[ansible-project] Bash to ansible

Mario Procopio Mon, 18 Oct 2021 18:01:26 -0700


Hi there.


I'm trying to use ansible to automate standard controls on redhat servers, 
I have several bash scripts that I currently run locally on each server so 
I can control them.

Script in bash

 [image: pbash.PNG]
today=`date`
host=`hostname`
version=`cat /etc/redhat-release`
direccionip=`hostname -i`
user=`whoami`
azure=`systemd-detect-virt`
echo 
"############################################################################################"
echo "### HOSTNAME  $host"
echo "### VERSION   $version"
echo "### DIRECCION IP  $direccionip"
echo "### TIPO (AWS=kvm, zen o microsoft | Azure=hyper-v | Vmware=vmware)   
$azure"
echo "### FECHA $today"
echo "### USUARIO   $user"
echo 
"############################################################################################"
echo " "
echo 
"############################################################################################"
echo "### 5.12 - Configure data retention  ###"
echo 
"############################################################################################"
echo " "
echo "### 5.12.6 - Collect privileged command usage ###"
echo " "
UIDMINVAL=$(/bin/awk '/^\s*UID_MIN/{print $2}' /etc/login.defs); 
LINES=$(sudo find / -xdev -perm -4000 -o -perm -2000 -type f); for LINE in 
$LINES; do LINE1="-a always,exit -F  path=$LINE -F perm=x -F 
auid>=$UIDMINVAL -F auid!=4294967295 -k privileged"; if [ $(sudo cat 
/etc/audit/rules.d/audit.rules |/bin/egrep -- "^$LINE1" | wc -l) -eq 0 ]; 
then LINE2="-a always,exit -F path=$LINE -F perm=x -F auid>=$UIDMINVAL -F 
auid!=4294967295 -k privileged"; if [ $(sudo cat 
/etc/audit/rules.d/audit.rules |/bin/egrep -- "^$LINE2" | wc -l) -eq 0 ]; 
then echo "$LINE2 - not found in /etc/audit/rules.d/audit.rules"; fi; fi; 
done
echo " "
echo 
"############################################################################################"
echo "### Fin ###"
echo 
"############################################################################################"


ere is my playbook that I am trying to put together in ansible. Everything 
works perfect, until I add line 12 and there it fails.

[image: ansible.PNG]
- name: Shell Examples
  hosts: all
  tasks:
    - name: Check Date with Shell command
      shell: |
          date
          hostname
          cat /etc/redhat-release
          hostname -i
          whoami
          systemd-detect-virt
          UIDMINVAL=$(/bin/awk '/^\s*UID_MIN/{print $2}' /etc/login.defs); 
LINES=$(sudo find / -xdev -perm -4000 -o -perm -2000 -type f); for LINE in 
$LINES; do LINE1="-a always,exit -F  path=$LINE -F perm=x -F 
auid>=$UIDMINVAL -F auid!=4294967295 -k privileged"; if [ $(sudo cat 
/etc/audit/rules.d/audit.rules |/bin/egrep -- "^$LINE1" | wc -l) -eq 0 ]; 
then LINE2="-a always,exit -F path=$LINE -F perm=x -F auid>=$UIDMINVAL -F 
auid!=4294967295 -k privileged"; if [ $(sudo cat 
/etc/audit/rules.d/audit.rules |/bin/egrep -- "^$LINE2" | wc -l) -eq 0 ]; 
then echo "$LINE2 - not found in /etc/audit/rules.d/audit.rules"; fi; fi; 
done
      register: fileout  
      tags: fileout   
    - debug: msg="{{ fileout.stdout_lines }}"  

>From already thank you very much.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/27ade5a1-c4c4-4b1b-9815-15912749ea67n%40googlegroups.com.

[ansible-project] Bash to ansible

Reply via email to