use lineinfile On 13 September 2014 23:12, Patrick Ansible-ML <[email protected]> wrote: > Hi, > > I'm trying to do two simple things: > - check if a user is present in sshd_config AllowUsers > - if not, add the user to the AllowUsers line > > Sounds simple enough yet my Ansible foo is still lacking severly. The > problem is that the last task is always skipped. > > vars: > > allowusers: > - testuser > - patrick > > tasks: > > - name: Check if build user is in ssh AllowUsers > shell: grep -i -m1 -c {{ item }} /etc/ssh/sshd_config > with_items: allowusers > ignore_errors: True > register: check_allowusers > > - debug: var=check_allowusers > > - name: Add user to AllowUsers > shell: "sed -i 's|^AllowUsers |AllowUsers {{ item }} |' > /etc/ssh/sshd_config" > with_items: check_allowusers.results > when: item.stdout == 0 > > > Here is the output from debug: var=check_allowusers: > > TASK: [builder | debug var=check_allowusers] **** > ok: [test.local] => { > "check_allowusers": { > "changed": true, > "failed": true, > "msg": "One or more items failed.", > "results": [ > { > "changed": true, > "cmd": "grep -i -m1 -c testuser /etc/ssh/sshd_config", > "delta": "0:00:00.005375", > "end": "2014-09-13 20:03:37.564863", > "invocation": { > "module_args": "grep -i -m1 -c testuser > /etc/ssh/sshd_config", > "module_name": "shell" > }, > "item": "testuser", > "rc": 1, > "start": "2014-09-13 20:03:37.559488", > "stderr": "", > "stdout": "0" > }, > { > "changed": true, > "cmd": "grep -i -m1 -c patrick /etc/ssh/sshd_config", > "delta": "0:00:01.005767", > "end": "2014-09-13 20:03:38.671370", > "invocation": { > "module_args": "grep -i -m1 -c patrick > /etc/ssh/sshd_config", > "module_name": "shell" > }, > "item": "patrick", > "rc": 0, > "start": "2014-09-13 20:03:37.665603", > "stderr": "", > "stdout": "1" > } > ] > } > } > > If there isn't a better best practice way to do this then how do I make this > work? > > Thanks, > Patrick > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/5414C151.5030606%40puzzled.xs4all.nl. > For more options, visit https://groups.google.com/d/optout.
-- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAK5eLPSq9ugzq-Nv04SOxPvN%3Ddk8bADj%3DASQ_SfDHBn_ABrbHQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
