ansible.builtin.raw module – Executes a low-down and dirty command
Note
This module is part of ansible-core and included in all Ansible
installations. In most cases, you can use the short
module name
raw even without specifying the collections keyword.
However, we recommend you use the Fully Qualified Collection Name (FQCN) ansible.builtin.raw for easy linking to the
module documentation and to avoid conflicting with other collections that may have
the same module name.
Synopsis
Executes a low-down and dirty SSH command, not going through the module subsystem.
This is useful and should only be done in a few cases. A common case is installing
pythonon a system without python installed by default. Another is speaking to any devices such as routers that do not have any Python installed. In any other case, using the ansible.builtin.shell or ansible.builtin.command module is much more appropriate.Arguments given to
raware run directly through the configured remote shell.Standard output, error output and return code are returned when available.
There is no change handler support for this module.
This module does not require python on the remote system, much like the ansible.builtin.script module.
This module is also supported for Windows targets.
If the command returns non UTF-8 data, it must be encoded to avoid issues. One option is to pipe the output through
base64.
Note
This module has a corresponding action plugin.
Parameters
Parameter |
Comments |
|---|---|
Change the shell used to execute the command. Should be an absolute path to the executable. When using privilege escalation ( |
|
The raw module takes a free form command to run. There is no parameter actually named ‘free form’; see the examples! |
Attributes
Attribute |
Support |
Description |
|---|---|---|
Support: none |
Can run in check_mode and return changed status prediction without modifying target, if not supported the action will be skipped. |
|
Support: none |
Will return details on what has changed (or possibly needs changing in check_mode), when in diff mode |
|
Platforms: all This action is one of the few that requires no Python on the remote as it passes the command directly into the connection string |
Target OS/families that can be operated against |
|
Support: full |
Indicates if an action takes a ‘raw’ or ‘free form’ string as an option and has it’s own special parsing of it |
Notes
Note
If using raw from a playbook, you may need to disable fact gathering using
gather_facts: noif you’re usingrawto bootstrap python onto the machine.If you want to execute a command securely and predictably, it may be better to use the ansible.builtin.command or ansible.builtin.shell modules instead.
The
environmentkeyword does not work with raw normally, it requires a shell which means it only works ifexecutableis set or using the module with privilege escalation (become).
See Also
See also
- ansible.builtin.command
Execute commands on targets.
- ansible.builtin.shell
Execute shell commands on targets.
- ansible.windows.win_command
The official documentation on the ansible.windows.win_command module.
- ansible.windows.win_shell
The official documentation on the ansible.windows.win_shell module.
Examples
- name: Bootstrap a host without python2 installed
ansible.builtin.raw: dnf install -y python2 python2-dnf libselinux-python
- name: Run a command that uses non-posix shell-isms (in this example /bin/sh doesn't handle redirection and wildcards together but bash does)
ansible.builtin.raw: cat < /tmp/*txt
args:
executable: /bin/bash
- name: Safely use templated variables. Always use quote filter to avoid injection issues.
ansible.builtin.raw: "{{ package_mgr|quote }} {{ pkg_flags|quote }} install {{ python|quote }}"
- name: List user accounts on a Windows system
ansible.builtin.raw: Get-WmiObject -Class Win32_UserAccount