psexec: new module to run commands on a remote Windows host without WinRM #36723
Conversation
|
The test |
jborean93
changed the title
jborean93
changed the title
|
A few little docs suggestions, a couple things to consider on arg naming/UX, and you could probably cut way back on the exception handling code, but overall looks nice and simple (on top of the horribly complex library you've built elsewhere ;) ) |
lib/ansible/modules/commands/psexec.py
Outdated
| description: | ||
| - Will run the command as a detached process and the module returns | ||
| immediately after starting the processs while the process continues to | ||
| run the background. |
nitzmahone
Apr 19, 2018
Member
s/run the/run in the/
s/run the/run in the/
lib/ansible/modules/commands/psexec.py
Outdated
| - This requires the SMB 3 protocol which is only supported from Windows | ||
| Server 2012 or Windows 8, older versions like Windows 7 or Windows Server | ||
| 2008 (R2) must set this to C(no) and use no encryption. | ||
| - When setting to C(no), the packets are in plaintext and can be seend by |
nitzmahone
Apr 19, 2018
Member
s/seend/seen/
s/seend/seen/
lib/ansible/modules/commands/psexec.py
Outdated
| - pypsexec | ||
| - smbprotocol[kerberos] for Kerberos authentication | ||
| notes: | ||
| - This module requires the Windows host to have SMB setup and the port 445 |
nitzmahone
Apr 19, 2018
Member
s/setup and the port/configured and enabled, and port/
s/setup and the port/configured and enabled, and port/
lib/ansible/modules/commands/psexec.py
Outdated
| connection_timeout=dict(type='int', default=60), | ||
| executable=dict(type='str', required=True), | ||
| arguments=dict(type='str'), | ||
| working_directory=dict(type='str', default='C:\\Windows\\System32'), |
nitzmahone
Apr 19, 2018
Member
r'C:\Windows\System32'
r'C:\Windows\System32'
lib/ansible/modules/commands/psexec.py
Outdated
| - This can be set to run the process under an Interactive logon of the | ||
| specified account which bypasses limitations of a Network logon used when | ||
| this isn't specified. | ||
| - If ommited then the process is run under the same account as |
nitzmahone
Apr 19, 2018
Member
s/ommited/omitted/
s/ommited/omitted/
lib/ansible/modules/commands/psexec.py
Outdated
| priority=dict(type='str', default='normal', | ||
| choices=['above_normal', 'below_normal', 'high', | ||
| 'idle', 'normal', 'realtime']), | ||
| show_ui_on_win_logon=dict(type='bool', default=False), |
nitzmahone
Apr 19, 2018
Member
Feels like this could use a better name, but I'm not sure what... show_ui_on_secure_desktop? show_ui_on_logon_screen?
Feels like this could use a better name, but I'm not sure what... show_ui_on_secure_desktop? show_ui_on_logon_screen?
jborean93
Apr 23, 2018
Author
Contributor
I think I like show_ui_on_logon_screen, people would understand it better.
I think I like show_ui_on_logon_screen, people would understand it better.
lib/ansible/modules/commands/psexec.py
Outdated
| priority=priority, show_ui_on_win_logon=show_ui_on_win_logon, | ||
| timeout_seconds=process_timeout, stdin=b_stdin | ||
| ) | ||
| if not module.check_mode: |
nitzmahone
Apr 19, 2018
Member
should be superfluous unless you want to add a different command for check_mode support (since supports_check_mode is false)
should be superfluous unless you want to add a different command for check_mode support (since supports_check_mode is false)
jborean93
Apr 20, 2018
Author
Contributor
Thanks for the pickup, was leftovers from the original code I had.
Thanks for the pickup, was leftovers from the original code I had.
lib/ansible/modules/commands/psexec.py
Outdated
| if not module.check_mode: | ||
| try: | ||
| win_client.create_service() | ||
| except PDUException as exc: |
nitzmahone
Apr 19, 2018
Member
Since the error handling is effectively the same beyond slight tweaks to the messaging, you could collapse all this with
except (SCMRException,PDUException,PypsexecException,SMBException) as exc:
...
