Thank you for your reply. I am getting what appears to be a formatting
error. Here is the task from my playbook, and the error it is generating:
-------------------------------------------
tasks:
- getent:
database: group
# Users in the default wheel group are automatically granted sudo privileges
- assert:
that: getent_group.wheel|default(["", "", ""])[2] == ""
msg: "The wheel group contains one or more users!"
-------------------------------------------
task path: /etc/ansible/playbooks/test1.yml:22
fatal: [jon-rhel7]: FAILED! => {
"msg": "The conditional check 'getent_group.wheel|default([\"\", \"\",
\"\"])[2] == \"\"' failed. The error was: template error while templating
string: expected token 'end of statement block', got '['. String: {% if
getent_group.wheel|default([\"\", \"\", \"\"])[2] == \"\" %} True {% else
%} False {% endif %}"
}
On Tuesday, April 2, 2019 at 12:28:14 PM UTC-4, Matt Martz wrote:
>
> You can use the `getent` module to do this. Something like:
>
> - getent:
> database: group
>
> - assert:
> that:
> - getent_group.wheel|default(["", "", ""])[2] == ""
>
> On Tue, Apr 2, 2019 at 11:22 AM Jon Adcock <[email protected]
> <javascript:>> wrote:
>
>> I'm trying to add a task to my security playbook to ensure that there are
>> no members in the default Linux wheel group. This has turned out to be
>> more difficult than I thought it would be.
>>
>> Can someone out there help get me started? (ansible 2.7.9)
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected] <javascript:>.
>> To post to this group, send email to [email protected]
>> <javascript:>.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/8eb57467-d348-4ca3-a013-9b8b9ac01235%40googlegroups.com
>>
>> <https://groups.google.com/d/msgid/ansible-project/8eb57467-d348-4ca3-a013-9b8b9ac01235%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>
> --
> Matt Martz
> @sivel
> sivel.net
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/134b6341-8224-4881-94fa-6a7d7a964d07%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
