I've got a set of systems that have a configuration file with the "immutable" flag set on them by a previous setup process. The "lsattr /etc/security/access.conf" on a RHEL 6 system shows the "i" flag set. Manually doing a "chattr -i /etc/security/access.conf" removes the flag, but I'd like to have Ansible remove this flag if found on a few of these files.
I setup a playbook with this play: - name: "Remove immutable flag" file: path: /etc/security/access.conf attributes: "-i" The documentation isn't clear on what "attributes" can be but the file module call chattr with the "=" precursor before the attributes. For my case, I can just send "e" as the attribute (which effectively removes "i", the only attribute on this file usually), but it doesn't make it easy to enforce a single change without knowing and setting all attributes. (Admittedly that would be more idempotent.) Can someone update the the documentation, to add this note on the usage? Or, can the command line fed to chattr be updated to remove the "=" before the attributes when a +/- is present in the attributes line? That makes it easy to use "-i" to remove immutable, or "+i" to add immutable flag, though I haven't thought through the ramifications and idempotent features... Thanks, Dan -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/c19b9490-ee85-4ce0-828e-6cdebc6d9b0c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.