Ok the scenario is I want to reset a users password on a system, but only
if the user already exists. I cant find anyway to do this with existing
modules, so I have reverted to a playbook. I'm not sure if my approach is
fundamentally wrong but i can't get it to work at the moment.
I use this sample dictionary. The accounts dont exist on the remote test
system, so the idea is the adduser task doesn't trigger. However if it did
it would giving me the desired password reset.
# cat .userlist.yml
grps:
crabtree: {}
crabtree2: {}
ut: {}
uts: {}
utsb: {}
users:
crabtree:
comment: ''
group: crabtree
groups: crabtree,ut,uts,utsb
name: crabtree
password:
$6$XaPMGsKF$1PThCIJDfpCbnWn/AB1uCox06k9ircsFJ8LFrCl1510E3toGJNmCye88PoEKLpxTrnpibKiGHsh0ff11apUWJ/
crabtree2:
comment: ''
group: crabtree2
groups: crabtree2,ut,uts,utsb
name: crabtree2
password:
$6$2CMAcCiX$v2sFL5VKJ/HTVoRsGPpOju1/gJXQxjiC55CLVcngspUyLs3X2hWpdIF1igMrBECDo9OdU.vnvtNdG/MJzD1tH0
The following doesnt work as the variable structure doesnt really help
# cat //usr/local/scripts/ansible/playbooks/reset_password2.yml
---
- hosts: all
gather_facts: no
vars_files:
- ~/.userlist.yml
tasks:
- name: Is user on this system?
action: shell grep ^{{ item.value.name }} /etc/passwd
register: R_they
with_dict: users
changed_when: "R_they.rc == 0"
failed_when: "R_they.rc > 255"
- name: Reset Password
action: user name={{ item.value.name }} state=present
password={{item.value.password}} update_password=always
comment="{{item.value.comment}}"
with_dict: users
when: R_they.{{ item.value.name }}.rc == 0
#
looking at it the other way around and cycling through the results is fine
and I can match fine and I get the skips when the account doesnt exist.
What I cant figure yet is how to pull the data from the dictionary in the
action statement as I cant use the with_dict option at the same time as
looping the results
- name: Reset Password
# ????
action: user name=users['item.item.key']['name'] state=present
password=users['item.item.key']['password'] update_password=always
comment=users['item.item.key']['comment']
# ????
with_items: R_they.results
when: item.rc == 0
Can anyone give me any pointers please?
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/0839891e-54a7-4219-a83d-b36504c2b988%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
