Yeah you will have to do "item.something" to not get the full hash result, like item.rc or item.stdout or item.cmd, as appropriate...
On Sun, Sep 14, 2014 at 10:30 AM, Patrick Ansible-ML < [email protected]> wrote: > Hi Michael, > > Thank you for your feedback. > > On 14-09-14 15:38, Michael DeHaan wrote: > >> The stdout in one case is "0" and another is "1" so this seems to be >> working as designed. >> >> As such, I think this would be the way your system is setup (aka it >> works correctly) or your grep needs modification. >> >> Ansible *appears* to be doing what you want. >> > > Tried more stuff and got a useful error. It appears that Ansible does not > pass in the *name* from the 'allowuser' list as item in the sed command but > instead throws in *all* the 'results' text: > > "cmd": "sed -i 's|^AllowUsers |AllowUsers {u'changed': True, ... > > Obviously that will make sed fail. So what do I need to change to make it > use just the name from the 'allowuser' list? > > > Full error: > > TASK: [builder | builder | Add user to AllowUsers] > **************************** > failed: [test.nl] => (item={u'stdout': u'0', u'changed': True, u'end': > u'2014-09-14 16:07:04.437150', 'item': u'testuser', u'cmd': u'grep -i -c > testuser /etc/ssh/sshd_config', u'rc': 1, u'start': u'2014-09-14 > 16:07:04.433035', u'stderr': u'', u'delta': u'0:00:00.004115', > 'invocation': {'module_name': u'shell', 'module_args': u'grep -i -c > testuser /etc/ssh/sshd_config'}}) => {"changed": true, "cmd": "sed -i > 's|^AllowUsers |AllowUsers {u'changed': True, u'end': u'2014-09-14 > 16:07:04.437150', u'stdout': u'0', u'cmd': u'grep -i -c testuser > /etc/ssh/sshd_config', 'item': u'testuser', u'delta': u'0:00:00.004115', > u'stderr': u'', u'rc': 1, 'invocation': {'module_name': u'shell', > 'module_args': u'grep -i -c testuser /etc/ssh/sshd_config'}, u'start': > u'2014-09-14 16:07:04.433035'} |' /etc/ssh/sshd_config", "delta": > "0:00:00.005010", "end": "2014-09-14 16:07:04.567878", "item": {"changed": > true, "cmd": "grep -i -c testuser /etc/ssh/sshd_config", "delta": > "0:00:00.004115", "end": "2014-09-14 16:07:04.437150", "invocation": > {"module_args": "grep -i -c testuser /etc/ssh/sshd_config", "module_name": > "shell"}, "item": "testuser", "rc": 1, "start": "2014-09-14 > 16:07:04.433035", "stderr": "", "stdout": "0"}, "rc": 1, "start": > "2014-09-14 16:07:04.562868"} > stderr: sed: -e expression #1, char 60: unterminated `s' command > > FATAL: all hosts have already failed -- aborting > > > Thanks, > Patrick > > >> >> >> On Sat, Sep 13, 2014 at 6:19 PM, Patrick Ansible-ML >> <[email protected] <mailto:[email protected]>> wrote: >> >> Hi, >> >> I'm trying to do two simple things: >> - check if a user is present in sshd_config AllowUsers >> - if not, add the user to the AllowUsers line >> >> Sounds simple enough yet my Ansible foo is still lacking severly. >> The problem is that the last task is always skipped. >> >> vars: >> >> allowusers: >> - testuser >> - patrick >> >> tasks: >> >> - name: Check if build user is in ssh AllowUsers >> shell: grep -i -m1 -c {{ item }} /etc/ssh/sshd_config >> with_items: allowusers >> ignore_errors: True >> register: check_allowusers >> >> - debug: var=check_allowusers >> >> - name: Add user to AllowUsers >> shell: "sed -i 's|^AllowUsers |AllowUsers {{ item }} |' >> /etc/ssh/sshd_config" >> with_items: check_allowusers.results >> when: item.stdout == 0 >> >> >> Here is the output from debug: var=check_allowusers: >> >> TASK: [builder | debug var=check_allowusers] **** >> ok: [test.local] => { >> "check_allowusers": { >> "changed": true, >> "failed": true, >> "msg": "One or more items failed.", >> "results": [ >> { >> "changed": true, >> "cmd": "grep -i -m1 -c testuser >> /etc/ssh/sshd_config", >> "delta": "0:00:00.005375", >> "end": "2014-09-13 20:03:37.564863", >> "invocation": { >> "module_args": "grep -i -m1 -c testuser >> /etc/ssh/sshd_config", >> "module_name": "shell" >> }, >> "item": "testuser", >> "rc": 1, >> "start": "2014-09-13 20:03:37.559488", >> "stderr": "", >> "stdout": "0" >> }, >> { >> "changed": true, >> "cmd": "grep -i -m1 -c patrick /etc/ssh/sshd_config", >> "delta": "0:00:01.005767", >> "end": "2014-09-13 20:03:38.671370", >> "invocation": { >> "module_args": "grep -i -m1 -c patrick >> /etc/ssh/sshd_config", >> "module_name": "shell" >> }, >> "item": "patrick", >> "rc": 0, >> "start": "2014-09-13 20:03:37.665603", >> "stderr": "", >> "stdout": "1" >> } >> ] >> } >> } >> >> If there isn't a better best practice way to do this then how do I >> make this work? >> >> Thanks, >> Patrick >> >> -- >> You received this message because you are subscribed to the Google >> Groups "Ansible Project" group. >> To unsubscribe from this group and stop receiving emails from it, >> send an email to ansible-project+unsubscribe@__googlegroups.com >> <mailto:ansible-project%[email protected]>. >> To post to this group, send email to >> ansible-project@googlegroups.__com >> <mailto:[email protected]>. >> To view this discussion on the web visit >> https://groups.google.com/d/__msgid/ansible-project/__ >> 5414C302.8030703%40puzzled.__xs4all.nl >> <https://groups.google.com/d/msgid/ansible-project/ >> 5414C302.8030703%40puzzled.xs4all.nl>. >> For more options, visit https://groups.google.com/d/__optout >> <https://groups.google.com/d/optout>. >> >> >> -- >> You received this message because you are subscribed to the Google >> Groups "Ansible Project" group. >> To unsubscribe from this group and stop receiving emails from it, send >> an email to [email protected] >> <mailto:[email protected]>. >> To post to this group, send email to [email protected] >> <mailto:[email protected]>. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgyjuP0Nr5vy2% >> 2B7iZ0EdYsYJ1rGR1g2xHES9nZaXNUCDMw%40mail.gmail.com >> <https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgyjuP0Nr5vy2% >> 2B7iZ0EdYsYJ1rGR1g2xHES9nZaXNUCDMw%40mail.gmail.com?utm_ >> medium=email&utm_source=footer>. >> For more options, visit https://groups.google.com/d/optout. >> > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/ansible-project/5415A66B.20305%40puzzled.xs4all.nl. > > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgzz15sTtS8KHv7KnTUKkrkQomw0d5E_qrjw33--vQSqhA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
