Thanks, Tomasz, for the explanation -- wasn't aware that the 'lineinfile' module couldn't accept list input.
Now, my question is: how to take a YAML list (such as the groups list in my vars file), form a string of the format of "group1 group2", and use that in lineinfile? On Tuesday, November 4, 2014 2:54:07 AM UTC-5, Tomasz Kontusz wrote: > > > You are passing a list to lineinfile, and you should either pass in a > string or a dictionary: > > lineinfile: arg1=val1 foo=bar > > Or (IMHO better, as it has less problems with escaping): > > lineinfile: > arg1: 'val1' > foo='bar' > > Willard Dennis <[email protected] <javascript:>> napisał: > >Hi all, > > > >Trying to add a line (or modify if existing) to "sshd_config" to lock > >down > >who can SSH to the target server. On RHEL, there is no "AllowGroups" > >(or > >"AllowUsers") line present in the as-shipped sshd_config file. In any > >case, > >here is the play I wrote: > > > >- name: RHELFAM | Restrict SSH on Docker hosts to specific group > >members > > lineinfile: > > - dest=/etc/ssh/sshd_config > > - state=present > > - regexp='^AllowGroups ' > > - line='AllowGroups {{ ssh_allow_groups }}' > > - validate='/usr/sbin/sshd -t %s' > > when: ssh_allow_groups is defined > > notify: > > - reload sshd > > tags: limitsshusers > > > >Then in roles/<rolename>/vars/main.yml: > > > >--- > >ssh_allow_groups: > > - root > > - wheel > > > > > >But when I run the playbook containing the play above, I'm getting the > >error mssg: > >ERROR: action specified for task RHELFAM | Restrict SSH on Docker hosts > >to > >specific group members has invalid type <type 'list'> > > > >What am I doing wrong? > > > >Thanks, > >Will > > -- > Wysłane za pomocą K-9 Mail. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/0323e429-3de9-42bc-98d7-13115b457e8c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
