loitho
March 3, 2020, 7:15pm
1
Hi there,
I’m trying to patch my hosts from the Katello interface, I don’t install the katello agent on them so I’m trying to use Foreman REX.
Problem:
Is there a way to customize REX behavior to use “sudo su” ?
It’s working nicely when I use the Katello Ansible Command, because I modified the /etc/foreman-proxy/ansible.cfg to add :
[privilege_escalation]
But sadly patching machines via the interface can only be done with REX and the Job template Katello SSH … , not with Katello Ansible
Is there a way to modify rex to force it to use “sudo su -” ?
Expected outcome:
Foreman and Proxy versions:
Foreman and Proxy plugin versions:
Distribution and version:
Thanks,
Regards
loitho
March 3, 2020, 7:49pm
2
So apparently I can change from Katello SSH update to Katello Ansible Update, which is nice, by using the “administration => remote_execution_features” and modifying the templates accordingly, sadly the yum update is hanging
loitho
March 4, 2020, 2:37pm
3
Soooo, Turns out the Katello Ansible Default templates for updating packages have a bug where the template is missing the yes flag for yum.
I filled an issue here :
In the mean time if like me you need it working, the fix is quite simple :
%= render_template(‘Run Command - Ansible Default’, :command => “yum update #{input(‘package’)}”) %>
To
<%= render_template(‘Run Command - Ansible Default’, :command => “yum update -y #{input(‘package’)}”) %>
Thanks for the analysis, could you please also open a PR against https://github.com/Katello/katello/tree/master/app/views/foreman/job_templates
I’m happy you figured the template assignment, that’s exactly the purpose
loitho
March 4, 2020, 5:54pm
5
Hi there, sure I’ll do that, on the IRC they told me to also open one here : https://github.com/theforeman/community-templates
I don’t think these templates live in the community-templates repo yet, however if you see missing -y there too in any of them, it should be fixed there as well. Thanks again for your help!
