Anybody? Bueller? Bueller?
On Friday, July 22, 2016 at 1:07:20 AM UTC+12, Ian Dennison wrote:
>
> Am creating a playbook where the password age is set to 0 on userid
> create. The variable "user_created" gets detected as "changed" when a
> deleted userid is already deleted (ie, has "absent" in the item.state), so
> I am trying to work around this by putting a double conditional in the
> "users set passwd age on add" task. However ansible will not let me
> reference the item.state variable in any way, shape or form. I have tried
> "with quotes", "with brackets", "without quotes and with brackets", "with
> quoutes and without brackets".
>
> Question 1: Is the "changed" attribute being set when no user was actually
> removed a bug in the module?
>
> Question 2: What is the syntax for referencing item.state in a
> conditional?
>
>
> # tasks file for user
> ---
> - name: users | add / delete
> user:
> name: "{{ item.name }}"
> comment: "{{ item.comment | default('') }}"
> group: "{{ item.group | default(item.name) }}"
> groups: "{{ item.groups | default([]) | join(',') }}"
> append: "{{ item.append | default(false) }}"
> password: "{{ item.password | default('*') }}"
> update_password: "{{ item.update_password | default('always') }}"
> shell: "{{ item.shell | default('/bin/bash') }}"
> # default('~' + item.name) also seems to work, but is not idempotent
> home: "{{ item.home | default(('/' if item.name == 'root' else
> '/home/') + item.name) }}"
> system: "{{ item.system | default(false) }}"
> state: "{{ item.state | default('present') }}"
> remove: "{{ item.remove | default(false) }}"
> when: item.uid is not defined
> with_items: user_users
> tags:
> - user-users-no-gid
> register: user_created
>
> # Remove when minimal Ansible version >= 1.8
> - name: users | add / delete (with UID)
> user:
> name: "{{ item.name }}"
> uid: "{{ item.uid }}"
> comment: "{{ item.comment | default('') }}"
> group: "{{ item.group | default(item.name) }}"
> groups: "{{ item.groups | default([]) | join(',') }}"
> append: "{{ item.append | default(false) }}"
> password: "{{ item.password | default('*') }}"
> update_password: "{{ item.update_password | default('always') }}"
> shell: "{{ item.shell | default('/bin/bash') }}"
> home: "{{ item.home | default(('/' if item.name == 'root' else
> '/home/') + item.name) }}"
> system: "{{ item.system | default(false) }}"
> state: "{{ item.state | default('present') }}"
> remove: "{{ item.remove | default(false) }}"
> when: item.uid is defined
> with_items: user_users
> tags:
> - user-users-gid
> register: user_created
>
> # Extra step to set password age
> - name: users set passwd age on add
> shell: chage -d 0 {{ item.name }}
> when: "{{ item.state }}" == "present" and user_create.changed
> with_items: user_users
> ignore_errors: yes
>
> Error received:
> fatal: [iantest2]: FAILED! => {"failed": true, "reason": "Syntax Error
> while loading YAML.\n\n\nThe error appears to have been in
> '/home/ind01/chorus-BAU/roles/user/tasks/users.yml': line 49, column 28,
> but may\nbe elsewhere in the file depending on the exact syntax
> problem.\n\nThe offending line appears to be:\n\n shell: chage -d 0 {{
> item.name }}\n when: \"{{ item.state }}\" == \"present\" and
> user_created.changed\n ^ here\nWe could be wrong,
> but this one looks like it might be an issue with\nmissing quotes. Always
> quote template expression brackets when they\nstart a value. For
> instance:\n\n with_items:\n - {{ foo }}\n\nShould be written
> as:\n\n with_items:\n - \"{{ foo }}\"\n"}
>
>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/6c7881df-24de-435e-8753-4747933cce8f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
