The stdout in one case is "0" and another is "1" so this seems to be working as designed.
As such, I think this would be the way your system is setup (aka it works correctly) or your grep needs modification. Ansible *appears* to be doing what you want. On Sat, Sep 13, 2014 at 6:19 PM, Patrick Ansible-ML < [email protected]> wrote: > Hi, > > I'm trying to do two simple things: > - check if a user is present in sshd_config AllowUsers > - if not, add the user to the AllowUsers line > > Sounds simple enough yet my Ansible foo is still lacking severly. The > problem is that the last task is always skipped. > > vars: > > allowusers: > - testuser > - patrick > > tasks: > > - name: Check if build user is in ssh AllowUsers > shell: grep -i -m1 -c {{ item }} /etc/ssh/sshd_config > with_items: allowusers > ignore_errors: True > register: check_allowusers > > - debug: var=check_allowusers > > - name: Add user to AllowUsers > shell: "sed -i 's|^AllowUsers |AllowUsers {{ item }} |' > /etc/ssh/sshd_config" > with_items: check_allowusers.results > when: item.stdout == 0 > > > Here is the output from debug: var=check_allowusers: > > TASK: [builder | debug var=check_allowusers] **** > ok: [test.local] => { > "check_allowusers": { > "changed": true, > "failed": true, > "msg": "One or more items failed.", > "results": [ > { > "changed": true, > "cmd": "grep -i -m1 -c testuser /etc/ssh/sshd_config", > "delta": "0:00:00.005375", > "end": "2014-09-13 20:03:37.564863", > "invocation": { > "module_args": "grep -i -m1 -c testuser > /etc/ssh/sshd_config", > "module_name": "shell" > }, > "item": "testuser", > "rc": 1, > "start": "2014-09-13 20:03:37.559488", > "stderr": "", > "stdout": "0" > }, > { > "changed": true, > "cmd": "grep -i -m1 -c patrick /etc/ssh/sshd_config", > "delta": "0:00:01.005767", > "end": "2014-09-13 20:03:38.671370", > "invocation": { > "module_args": "grep -i -m1 -c patrick > /etc/ssh/sshd_config", > "module_name": "shell" > }, > "item": "patrick", > "rc": 0, > "start": "2014-09-13 20:03:37.665603", > "stderr": "", > "stdout": "1" > } > ] > } > } > > If there isn't a better best practice way to do this then how do I make > this work? > > Thanks, > Patrick > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/ansible-project/5414C302.8030703%40puzzled.xs4all.nl. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgyjuP0Nr5vy2%2B7iZ0EdYsYJ1rGR1g2xHES9nZaXNUCDMw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
