Bash to ansible

37 views
Skip to first unread message

Mario Procopio

unread,
Oct 18, 2021, 9:01:19 PM10/18/21
to Ansible Project

Hi there.

I'm trying to use ansible to automate standard controls on redhat servers, I have several bash scripts that I currently run locally on each server so I can control them.

Script in bash

 pbash.PNG

today=`date`
host=`hostname`
version=`cat /etc/redhat-release`
direccionip=`hostname -i`
user=`whoami`
azure=`systemd-detect-virt`
echo "############################################################################################"
echo "### HOSTNAME  $host"
echo "### VERSION   $version"
echo "### DIRECCION IP  $direccionip"
echo "### TIPO (AWS=kvm, zen o microsoft | Azure=hyper-v | Vmware=vmware)   $azure"
echo "### FECHA $today"
echo "### USUARIO   $user"
echo "############################################################################################"
echo " "
echo "############################################################################################"
echo "### 5.12 - Configure data retention  ###"
echo "############################################################################################"
echo " "
echo "### 5.12.6 - Collect privileged command usage ###"
echo " "
UIDMINVAL=$(/bin/awk '/^\s*UID_MIN/{print $2}' /etc/login.defs); LINES=$(sudo find / -xdev -perm -4000 -o -perm -2000 -type f); for LINE in $LINES; do LINE1="-a always,exit -F  path=$LINE -F perm=x -F auid>=$UIDMINVAL -F auid!=4294967295 -k privileged"; if [ $(sudo cat /etc/audit/rules.d/audit.rules |/bin/egrep -- "^$LINE1" | wc -l) -eq 0 ]; then LINE2="-a always,exit -F path=$LINE -F perm=x -F auid>=$UIDMINVAL -F auid!=4294967295 -k privileged"; if [ $(sudo cat /etc/audit/rules.d/audit.rules |/bin/egrep -- "^$LINE2" | wc -l) -eq 0 ]; then echo "$LINE2 - not found in /etc/audit/rules.d/audit.rules"; fi; fi; done
echo " "
echo "############################################################################################"
echo "### Fin ###"
echo "############################################################################################"


ere is my playbook that I am trying to put together in ansible. Everything works perfect, until I add line 12 and there it fails.

ansible.PNG

- name: Shell Examples
  hosts: all
  tasks:
    - name: Check Date with Shell command
      shell: |
          date
          hostname
          cat /etc/redhat-release
          hostname -i
          whoami
          systemd-detect-virt
          UIDMINVAL=$(/bin/awk '/^\s*UID_MIN/{print $2}' /etc/login.defs); LINES=$(sudo find / -xdev -perm -4000 -o -perm -2000 -type f); for LINE in $LINES; do LINE1="-a always,exit -F  path=$LINE -F perm=x -F auid>=$UIDMINVAL -F auid!=4294967295 -k privileged"; if [ $(sudo cat /etc/audit/rules.d/audit.rules |/bin/egrep -- "^$LINE1" | wc -l) -eq 0 ]; then LINE2="-a always,exit -F path=$LINE -F perm=x -F auid>=$UIDMINVAL -F auid!=4294967295 -k privileged"; if [ $(sudo cat /etc/audit/rules.d/audit.rules |/bin/egrep -- "^$LINE2" | wc -l) -eq 0 ]; then echo "$LINE2 - not found in /etc/audit/rules.d/audit.rules"; fi; fi; done
      register: fileout  
      tags: fileout  
    - debug: msg="{{ fileout.stdout_lines }}"  

From already thank you very much.

Dick Visser

unread,
Oct 19, 2021, 12:44:08 AM10/19/21
to ansible...@googlegroups.com
What is the reason you want to use ansible?

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/27ade5a1-c4c4-4b1b-9815-15912749ea67n%40googlegroups.com.
--
Sent from a mobile device - please excuse the brevity, spelling and punctuation.
Reply all
Reply to author
Forward
0 new messages