我目前正在编写一个 Ansible 脚本,该脚本应该在运行 Debian 或 CentOS 的每台主机上更新 openssl。在主机上,我们的 SSH 密钥是为我自己的用户存放的or根。我想检查我的用户是否存在于主机上,如果不存在,我想使用根用户进行身份验证。有可能这样做吗?我用 bash 命令尝试过,但我想检查我的用户是否存在before我正在运行任务。也许我的问题还有其他解决方案,但我不知道。运行此剧本会引发语法错误。我的脚本现在看起来像这样:
---
- hosts: "{{ host_group }}"
remote_user: "{{ username }}"
tasks:
# Check whether there's a existinig user or whether you have to use root
- name: Check whether there's your user on the machine
action: shell /usr/bin/getent passwd $username | /usr/bin/wc -l | tr -d ''
register: user_exist
remote_user: root
when: user_exist.stdout == 0
tags:
- users
# Install openssl on Ubuntu or Debian
- name: Install openssl on Ubuntu or Debian
become: True
become_user: root
apt: name=openssl state=latest
when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
# Install openssl on CentOS or RHEL
- name: Install openssl on CentOS or RHEL
become: True
become_user: root
yum: name=openssl state=latest
when: ansible_distribution == 'CentOS' or ansible_distribution == 'Red Hat Enterprise Linux'
您可以使用以下命令测试连接local_action first.
Ansible需要确定如何连接到主机,否则会触发host unreachable错误并跳过该主机的剩余任务。
像这样的东西:
- hosts: myservers
gather_facts: no # or it will fail on the setup step
tasks:
- name: Test user
local_action: "command ssh -q -o BatchMode=yes -o ConnectTimeout=3 {{ inventory_hostname }} 'echo ok'"
register: test_user
ignore_errors: true
changed_when: false
- name: Do useful stuff
remote_user: "{{ test_user | success | ternary(omit, 'root') }}"
command: echo ok
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)
