Ah, I didn't fully grasp what that meant. Now I do. All clear. Thanks, Lee.
Any insight on the "on hosts" thing? I suspect that's user error, too, but I wonder why I can't seem to use that particular flavor of "on". On Tuesday, March 18, 2014 3:18:51 AM UTC-4, Lee Hambley wrote: > > returned = capture("ls /etc/sudoers.d/deploy_permissions 2>&1") > > is a String, and thus doesn't have transformations (wrapping it in the > sudo su ..) applied: > > returned = capture(:ls, "/etc/sudoers.d/deploy_permissions 2>&1") > > > Lee Hambley > -- > http://lee.hambley.name/ > +49 (0) 170 298 5667 > > > On 18 March 2014 03:42, Roy Miller <r...@theotherroad.com <javascript:>>wrote: > >> Using Cap 3.1.0. I have this in a task I run after a deploy is done: >> >> task :'check-dependencies' do >> on roles(:all) do |host| >> [...] >> as :root do >> puts capture(:whoami) >> returned = capture("ls /etc/sudoers.d/deploy_permissions 2>&1") >> end >> end >> end >> >> That task runs, and the puts statement prints "root" on the console, as >> one would expect, so it looks like the "as" magic and the capture statement >> are working fine (same result with 'root' as a string or :root as a >> symbol). The problem is, the second capture statement fails like so: >> >> DEBUG [e8cc068a] Running */usr/bin/env if ! sudo su root -c whoami > >> /dev/null; then echo "You cannot switch to user 'root' using sudo, please >> check the sudoers file" 1>&2; false; fi* on [server].com >> [00:04:13.766] DEBUG [e8cc068a] Command: if ! sudo su root -c whoami > >> /dev/null; then echo "You cannot switch to user 'root' using sudo, please >> check the sudoers file" 1>&2; false; fi >> [00:04:13.832] DEBUG [e8cc068a] Finished in 0.065 seconds with exit status 0 >> (*successful*). >> [00:04:13.832] DEBUG [068c401a] Running */usr/bin/env whoami* on [server].com >> [00:04:13.833] DEBUG [068c401a] Command: sudo su root -c "/usr/bin/env >> whoami" >> [00:04:13.889] DEBUG [068c401a] root >> [00:04:13.892] DEBUG [068c401a] Finished in 0.059 seconds with exit status 0 >> (*successful*). >> [00:04:13.893] root >> [00:04:13.893] DEBUG [76bb93f0] Running */usr/bin/env ls >> /etc/sudoers.d/deploy_permissions 2>&1* on [server].com >> [00:04:13.894] DEBUG [76bb93f0] Command: ls >> /etc/sudoers.d/deploy_permissions 2>&1 >> [00:04:13.905] DEBUG [76bb93f0] ls: >> [00:04:13.905] DEBUG [76bb93f0] cannot access >> /etc/sudoers.d/deploy_permissions >> [00:04:13.906] DEBUG [76bb93f0] : Permission denied >> >> >> >> When I SSH into the box, get root, and run the statement, I can see the >> file (which is indeed owned by root). Am I doing something wrong? I thought >> any statement inside the "as [blah]" section would execute as the given >> user. The result of the first capture statement tends to confirm that it's >> working as expected, but the second capture statement failing is mysterious >> to me. >> >> Incidentally, the "run as a different user" example on the sshkit example >> page shows this: >> >> on hosts do |host| >> >> as 'www-data' do >> >> puts capture(:whoami) >> end >> end >> >> >> But when I try to use the "on hosts do |host|" bit, I get an error like >> this: >> >> [00:04:12.138] ** Invoke diagnostics:check-dependencies >> (first_time)[00:04:12.138] ** Execute >> diagnostics:check-dependencies[00:04:12.138] cap aborted![00:04:12.139] >> undefined local variable or method `hosts' for main:Object >> >> >> So I reverted to use "on roles(:all)". I wonder if I'm not understanding >> something fundamental. Am I? >> >> Roy >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Capistrano" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to capistrano+...@googlegroups.com <javascript:>. >> To view this discussion on the web, visit >> https://groups.google.com/d/msgid/capistrano/050e418a-1073-4dd7-b138-0199c3108705%40googlegroups.com<https://groups.google.com/d/msgid/capistrano/050e418a-1073-4dd7-b138-0199c3108705%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > > -- You received this message because you are subscribed to the Google Groups "Capistrano" group. To unsubscribe from this group and stop receiving emails from it, send an email to capistrano+unsubscr...@googlegroups.com. To view this discussion on the web, visit https://groups.google.com/d/msgid/capistrano/80bda066-764e-4474-82b6-7eff64fb6763%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.