What is the reason you want to use ansible?
On Tue, 19 Oct 2021 at 03:01, Mario Procopio <mariotc...@gmail.com> wrote:
> Hi there.
>
> I'm trying to use ansible to automate standard controls on redhat servers,
> I have several bash scripts that I currently run locally on each server so
> I can control them.
>
> Script in bash
>
> [image: pbash.PNG]
> today=`date`
> host=`hostname`
> version=`cat /etc/redhat-release`
> direccionip=`hostname -i`
> user=`whoami`
> azure=`systemd-detect-virt`
> echo
> "############################################################################################"
> echo "### HOSTNAME $host"
> echo "### VERSION $version"
> echo "### DIRECCION IP $direccionip"
> echo "### TIPO (AWS=kvm, zen o microsoft | Azure=hyper-v | Vmware=vmware)
> $azure"
> echo "### FECHA $today"
> echo "### USUARIO $user"
> echo
> "############################################################################################"
> echo " "
> echo
> "############################################################################################"
> echo "### 5.12 - Configure data retention ###"
> echo
> "############################################################################################"
> echo " "
> echo "### 5.12.6 - Collect privileged command usage ###"
> echo " "
> UIDMINVAL=$(/bin/awk '/^\s*UID_MIN/{print $2}' /etc/login.defs);
> LINES=$(sudo find / -xdev -perm -4000 -o -perm -2000 -type f); for LINE in
> $LINES; do LINE1="-a always,exit -F path=$LINE -F perm=x -F
> auid>=$UIDMINVAL -F auid!=4294967295 -k privileged"; if [ $(sudo cat
> /etc/audit/rules.d/audit.rules |/bin/egrep -- "^$LINE1" | wc -l) -eq 0 ];
> then LINE2="-a always,exit -F path=$LINE -F perm=x -F auid>=$UIDMINVAL -F
> auid!=4294967295 -k privileged"; if [ $(sudo cat
> /etc/audit/rules.d/audit.rules |/bin/egrep -- "^$LINE2" | wc -l) -eq 0 ];
> then echo "$LINE2 - not found in /etc/audit/rules.d/audit.rules"; fi; fi;
> done
> echo " "
> echo
> "############################################################################################"
> echo "### Fin ###"
> echo
> "############################################################################################"
>
>
> ere is my playbook that I am trying to put together in ansible. Everything
> works perfect, until I add line 12 and there it fails.
>
> [image: ansible.PNG]
> - name: Shell Examples
> hosts: all
> tasks:
> - name: Check Date with Shell command
> shell: |
> date
> hostname
> cat /etc/redhat-release
> hostname -i
> whoami
> systemd-detect-virt
> UIDMINVAL=$(/bin/awk '/^\s*UID_MIN/{print $2}' /etc/login.defs);
> LINES=$(sudo find / -xdev -perm -4000 -o -perm -2000 -type f); for LINE in
> $LINES; do LINE1="-a always,exit -F path=$LINE -F perm=x -F
> auid>=$UIDMINVAL -F auid!=4294967295 -k privileged"; if [ $(sudo cat
> /etc/audit/rules.d/audit.rules |/bin/egrep -- "^$LINE1" | wc -l) -eq 0 ];
> then LINE2="-a always,exit -F path=$LINE -F perm=x -F auid>=$UIDMINVAL -F
> auid!=4294967295 -k privileged"; if [ $(sudo cat
> /etc/audit/rules.d/audit.rules |/bin/egrep -- "^$LINE2" | wc -l) -eq 0 ];
> then echo "$LINE2 - not found in /etc/audit/rules.d/audit.rules"; fi; fi;
> done
> register: fileout
> tags: fileout
> - debug: msg="{{ fileout.stdout_lines }}"
>
> From already thank you very much.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/27ade5a1-c4c4-4b1b-9815-15912749ea67n%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/27ade5a1-c4c4-4b1b-9815-15912749ea67n%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
>
--
Sent from a mobile device - please excuse the brevity, spelling and
punctuation.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CAL8fbwO1BQ7pjgNMJNH7YOkEwvYbVSjM0ih4D9vXZfFM9cY03A%40mail.gmail.com.
