How can I get the desired
> results?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/1d4dfd6c-913a-4360-a204-5a1ad6644109n%40googlegroups.com
>
> <https://groups.google.com/d/msgid/ansible-project/1d4dfd6c-913a-4360-a204-5a1ad6644109n%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
>
>
> --
> Todd
>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/e8eae2e4-240a-4536-8918-bc8549bfee5en%40googlegroups.com.
