What is the reason you want to use ansible?
On Tue, 19 Oct 2021 at 03:01, Mario Procopio <[email protected]> wrote:
> Hi there.
>
> I'm trying to use ansible to automate standard controls on redhat servers,
> I have several bash scripts that I currently run locally on each server so
> I can control them.
>
> Script in bash
>
> [image: pbash.PNG]
> today=`date`
> host=`hostname`
> version=`cat /etc/redhat-release`
> direccionip=`hostname -i`
> user=`whoami`
> azure=`systemd-detect-virt`
> echo
> "############################################################################################"
> echo "### HOSTNAME $host"
> echo "### VERSION $version"
> echo "### DIRECCION IP $direccionip"
> echo "### TIPO (AWS=kvm, zen o microsoft | Azure=hyper-v | Vmware=vmware)
> $azure"
> echo "### FECHA $today"
> echo "### USUARIO $user"
> echo
> "############################################################################################"
> echo " "
> echo
> "############################################################################################"
> echo "### 5.12 - Configure data retention ###"
> echo
> "############################################################################################"
> echo " "
> echo "### 5.12.6 - Collect privileged command usage ###"
> echo " "
> UIDMINVAL=$(/bin/awk '/^\s*UID_MIN/{print $2}' /etc/login.defs);
> LINES=$(sudo find / -xdev -perm -4000 -o -perm -2000 -type f); for LINE in
> $LINES; do LINE1="-a always,exit -F path=$LINE -F perm=x -F
> auid>=$UIDMINVAL -F auid!=4294967295 -k privileged"; if [ $(sudo cat
> /etc/audit/rules.d/audit.rules |/bin/egrep -- "^$LINE1" | wc -l) -eq 0 ];
> then LINE2="-a always,exit -F path=$LINE -F perm=x -F auid>=$UIDMINVAL -F
> auid!=4294967295 -k privileged"; if [ $(sudo cat
> /etc/audit/rules.d/audit.rules |/bin/egrep -- "^$LINE2" | wc -l) -eq 0 ];
> then echo "$LINE2 - not found in /etc/audit/rules.d/audit.rules"; fi; fi;
> done
> echo " "
> echo
> "############################################################################################"
> echo "### Fin ###"
> echo
> "############################################################################################"
>
>
> ere is my playbook that I am trying to put together in ansible. Everything
> works perfect, until I add line 12 and there it fails.
>
> [image: ansible.PNG]
> - name: Shell Examples
> hosts: all
> tasks:
> - name: Check Date with Shell command
> shell: |
> date
> hostname
> cat /etc/redhat-release
> hostname -i
> whoami
> systemd-detect-virt
> UIDMINVAL=$(/bin/awk '/^\s*UID_MIN/{print $2}' /etc/login.defs);
> LINES=$(sudo find / -xdev -perm -4000 -o -perm -2000 -type f); for LINE in
> $LINES; do LINE1="-a always,exit -F path=$LINE -F perm=x -F
> auid>=$UIDMINVAL -F auid!=4294967295 -k privileged"; if [ $(sudo cat
> /etc/audit/rules.d/audit.rules |/bin/egrep -- "^$LINE1" | wc -l) -eq 0 ];
> then LINE2="-a always,exit -F path=$LINE -F perm=x -F auid>=$UIDMINVAL -F
> auid!=4294967295 -k privileged"; if [ $(sudo cat
> /etc/audit/rules.d/audit.rules |/bin/egrep -- "^$LINE2" | wc -l) -eq 0 ];
> then echo "$LINE2 - not found in /etc/audit/rules.d/audit.rules"; fi; fi;
> done
> register: fileout
> tags: fileout
> - debug: msg="{{ fileout.stdout_lines }}"
>
> From already thank you very much.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/27ade5a1-c4c4-4b1b-9815-15912749ea67n%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/27ade5a1-c4c4-4b1b-9815-15912749ea67n%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
>
--
Sent from a mobile device - please excuse the brevity, spelling and
punctuation.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CAL8fbwO1BQ7pjgNMJNH7YOkEwvYbVSjM0ih4D9vXZfFM9cY03A%40mail.gmail.com.