Since the error handling is effectively the same beyond slight tweaks to the messaging, you could collapse all this with
except (SCMRException,PDUException,PypsexecException,SMBException) as exc:
...
lib/ansible/modules/commands/psexec.py
Outdated
| try: | ||
| proc_result = win_client.run_executable(**run_args) | ||
| except PAExecException as exc: | ||
| module.fail_json(msg='Received error when running remote process: ' |
nitzmahone
Apr 19, 2018
Member
same here with the collapse
same here with the collapse
lib/ansible/modules/commands/psexec.py
Outdated
| # close the SMB connection | ||
| try: | ||
| win_client.disconnect() | ||
| except SMBResponseException as exc: |
nitzmahone
Apr 19, 2018
Member
Same here with exception handling collapse. You could use something like type(exc).__name__ in the string if you don't want the whole stacktrace but still want to know what it was- I'm guessing that's not useful info to an end user, but might be for troubleshooting.
Same here with exception handling collapse. You could use something like type(exc).__name__ in the string if you don't want the whole stacktrace but still want to know what it was- I'm guessing that's not useful info to an end user, but might be for troubleshooting.
…inRM
…tem account
oolongbrothers
pushed a commit
to oolongbrothers/ansible
that referenced
this pull request
May 12, 2018
…inRM (ansible#36723) * psexec: new module to run commands on a remote Windows host without WinRM * fix up sanity issue, create test firewall rule for SMB traffic * Fixed up yaml linting issues, trying to fix on the fly firewall rule * Added SMB exception to catch when cleaning up PAExec exe * Don't load profile for Azure hosts when becoming another user * Fixed up example to use correct option * Reworded notes section of module docs * Simplified module options around process integrity levels and the system account
oolongbrothers
pushed a commit
to oolongbrothers/ansible
that referenced
this pull request
May 14, 2018
…inRM (ansible#36723) * psexec: new module to run commands on a remote Windows host without WinRM * fix up sanity issue, create test firewall rule for SMB traffic * Fixed up yaml linting issues, trying to fix on the fly firewall rule * Added SMB exception to catch when cleaning up PAExec exe * Don't load profile for Azure hosts when becoming another user * Fixed up example to use correct option * Reworded notes section of module docs * Simplified module options around process integrity levels and the system account
oolongbrothers
pushed a commit
to oolongbrothers/ansible
that referenced
this pull request
May 14, 2018
…inRM (ansible#36723) * psexec: new module to run commands on a remote Windows host without WinRM * fix up sanity issue, create test firewall rule for SMB traffic * Fixed up yaml linting issues, trying to fix on the fly firewall rule * Added SMB exception to catch when cleaning up PAExec exe * Don't load profile for Azure hosts when becoming another user * Fixed up example to use correct option * Reworded notes section of module docs * Simplified module options around process integrity levels and the system account
oolongbrothers
pushed a commit
to oolongbrothers/ansible
that referenced
this pull request
May 15, 2018
…inRM (ansible#36723) * psexec: new module to run commands on a remote Windows host without WinRM * fix up sanity issue, create test firewall rule for SMB traffic * Fixed up yaml linting issues, trying to fix on the fly firewall rule * Added SMB exception to catch when cleaning up PAExec exe * Don't load profile for Azure hosts when becoming another user * Fixed up example to use correct option * Reworded notes section of module docs * Simplified module options around process integrity levels and the system account
oolongbrothers
pushed a commit
to oolongbrothers/ansible
that referenced
this pull request
May 15, 2018
…inRM (ansible#36723) * psexec: new module to run commands on a remote Windows host without WinRM * fix up sanity issue, create test firewall rule for SMB traffic * Fixed up yaml linting issues, trying to fix on the fly firewall rule * Added SMB exception to catch when cleaning up PAExec exe * Don't load profile for Azure hosts when becoming another user * Fixed up example to use correct option * Reworded notes section of module docs * Simplified module options around process integrity levels and the system account
ilicmilan
added a commit
to ilicmilan/ansible
that referenced
this pull request
Nov 7, 2018
…inRM (ansible#36723) * psexec: new module to run commands on a remote Windows host without WinRM * fix up sanity issue, create test firewall rule for SMB traffic * Fixed up yaml linting issues, trying to fix on the fly firewall rule * Added SMB exception to catch when cleaning up PAExec exe * Don't load profile for Azure hosts when becoming another user * Fixed up example to use correct option * Reworded notes section of module docs * Simplified module options around process integrity levels and the system account
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
SUMMARY
This is a new module that allows users to run a command on a remote Windows host without the requirement of WinRM. It can be used to run once off commands for a Windows host or even to bootstrap the WinRM listener so you can use the Ansible
winrmconnection plugin.ISSUE TYPE
COMPONENT NAME
psexec
ANSIBLE VERSION