Ansible Module command: Difference between revisions
Jump to navigation
Jump to search
| (45 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
=External= | =External= | ||
* | * https://docs.ansible.com/ansible/latest/collections/ansible/builtin/command_module.html | ||
=Internal= | =Internal= | ||
* [[Ansible_Concepts#command|Ansible Concepts]] | |||
* [[Ansible_Concepts# | |||
* [[Ansible Privilege Escalation]] | * [[Ansible Privilege Escalation]] | ||
=Overview= | =Overview= | ||
The command module takes the command name followed by a list of space-delimited arguments. | The command module takes the command name followed by a list of space-delimited arguments. A command will NOT be interpreted by a shell, so variables like $HOME and operations like "<", ">", "|", ";" and "&" will not work. Use the [[Ansible Module shell|shelll]] module for that. | ||
For a discussion on the interaction between <code>command</code>, <code>cmd</code>, <code>argv</code>, etc. see [[#command.2C_argv_and_cmd|<tt>command</tt>, <tt>argv</tt> and <tt>cmd</tt>]] below. | |||
<syntaxhighlight lang='yaml'> | <syntaxhighlight lang='yaml'> | ||
- name: A command example | - name: A command example | ||
command: some-command arg1 arg2 | command: some-command arg1 arg2 # the command can be specified here, or with 'cmd', or with 'argv' | ||
argv: ... # Passes the command as a list rather than a string | |||
cmd: ... # The command to run | |||
chdir: ... # Change into this directory before running the command | |||
stdin: ... | |||
stdin_add_newline: ... | |||
warn: ... | |||
creates: ... | |||
become: true | become: true | ||
become_user: root | become_user: root | ||
args: | args: | ||
chdir: /somedir/ | chdir: /somedir/ # alternative way of specifying "command" configuration | ||
register: variable_that_contains_results_of_execution | |||
</syntaxhighlight> | |||
<span id='Registering_Variables_as_Results_of_Command_Execution'></span>A [[Ansible_Concepts#Registered_Variables|variable]] that contains the result of the command execution can be set as usual for a task using the task's <code>[[Ansible_Concepts#register|register]]</code> configuration element. After an execution, the variable references a map similar to: | |||
<syntaxhighlight lang="yaml"> | |||
cmd: | |||
- "sh" | |||
- "-l" | |||
- "/tmp" | |||
failed: false | |||
stdout: "lrwxr-xr-x@ 1 root admin 11 Sep 21 2020 /tmp -> private/tmp" | |||
stdout_lines: | |||
- "lrwxr-xr-x@ 1 root admin 11 Sep 21 2020 /tmp -> private/tmp" | |||
stderr: "" | |||
stderr_lines: [] | |||
start: "2021-07-03 23:39:57.499748" | |||
end: "2021-07-03 23:39:57.506848" | |||
changed: false | |||
delta: "0:00:00.007100" | |||
rc: 0 | |||
</syntaxhighlight> | |||
The content of execution stdout and stderr can be accessed with <code>variable_name.stdout</code>, <code>variable_name.stderr</code>, the failure situation with <code>variable_name.failed</code>, etc. | |||
=Playground= | |||
{{External|https://github.com/ovidiuf/playground/blob/master/ansible/modules/command/playbook.yaml}} | |||
=Examples= | |||
<syntaxhighlight lang='yaml'> | |||
- name: Read requested Java version | |||
command: "sh -c \"grep ^JAVA_VERSION {{ansible_env.HOME}}/config.txt | sed -e 's/.*=//'\"" | |||
register: java_version | |||
changed_when: false | |||
</syntaxhighlight> | |||
<span id='task_execution_result'></span>The task execution result can be referred to via a [[Ansible_Concepts#Registered_Variables|variable]] declared with the <code>register:</code> keyword: | |||
<syntaxhighlight lang='yaml'> | |||
- name: Get Homebrew installation directory | |||
command: "sh -c \"brew --prefix\"" | |||
register: brew_prefix_cmd | |||
changed_when: false | |||
</syntaxhighlight> | |||
<span id='Setting_Command_Output_as_a_Fact'></span>The output of the command execution can then be set as a [[Ansible_Concepts#Fact|fact]] with <code>[[Ansible_Module_set_fact#Overview|set_fact]]</code>: | |||
<syntaxhighlight lang='yaml'> | |||
