[ansible-project] group module fails when trying to delete non local group

[Andrea Tartaglia]

Hi list,

Sorry for the probably confusing subject, but I don’t really know how to say 
that better, I’ll try to explain better:

In my environment I have a requirement to remove certain local groups ( that 
have now been moved to remote groups ) and found out the behaviour of the 
module is quite strange.

So what happens is:

I try to remove the “support” group, which as said was a local group, and is 
now a remote group managed by LDAP:
- group: name=support state=absent
What I get back from this is an error from groupdel:
groupdel: cannot remove entry 'support' from /etc/group

Which I believe to be wrong as if the group does not exist in /etc/group the 
module should just return OK.

Digging into the module code I found why this is happening ( I’m using ansible 
v1.9 ):

group calls group_exists: 
https://github.com/ansible/ansible-modules-core/blob/stable-1.9/system/group.py#L413
 
<https://github.com/ansible/ansible-modules-core/blob/stable-1.9/system/group.py#L413>

defined here: 
https://github.com/ansible/ansible-modules-core/blob/stable-1.9/system/group.py#L128
 
<https://github.com/ansible/ansible-modules-core/blob/stable-1.9/system/group.py#L128>

grp.getgrnam(’support') will return the remote group data, so group_exists 
returns True, hence the module runs groupdel which in turn fails as it doesn’t 
find the group in /etc/groups.


I have found out that grp.getgrall() only returns with local groups, so I 
worked around that problem this way:
http://fpaste.org/268435/97803144/ <http://fpaste.org/268435/97803144/>

I don’t know if that can be considered a good way of handling that error, and I 
really don’t know if it makes sense to have that added to the upstream module. 
It worked for me so I thought it would be good to share ;)


Thanks,

Andrea

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/502173F8-28DA-4AF5-9648-ABF134BDC0C3%40andreatartaglia.com.
For more options, visit https://groups.google.com/d/optout.

signature.asc
Description: Message signed with OpenPGP using GPGMail