Am creating a playbook where the password age is set to 0 on userid create.
The variable "user_created" gets detected as "changed" when a deleted
userid is already deleted (ie, has "absent" in the item.state), so I am
trying to work around this by putting a double conditional in the "users
set passwd age on add" task. However ansible will not let me reference the
item.state variable in any way, shape or form. I have tried "with quotes",
"with brackets", "without quotes and with brackets", "with quoutes and
without brackets".
Question 1: Is the "changed" attribute being set when no user was actually
removed a bug in the module?
Question 2: What is the syntax for referencing item.state in a conditional?
# tasks file for user
---
- name: users | add / delete
user:
name: "{{ item.name }}"
comment: "{{ item.comment | default('') }}"
group: "{{ item.group | default(item.name) }}"
groups: "{{ item.groups | default([]) | join(',') }}"
append: "{{ item.append | default(false) }}"
password: "{{ item.password | default('*') }}"
update_password: "{{ item.update_password | default('always') }}"
shell: "{{ item.shell | default('/bin/bash') }}"
# default('~' + item.name) also seems to work, but is not idempotent
home: "{{ item.home | default(('/' if item.name == 'root' else
'/home/') + item.name) }}"
system: "{{ item.system | default(false) }}"
state: "{{ item.state | default('present') }}"
remove: "{{ item.remove | default(false) }}"
when: item.uid is not defined
with_items: user_users
tags:
- user-users-no-gid
register: user_created
# Remove when minimal Ansible version >= 1.8
- name: users | add / delete (with UID)
user:
name: "{{ item.name }}"
uid: "{{ item.uid }}"
comment: "{{ item.comment | default('') }}"
group: "{{ item.group | default(item.name) }}"
groups: "{{ item.groups | default([]) | join(',') }}"
append: "{{ item.append | default(false) }}"
password: "{{ item.password | default('*') }}"
update_password: "{{ item.update_password | default('always') }}"
shell: "{{ item.shell | default('/bin/bash') }}"
home: "{{ item.home | default(('/' if item.name == 'root' else
'/home/') + item.name) }}"
system: "{{ item.system | default(false) }}"
state: "{{ item.state | default('present') }}"
remove: "{{ item.remove | default(false) }}"
when: item.uid is defined
with_items: user_users
tags:
- user-users-gid
register: user_created
# Extra step to set password age
- name: users set passwd age on add
shell: chage -d 0 {{ item.name }}
when: "{{ item.state }}" == "present" and user_create.changed
with_items: user_users
ignore_errors: yes
Error received:
fatal: [iantest2]: FAILED! => {"failed": true, "reason": "Syntax Error
while loading YAML.\n\n\nThe error appears to have been in
'/home/ind01/chorus-BAU/roles/user/tasks/users.yml': line 49, column 28,
but may\nbe elsewhere in the file depending on the exact syntax
problem.\n\nThe offending line appears to be:\n\n shell: chage -d 0 {{
item.name }}\n when: \"{{ item.state }}\" == \"present\" and
user_created.changed\n ^ here\nWe could be wrong,
but this one looks like it might be an issue with\nmissing quotes. Always
quote template expression brackets when they\nstart a value. For
instance:\n\n with_items:\n - {{ foo }}\n\nShould be written
as:\n\n with_items:\n - \"{{ foo }}\"\n"}
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/c447aab1-d366-4e6f-aaf4-e24440d53109%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
