5

I am in process of automating installation of sage through ansible-playbook. In that I need to run two shell scripts. Here is how the first shell script look: 

#!/bin/bash
# Creating Sage notebook

dir="/root/.sage/sage_notebook.sagenb"
screen -S "Sage_Server" sage -c 'notebook(interface="", directory=$dir, port=80, accounts=true)'

This is the second shell script's code:

#!/bin/bash
# Creating Sage inotebook

address=$(hostname --ip-address)
sage -c "inotebook(interface=" "'$address'" ",port=80,accounts=true)"

And this is how the playbook looks:

---
- hosts: localhost
  remote_user: root

  tasks:
   - name : update system
     apt : update_cache=yes    

   - name : install m4
     apt : name=m4 state=present

   - name : install build-essential
     apt : name=build-essential state=present 

   - name : install gcc
     apt : name=gcc state=present

   - name : install gfortran
     apt : name=gfortran state=present

   - name : install libssl-dev
     apt : name=libssl-dev state=present

   - name : install python-software-properties
     apt : name=python-software-properties state=present

   - name : add sage ppa repo
     apt_repository: repo='ppa:aims/sagemath'

   - name : update system
     apt : update_cache=yes

   - name : install dvipng
     apt : name=dvipng state=present

   - name : install sage binary
     apt : name=sagemath-upstream-binary state=present

   - name : invoke create_sagenb script
     command: /usr/bin/screen -d -m sudo /root/databases-and-datamining-iiith/python-scripts/create_sagenb -i -y

   - name : invoke start_sage script
     command: /usr/bin/screen -d -m sudo /root/databases-and-datamining-iiith/python-scripts/start_sage -i -y

Now when I run the first script, it asks for a new sage password which could be anything. But I am not able to pass that password from the playbook. Still, if I do

ps -ef | grep sh

I could see that the scripts are running but the sage service is not running. It needs the password in order to start the service.

Could anyone please tell me how can I provide password as an argument to the shell scripts through command.

msw
  • 42,753
  • 9
  • 87
  • 112
apurv
  • 83
  • 1
  • 2
  • 5
  • 4
    The technique used to pass a password to a shell script is the same as the technique used to shoot yourself in the foot. You avoid it. There is no way to do it without introducing a security hole. – William Pursell Aug 28 '15 at 12:54

2 Answers2

2

I don't know sage and don't know how to provide a password in an alternative way, but if the program ask for a password than you can probably use expect as suggested here.

Community
  • 1
  • 1
Alepac
  • 1,833
  • 13
  • 24
2

As a rule of thumb you shouldn't run scripts that needs user input in ansible playbooks.

You could try to use something like

echo "password" | script.sh

or

Create a sage-password file in /etc containing the password and:

script.sh < /etc/sage-password

But this will only work if it is reading from stdin - most applications read password directly from terminal device driver (i.e. /dev/ttyS# ), in that case this trick won't work.

If that's the case, take a look to the sage docs, they should have a more robust way for non-interactive startup.

chicks
  • 2,393
  • 3
  • 24
  • 40
Filipe Felisbino
  • 2,712
  • 25
  • 26
  • echo may or may not work, according to the implementation of the script. for example, it won't work if it launches a tty and ask for password there. `expect` and its variance should be better and more guaranteed choice. – Jason Hu Aug 28 '15 at 13:04