Thank you, Todd! This works:
*---- hosts: all gather_facts: false become: yes become_user: root
become_method: sudo tasks: - name: Get last yum update which includes
"disablerepo" shell: | HISTFILE=/root/.bash_history
history -n history | tac | grep -m 1 disablerepo register:
out - debug: msg={{ out.stdout }}*
On Thursday, March 21, 2024 at 2:28:54 PM UTC-4 Todd Lewis wrote:
> Your problem isn't anything to do with Ansible. It's a problem is an
> interaction between how history is implemented and privilege escalation
> via become.
>
> To make your task work, you'll need to change your shell script like this:
>
> - name: Get last yum update which includes "disablerepo"
> shell: |
> HISTFILE=/root/.bash_history
> history -n
> history | tac | grep -m 1 disablerepo
> register: out
>
> Normally, HISTFILE isn't set. The docs say it defaults to "~/.bash_history",
> and it sort of does – for a broad enough definition of who "~"
> references. Anyway, in my testing, it's necessary to explicitly set it as
> shown above.
>
> Simply pointing HISTFILE at the right file isn't enough. The shell
> normally reads in the HISTFILE early on, but we're well past that by line
> 2 of the shell script. The "history -n" command reads "*all history lines
> not already read from the history file and append[s] them to the history
> list*". The "history list" is not the same as the history file; it's an
> in-memory construct that the shell manipulates until you close the shell.
> It's then that the history list is written to the file. (Or when you invoke
> "history -a" or "history -w".)
>
> Now that you've got the history loaded, you can do your grep. The failure
> that was being reported before was the result of trying to construct the
> pipe between an uninitialized history list and your grep. A bare history
> command at that spot just does nothing, but as part of a pipeline it would
> fail.
>
> However, you stated you want the last yum update which includes "
> disablerepo". What you would have gotten - had it not been for the
> failure to build a pipeline with an uninitialized history - was the
> *first* command in the history which included "disablerepo". Inserting tac
> in the pipeline reverses the order so your grep will match on the last
> occurrence.
>
> Cheers,
> --
> Todd
>
>
> On 3/21/24 10:00 AM, Dimitri Yioulos wrote:
>
> Good day.
>
> I want tp parse root's history to return the last occurrence of yum update
> that includes the string "disablerepo". I would have thought that this
> would work:
>
>
>
>
>
>
>
>
>
>
>
> *--- - hosts: all gather_facts: false become: yes tasks: - name:
> Get last yum update which includes "disablerepo" shell: 'history |
> grep -m 1 disablerepo' register: out*
>
> but, I get this error:
>
>
>
>
>
>
>
>
>
>
>
>
>
> *fatal: [myhost1]: FAILED! => changed=true ansible_facts:
> discovered_interpreter_python: /usr/bin/python3 cmd: history | grep -m 1
> disablerepo delta: '0:00:00.013135' end: '2024-03-21 09:54:12.391498'
> msg: non-zero return code rc: 1 start: '2024-03-21 09:54:12.378363'
> stderr: '' stderr_lines: <omitted> stdout: '' stdout_lines: <omitted>*
>
> The command "history | grep -m 1 disablerepo" works fine at the command
> line. I've tried every manner of escaping characters and changing the
> command itself, but get errors regardless. How can I get the desired
> results?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-proje...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/1d4dfd6c-913a-4360-a204-5a1ad6644109n%40googlegroups.com
>
> <https://groups.google.com/d/msgid/ansible-project/1d4dfd6c-913a-4360-a204-5a1ad6644109n%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
>
>
> --
> Todd
>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/e8eae2e4-240a-4536-8918-bc8549bfee5en%40googlegroups.com.
