removing a domain form sssd.conf

18 views
Skip to first unread message

Lewis Carroll

unread,
Feb 1, 2019, 8:22:58 AM2/1/19
to Ansible Project
I am trying to figure out how to use replace or lineinfile to remove a domain entry in sssd.conf. Here is example:

[domain/example]
cache_credentials = false
enumerate = true
ldap_schema = rfc2307
ldap_rfc2307_fallback_to_local_users = true
ldap_search_base = dc=example,dc=com
id_provider = ldap
auth_provider = ldap
chpass_provider = ldap
sudo_provider = ldap
ldap_uri = ldaps://ldap1.example.com:636, ldaps://ldap2.example.com:636, ldaps://ldap3.example.com:636
ldap_chpass_uri = ldaps://ldap1.example.com:636
ldap_tls_reqcert = allow
access_provider = simple
simple_allow_groups = example_admins
 
[sssd]
...

  I tried this:
  
     - replace:
        path: '/home/admin/sssd.conf'
        regexp: '.*'
        before: '[sssd]'
        backup: yes

My thought is that this would remove every line before '[sssd]'. But instead it pretty much deletes the whole file. I have a workaround using sed via the command module. But I'd like to use replace or lineinfile. Any ideas? I also figured I could use a loop of regexps. Just seem like this should be simple. Heck the sed is simple for this.

sed -i '/^\[domain\/example\]/,/^$/d' /etc/sssd/sssd.conf

Kai Stian Olstad

unread,
Feb 1, 2019, 10:11:59 AM2/1/19
to ansible...@googlegroups.com
The before is also regexp so you need to escape the [] too.
If you do that it will delete everything from the start of the file to
the [sssd]


> But instead it pretty much deletes the whole file.

Since it can't find [sssd] because of the missing escape it will remove
the content of every line.


> I have a workaround using
> sed via the command module. But I'd like to use replace or lineinfile.
> Any
> ideas? I also figured I could use a loop of regexps. Just seem like
> this
> should be simple. Heck the sed is simple for this.
>
> sed -i '/^\[domain\/example\]/,/^$/d' /etc/sssd/sssd.conf

This one will work more or less like you sed

- replace:
path: /home/admin/sssd.conf
regexp: '(?s)\[domain/example\].*?^$'
backup: yes

--
Kai Stian Olstad

Lewis Carroll

unread,
Feb 1, 2019, 10:57:08 AM2/1/19
to Ansible Project
Nice. I new I was missing something. I went with the second option. It replaced all the text with a blank line. The former left a blank line for each match.

S C Rigler

unread,
Feb 1, 2019, 8:33:37 PM2/1/19
to ansible...@googlegroups.com
Or you could use the ini_file module to remove the section.

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/ff5c8052-01db-406f-a0cd-fcb94cec2671%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages