我正在尝试检查路径中所有名为"部署"的目录的组所有权。为此,我将 for 循环与 find 命令一起使用,并将所有部署 dir 存储在变量中。然后使用 grep 检查是否有任何偏差。以下是我的任务。问题是它不起作用,即使组所有权不同,它也不会检测到它。 如何检查和修复我在 shell 模块中传递的命令如何通过 shell 模块正确运行。
---
- name: deployment dir group ownership check
shell: for i in `find /{{ path }} -name deployments -type d -print`;do ls -ld $i | grep -v 'sag';done > /dev/null 2>&1; echo $?
register: find_result
delegate_to: "{{ pub_server }}"
changed_when: False
ignore_errors: true
tags:
- deployment_dir
- debug: var=find_result
- name: status of the group in deployments dir
shell: echo "Success:Deployments dir is owned by sag group in {{ path }} in server {{ pub_server }}" >> groupCheck.log
when: find_result.stdout == "1"
changed_when: False
tags:
- deployment_dir
- name: status of the group in deployments dir
shell: echo "Fail:Deployments dir is NOT owned by sag group in {{ path }} in server {{ pub_server }}" >> groupCheck.log
changed_when: False
when: find_result.stdout == "0"
tags:
- deployment_dir
为什么你用这个外壳和find?
您可以stat文件夹,然后获取用于设置这些权限的 UID 和 GID...
---
- hosts: localhost
gather_facts: no
connection: local
tasks:
- stat:
path: /tmp
register: tmp
- debug: msg="Uid {{ tmp.stat.uid }} - Guid {{ tmp.stat.gid }}"
剧本运行:
PLAY ***************************************************************************
TASK [stat] ********************************************************************
ok: [localhost]
TASK [debug] *******************************************************************
ok: [localhost] => {
"msg": "Uid 0 - Guid 0"
}
Tmp 文件夹:
14:17:17 kelson@local:/# ls -la /
drwxrwxrwt 23 root root 4096 Mai 14 14:17 tmp
使用这种思路,您可以使用find模块,注册输出并在结果中使用 stat 来查找每个文件夹权限或设置您想要的权限......