Ah, I didn't fully grasp what that meant. Now I do. All clear. Thanks, Lee.
Any insight on the "on hosts" thing? I suspect that's user error, too, but
I wonder why I can't seem to use that particular flavor of "on".
On Tuesday, March 18, 2014 3:18:51 AM UTC-4, Lee Hambley wrote:
>
> returned = capture("ls /etc/sudoers.d/deploy_permissions 2>&1")
>
> is a String, and thus doesn't have transformations (wrapping it in the
> sudo su ..) applied:
>
> returned = capture(:ls, "/etc/sudoers.d/deploy_permissions 2>&1")
>
>
> Lee Hambley
> --
> http://lee.hambley.name/
> +49 (0) 170 298 5667
>
>
> On 18 March 2014 03:42, Roy Miller <r...@theotherroad.com <javascript:>>wrote:
>
>> Using Cap 3.1.0. I have this in a task I run after a deploy is done:
>>
>> task :'check-dependencies' do
>> on roles(:all) do |host|
>> [...]
>> as :root do
>> puts capture(:whoami)
>> returned = capture("ls /etc/sudoers.d/deploy_permissions 2>&1")
>> end
>> end
>> end
>>
>> That task runs, and the puts statement prints "root" on the console, as
>> one would expect, so it looks like the "as" magic and the capture statement
>> are working fine (same result with 'root' as a string or :root as a
>> symbol). The problem is, the second capture statement fails like so:
>>
>> DEBUG [e8cc068a] Running */usr/bin/env if ! sudo su root -c whoami >
>> /dev/null; then echo "You cannot switch to user 'root' using sudo, please
>> check the sudoers file" 1>&2; false; fi* on [server].com
>> [00:04:13.766] DEBUG [e8cc068a] Command: if ! sudo su root -c whoami >
>> /dev/null; then echo "You cannot switch to user 'root' using sudo, please
>> check the sudoers file" 1>&2; false; fi
>> [00:04:13.832] DEBUG [e8cc068a] Finished in 0.065 seconds with exit status 0
>> (*successful*).
>> [00:04:13.832] DEBUG [068c401a] Running */usr/bin/env whoami* on [server].com
>> [00:04:13.833] DEBUG [068c401a] Command: sudo su root -c "/usr/bin/env
>> whoami"
>> [00:04:13.889] DEBUG [068c401a] root
>> [00:04:13.892] DEBUG [068c401a] Finished in 0.059 seconds with exit status 0
>> (*successful*).
>> [00:04:13.893] root
>> [00:04:13.893] DEBUG [76bb93f0] Running */usr/bin/env ls
>> /etc/sudoers.d/deploy_permissions 2>&1* on [server].com
>> [00:04:13.894] DEBUG [76bb93f0] Command: ls
>> /etc/sudoers.d/deploy_permissions 2>&1
>> [00:04:13.905] DEBUG [76bb93f0] ls:
>> [00:04:13.905] DEBUG [76bb93f0] cannot access
>> /etc/sudoers.d/deploy_permissions
>> [00:04:13.906] DEBUG [76bb93f0] : Permission denied
>>
>>
>>
>> When I SSH into the box, get root, and run the statement, I can see the
>> file (which is indeed owned by root). Am I doing something wrong? I thought
>> any statement inside the "as [blah]" section would execute as the given
>> user. The result of the first capture statement tends to confirm that it's
>> working as expected, but the second capture statement failing is mysterious
>> to me.
>>
>> Incidentally, the "run as a different user" example on the sshkit example
>> page shows this:
>>
>> on hosts do |host|
>>
>> as 'www-data' do
>>
>> puts capture(:whoami)
>> end
>> end
>>
>>
>> But when I try to use the "on hosts do |host|" bit, I get an error like
>> this:
>>
>> [00:04:12.138] ** Invoke diagnostics:check-dependencies
>> (first_time)[00:04:12.138] ** Execute
>> diagnostics:check-dependencies[00:04:12.138] cap aborted![00:04:12.139]
>> undefined local variable or method `hosts' for main:Object
>>
>>
>> So I reverted to use "on roles(:all)". I wonder if I'm not understanding
>> something fundamental. Am I?
>>
>> Roy
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Capistrano" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to capistrano+...@googlegroups.com <javascript:>.
>> To view this discussion on the web, visit
>> https://groups.google.com/d/msgid/capistrano/050e418a-1073-4dd7-b138-0199c3108705%40googlegroups.com<https://groups.google.com/d/msgid/capistrano/050e418a-1073-4dd7-b138-0199c3108705%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>
--
You received this message because you are subscribed to the Google Groups
"Capistrano" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to capistrano+unsubscr...@googlegroups.com.
To view this discussion on the web, visit
https://groups.google.com/d/msgid/capistrano/80bda066-764e-4474-82b6-7eff64fb6763%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
