This almost works but I cant make it skip when the grep root
/etc/password fails. I dont understand how to access out.rc when using a
loop. My when statement doesnt work. I am not as interested in this task
as I am pulling rc from a loop then using it in the next loop.
---
- hosts: all
gather_facts: no
become: yes
vars:
check_users:
- root
- admin
- oracle
tasks:
- name: check user exists
shell: grep {{ item }} /etc/passwd
failed_when: False
register: out
with_items: "{{ check_users }}"
- name: check if existing user is in sudoers
command: grep {{ item }} /etc/sudoers
failed_when: False
# when: item.1.rc == 0
register: check_sudoers
with_items: "{{ check_users }}"
- debug:
var: check_sudoers
On Wed, May 20, 2020 at 6:02 PM Dick Visser <[email protected]> wrote:
>
>
> On Wed, 20 May 2020 at 21:58, Jerry Jerry <[email protected]> wrote:
>
>> My bigger question is how to run a loop with with_items then process the
>> output in the second play.
>>
>> The objective is to see if user1, user2, user3 exist locally make sure
>> they have sudo rights.
>>
>
> See
> https://docs.ansible.com/ansible/latest/modules/user_module.html
>
>
>
>
>> when my play tries to process out.results.item:
>>
>> - name: check if existing user is in sudoers
>> command: grep {{ item }} /etc/sudoers
>> with_items: "{{ out.results.item }}"
>> register: message
>>
>> TASK [check if existing user is in sudoers]
>> ****************************************************************************************************************************************************************
>> fatal: [hostname]: FAILED! => {"msg": "'list object' has no attribute
>> 'item'"}
>> to retry, use: --limit @/opt/rhel-ansible/check_sudo_users.retry
>>
>> On Wednesday, May 20, 2020 at 3:49:30 PM UTC-4, Dick Visser wrote:
>>>
>>> You forgot the output.
>>> Also, what is your high level goal.
>>> Why do you need to know if a user exists and has sudo permission.
>>>
>>> On Wed, 20 May 2020 at 21:21, Jerry Jerry <[email protected]> wrote:
>>>
>> Trying to check if a user exists locally and if true, check to see if it
>>>> has sudo rights. I can't seem to process the second loop. I tried using
>>>> out.results.item but error:
>>>>
>>>> fatal: [hostname]: FAILED! => {"msg": "'list object' has no attribute
>>>> 'item'"}
>>>>
>>>> ---
>>>> - hosts: all
>>>> gather_facts: no
>>>> become: yes
>>>> tasks:
>>>> - name: check user exists
>>>> command: grep {{ item }} /etc/passwd
>>>> failed_when: False
>>>> register: out
>>>> with_items:
>>>> - user1
>>>> - user2
>>>> - user3
>>>>
>>>> - debug:
>>>> var: out
>>>>
>>>> - name: check if existing user is in sudoers
>>>> command: grep {{ item }} /etc/sudoers
>>>> with_items: "{{ out.results }}"
>>>> register: message
>>>>
>>>> - debug:
>>>> var: message
>>>>
>>>> --
>>>> You received this message because you are subscribed to the Google
>>>> Groups "Ansible Project" group.
>>>>
>>> To unsubscribe from this group and stop receiving emails from it, send
>>>> an email to [email protected].
>>>> To view this discussion on the web visit
>>>> https://groups.google.com/d/msgid/ansible-project/780471fd-cc97-4a8d-930e-147784254c80%40googlegroups.com
>>>> <https://groups.google.com/d/msgid/ansible-project/780471fd-cc97-4a8d-930e-147784254c80%40googlegroups.com?utm_medium=email&utm_source=footer>
>>>> .
>>>>
>>> --
>>> Sent from a mobile device - please excuse the brevity, spelling and
>>> punctuation.
>>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected].
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/71a7ca09-47be-4d03-92e4-8e741dc0bf94%40googlegroups.com
>> <https://groups.google.com/d/msgid/ansible-project/71a7ca09-47be-4d03-92e4-8e741dc0bf94%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>>
> --
> Sent from a mobile device - please excuse the brevity, spelling and
> punctuation.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAL8fbwOQ0d7mGMGX_6KZYk-DGpKwCSoPS7%2BcMJ6cazKbzN1DxQ%40mail.gmail.com
> <https://groups.google.com/d/msgid/ansible-project/CAL8fbwOQ0d7mGMGX_6KZYk-DGpKwCSoPS7%2BcMJ6cazKbzN1DxQ%40mail.gmail.com?utm_medium=email&utm_source=footer>
> .
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CAELbLaHfRADQ0x%2B%3DKxDXySjb9jhbOa4AJh1P%2B8ZnR5oNHhxGwQ%40mail.gmail.com.
