Hi Sathya,
You could get a list of current packages via 'yum list' or whatever package
manager, then use that as the list of packages as the variable, and do
something like the following. Maintaining and parsing that 'master' list
however might be quite cumbersome.
name: remove unwanted packages
package:
name: "{{ item }}"
state: absent
when item not in good_packages
Of course the simpler and saner way would be to just restrict people from
installing packages in the first place. ;)
On Sat, Oct 27, 2018 at 10:44 AM Sathya Narayanan <mycer...@gmail.com>
wrote:
> Hi All,
>
> I am new to ansible and I would like to understand or get some ideas about
> how to use ansible to maintain standard operating system environment.
>
> For example : I would like to have ansible to check all my existing OS
> (Amazon Linux) to see if there are any additional package installed.
>
> The idea is to have a list of rpm names as standard packages, and ansible
> should monitor if all my systems are having only the list of approved rpms.
> In case of any extra rpms installed by any of the engineer, then ansible
> should automatically remove it.
>
> Not sure, if I have explained my ask clear, but the idea is to have
> ansible maintain software inventory (approved software) and any
> unauthorized software installed, then it should notify via email and remove
> that software.
>
> Regards,
> Sathya.R
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CACqv84jQ%2BpHqRtk4fAoCvyhey-o6cRgugv0uOWnNn4Odf%2BgEDA%40mail.gmail.com
> <https://groups.google.com/d/msgid/ansible-project/CACqv84jQ%2BpHqRtk4fAoCvyhey-o6cRgugv0uOWnNn4Odf%2BgEDA%40mail.gmail.com?utm_medium=email&utm_source=footer>
> .
> For more options, visit https://groups.google.com/d/optout.
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CAH4rTPtxobZgb%3DiD4qGpfvQJg17d1Z5EeZD41_Ry6pz%2BVwLkJA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
