Skip to content

sap_system_facts: Add SID and permission check to facts module#73

Merged
marcelmamula merged 5 commits into
sap-linuxlab:devfrom
marcelmamula:facts_perm
Feb 26, 2026
Merged

sap_system_facts: Add SID and permission check to facts module#73
marcelmamula merged 5 commits into
sap-linuxlab:devfrom
marcelmamula:facts_perm

Conversation

@marcelmamula

@marcelmamula marcelmamula commented Feb 26, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Changes

  • Add permission check for /usr/sap/hostctrl/exe/sapcontrol and module fail if missing. This is important for non-root users
  • Add permission check for HANA and NW folders, which will not fail but skip either SID or Instance
  • Add SID pattern check to ensure we check only correct pattern
  • Add Instance name pattern check to skip folders like SYS, exe, hdbclient

Idea for permission check comes from @zoliton in #70, but it is applied to all folders with better accuracy, not just root folders.

Tests

Tested on BW4HANA system on SLES_SAP 16.0.

User Ansible with no permission to execute sapcontrol

fatal: [b01hana]: FAILED! =>
    changed: false
    msg: 'Permission denied: Ansible user cannot execute /usr/sap/hostctrl/exe/sapcontrol'

User Ansible with no permissions to folders

ok: [b01hana] =>
    __sap_system_facts_output:
        ansible_facts: {}
        changed: false
        failed: false
        msg: No running SAP instances found or Ansible user cannot access them.

User Ansible with access only HANA instance:

ok: [b01hana] =>
    __sap_system_facts_output:
        ansible_facts:
            sap:
            -   InstanceType: HANA
                NR: '90'
                SID: H01
                TYPE: HDB
        changed: false
        failed: false
        msg: SAP System facts were collected.

User root

ok: [b01hana] =>
    __sap_system_facts_output:
        ansible_facts:
            sap:
            -   InstanceType: HANA
                NR: '90'
                SID: H01
                TYPE: HDB
            -   InstanceType: NW
                NR: '00'
                SID: B01
                TYPE: ASCS
            -   InstanceType: NW
                NR: '01'
                SID: B01
                TYPE: PAS
            -   InstanceType: NW
                NR: '11'
                SID: B01
                TYPE: PAS
        changed: false
        failed: false
        msg: SAP System facts were collected.

@marcelmamula marcelmamula self-assigned this Feb 26, 2026
@marcelmamula marcelmamula added the enhancement New feature or request label Feb 26, 2026
@marcelmamula marcelmamula mentioned this pull request Feb 26, 2026
Closed
@marcelmamula

marcelmamula commented Feb 26, 2026

Copy link
Copy Markdown
Contributor Author

Tested and confirmed by #70 (comment)

sean-freeman
sean-freeman approved these changes Feb 26, 2026
View reviewed changes

@sean-freeman sean-freeman left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM - good approach and good first contribution from @zoliton

@marcelmamula marcelmamula merged commit 9bf7d41 into sap-linuxlab:dev Feb 26, 2026
29 checks passed
@marcelmamula marcelmamula mentioned this pull request Mar 13, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sean-freeman sean-freeman sean-freeman approved these changes

Assignees

@marcelmamula marcelmamula

Labels

enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@marcelmamula @sean-freeman