Bug 2215453
| Summary: | Ansible variable override behaves differently with default Remote Execution User role | ||
|---|---|---|---|
| Product: | Red Hat Satellite | Reporter: | Nagoor Shaik <nshaik> |
| Component: | Users & Roles | Assignee: | satellite6-bugs <satellite6-bugs> |
| Status: | NEW --- | QA Contact: | Satellite QE Team <sat-qe-bz-list> |
| Severity: | medium | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 6.13.1 | CC: | aruzicka, mhulan, oezr, rlavi |
| Target Milestone: | Unspecified | Keywords: | Triaged |
| Target Release: | Unused | ||
| Hardware: | All | ||
| OS: | All | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | Bug | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Description of problem: Ansible variable override behaves differently with default Remote Execution User role when compared with the admin user Version-Release number of selected component (if applicable): Satellite 6.13 How reproducible: 100% Steps to Reproduce: 1. Create a dummy ansible role and import into Satellite # cd /etc/ansible/roles # ansible-galaxy init demo # vi demo/defaults/main.yml --- message: 'Default Value' # vi demo/tasks/main.yml --- - name: Copy file copy: dest: /root/file.txt content: "{{ message }}" 2. Over-ride the ansible variable for a hostname client.example.com to something else Configure > Variables > click on the "message" variable > click on "Override" checkbox > Add matcher > attribute type : FQDN = client.example.com and specify a over-ride value "Override Value" 3. Create a rexuser and associate it with the "Remote Execution User" 4. Now login with the "rexuser" and run the Ansible role, the message value should match with the over-ride, however the value is set to the default value. Actual results: Override behaves differently with default REX role and admin roles Expected results: Why these additional permissions are required when a matcher is set, if its required the default REX User role should be modified accordingly Additional info: When you add additional permission filter as below Ansible Role: "view_ansible_roles" Ansible Variable: "view_ansible_variable" Parameter: "view_params" After adding this the variables are correctly over-ride as per matchers.