-
Bug
-
Resolution: Unresolved
-
Normal
-
None
-
6.13.1
-
0
-
False
-
-
False
-
CLOSED
-
900
-
Endeavour
-
-
-
Sat_docs_3_2024, Sat_docs_4_2024, Sat_docs_5_2024
-
Moderate
Description of problem:
Ansible variable override behaves differently with default Remote Execution User role when compared with the admin user
Version-Release number of selected component (if applicable):
Satellite 6.13
How reproducible:
100%
Steps to Reproduce:
1. Create a dummy ansible role and import into Satellite
- cd /etc/ansible/roles
- ansible-galaxy init demo
- vi demo/defaults/main.yml
—
message: 'Default Value'
- vi demo/tasks/main.yml
—
- name: Copy file
copy:
dest: /root/file.txt
content: "{{ message }}"
2. Over-ride the ansible variable for a hostname client.example.com to something else
Configure > Variables > click on the "message" variable > click on "Override" checkbox > Add matcher > attribute type : FQDN = client.example.com and specify a over-ride value "Override Value"
3. Create a rexuser and associate it with the "Remote Execution User"
4. Now login with the "rexuser" and run the Ansible role, the message value should match with the over-ride, however the value is set to the default value.
Actual results:
Override behaves differently with default REX role and admin roles
Expected results:
Why these additional permissions are required when a matcher is set, if its required the default REX User role should be modified accordingly
Additional info:
When you add additional permission filter as below
Ansible Role: "view_ansible_roles"
Ansible Variable: "view_ansible_variable"
Parameter: "view_params"
After adding this the variables are correctly over-ride as per matchers.
- external trackers