- name: Set a fact | |||
set_fact: | |||
pkg_manager_install_dir: "{{ brew_prefix_cmd.stdout }}" | |||
</syntaxhighlight> | |||
=<tt>command</tt>, <tt>argv</tt> and <tt>cmd</tt>= | |||
The command followed by the space-separated list of arguments can be specified immediately after the <code>command:</code> keyword: | |||
<syntaxhighlight lang='yaml'> | |||
- name: some name | |||
command: ls -l /tmp | |||
</syntaxhighlight> | |||
Alternatively, the command provided as a list with <code>argv</code>. Note that either <code>command</code> or <code>argv</code> can be used, but not both at the same time: | |||
<syntaxhighlight lang='yaml'> | |||
- name: some name | |||
command: | |||
argv: | |||
- ls | |||
- -l | |||
- /tmp | |||
</syntaxhighlight> | |||
The full command can be specified as a string with <code>cmd</code>. Note that either <code>command</code> or <code>cmd</code> can be used, but not both at the same time: | |||
<syntaxhighlight lang='yaml'> | |||
- name: some name | |||
command: | |||
cmd: ls -l /tmp | |||
</syntaxhighlight> | </syntaxhighlight> | ||
=Privilege Escalation= | |||
See: {{Internal|Ansible Privilege Escalation|Ansible Privilege Escalation}} | |||
Latest revision as of 05:26, 5 July 2021
External
Internal
Overview
The command module takes the command name followed by a list of space-delimited arguments. A command will NOT be interpreted by a shell, so variables like $HOME and operations like "<", ">", "|", ";" and "&" will not work. Use the shelll module for that.
For a discussion on the interaction between command, cmd, argv, etc. see command, argv and cmd below.
- name: A command example
command: some-command arg1 arg2 # the command can be specified here, or with 'cmd', or with 'argv'
argv: ... # Passes the command as a list rather than a string
cmd: ... # The command to run
chdir: ... # Change into this directory before running the command
stdin: ...
stdin_add_newline: ...
warn: ...
creates: ...
become: true
become_user: root
args:
chdir: /somedir/ # alternative way of specifying "command" configuration
register: variable_that_contains_results_of_execution
A variable that contains the result of the command execution can be set as usual for a task using the task's register configuration element. After an execution, the variable references a map similar to:
cmd:
- "sh"
- "-l"
- "/tmp"
failed: false
stdout: "lrwxr-xr-x@ 1 root admin 11 Sep 21 2020 /tmp -> private/tmp"
stdout_lines:
- "lrwxr-xr-x@ 1 root admin 11 Sep 21 2020 /tmp -> private/tmp"
stderr: ""
stderr_lines: []
start: "2021-07-03 23:39:57.499748"
end: "2021-07-03 23:39:57.506848"
changed: false
delta: "0:00:00.007100"
rc: 0
The content of execution stdout and stderr can be accessed with variable_name.stdout, variable_name.stderr, the failure situation with variable_name.failed, etc.
Playground
Examples
- name: Read requested Java version
command: "sh -c \"grep ^JAVA_VERSION {{ansible_env.HOME}}/config.txt | sed -e 's/.*=//'\""
register: java_version
changed_when: false
The task execution result can be referred to via a variable declared with the register: keyword:
- name: Get Homebrew installation directory
command: "sh -c \"brew --prefix\""
register: brew_prefix_cmd
changed_when: false
The output of the command execution can then be set as a fact with set_fact:
- name: Set a fact
set_fact:
pkg_manager_install_dir: "{{ brew_prefix_cmd.stdout }}"
command, argv and cmd
The command followed by the space-separated list of arguments can be specified immediately after the command: keyword:
- name: some name
command: ls -l /tmp
Alternatively, the command provided as a list with argv. Note that either command or argv can be used, but not both at the same time:
- name: some name
command:
argv:
- ls
- -l
- /tmp
The full command can be specified as a string with cmd. Note that either command or cmd can be used, but not both at the same time:
- name: some name
command:
cmd: ls -l /tmp
Privilege Escalation
See: