我试图将shell命令的输出注册到项目列表中的项目属性。
这在循环期间发生,但似乎没有注册属性。在运行任务之后,属性仍然显示值none。我在想我是不是做错了什么?或者有办法做到这一点吗?
变量:
users:
- username: someguy
description: "Some Guy"
groups: ['sudo', 'guy']
new_id: 6001
old_uid:
old_gid:
user_exists:
password: waffles
- username: somedude
description: "Some Dude"
groups: ['dude']
new_id: 6002
old_uid:
old_gid:
user_exists:
password: toast
---
- name: Check if user exists
shell: /usr/bin/getent passwd {{ item.username }} | /usr/bin/wc -l | tr -d ' '
with_items: "{{ users }}"
register: item.user_exists
- name: Check user current UID
shell: /usr/bin/id -u {{ item.username }}
with_items: "{{ users }}"
register: item.old_uid
when: item.user_exists == 1
- name: Check user current GID
shell: /usr/bin/id -g {{ item.username }}
with_items: "{{ users }}"
register: item.old_gid
when: item.user_exists == 1
TASK: [users | Check if user exists] ******************************************
changed: [bserver] => (item={'username': 'someguy', 'password': 'waffles', 'description': 'Some Guy', 'new_id': 6001, 'groups': ['sudo', 'guy'], 'user_exists': None, 'old_uid': None, 'old_gid': None})
changed: [aserver] => (item={'username': 'someguy', 'password': 'waffles', 'description': 'Some Guy', 'new_id': 6001, 'groups': ['sudo', 'guy'], 'user_exists': None, 'old_uid': None, 'old_gid': None})
changed: [aserver] => (item={'username': 'somedude', 'password': 'toast', 'description': 'Some Dude', 'new_id': 6002, 'groups': ['dude'], 'user_exists': None, 'old_uid': None, 'old_gid': None})
changed: [bserver] => (item={'username': 'somedude', 'password': 'toast', 'description': 'Some Dude', 'new_id': 6002, 'groups': ['dude'], 'user_exists': None, 'old_uid': None, 'old_gid': None})
TASK: [users | Check user current UID] ****************************************
skipping: [aserver] => (item={'username': 'someguy', 'password': 'waffles', 'description': 'Some Guy', 'new_id': 6001, 'groups': ['sudo', 'guy'], 'user_exists': None, 'old_uid': None, 'old_gid': None})
skipping: [aserver] => (item={'username': 'somedude', 'password': 'toast', 'description': 'Some Dude', 'new_id': 6002, 'groups': ['dude'], 'user_exists': None, 'old_uid': None, 'old_gid': None})
skipping: [bserver] => (item={'username': 'someguy', 'password': 'waffles', 'description': 'Some Guy', 'new_id': 6001, 'groups': ['sudo', 'guy'], 'user_exists': None, 'old_uid': None, 'old_gid': None})
skipping: [bserver] => (item={'username': 'somedude', 'password': 'toast', 'description': 'Some Dude', 'new_id': 6002, 'groups': ['dude'], 'user_exists': None, 'old_uid': None, 'old_gid': None})
TASK: [users | Check user current GID] ****************************************
skipping: [aserver] => (item={'username': 'someguy', 'password': 'waffles', 'description': 'Some Guy', 'new_id': 6001, 'groups': ['sudo', 'guy'], 'user_exists': None, 'old_uid': None, 'old_gid': None})
skipping: [aserver] => (item={'username': 'somedude', 'password': 'toast', 'description': 'Some Dude', 'new_id': 6002, 'groups': ['dude'], 'user_exists': None, 'old_uid': None, 'old_gid': None})
skipping: [bserver] => (item={'username': 'someguy', 'password': 'waffles', 'description': 'Some Guy', 'new_id': 6001, 'groups': ['sudo', 'guy'], 'user_exists': None, 'old_uid': None, 'old_gid': None})
skipping: [bserver] => (item={'username': 'somedude', 'password': 'toast', 'description': 'Some Dude', 'new_id': 6002, 'groups': ['dude'], 'user_exists': None, 'old_uid': None, 'old_gid': None})
不幸的是,它不是这样工作的。
您的行register: "{{item.user_exists}}"可能会导致在一个名为false的变量中注册的结果。
不能将任务的结果注入到任何对象中。register特性只接受字符串。
另外,register在循环中具有完全不同的行为。它不是分别注册每次迭代,而是注册一个单独的对象,该对象保存键results中所有项的结果。
您仍然可以遍历用户并检查是否存在。但我不认为你会得到你想要的。
首先将结果注册到单个变量中,这里是users_checked:
- name: Check if user exists
shell: /usr/bin/getent passwd {{ item.username }} | /usr/bin/wc -l | tr -d ' '
with_items: users
register: users_checked
我建议您使用debug模块,以始终检查您正在使用的数据结构。
- debug: var=users_checked
显示如下:
"var": {
"users_checked": {
"changed": true,
"msg": "All items completed",
"results": [
{
"changed": true,
"cmd": "/usr/bin/getent passwd someguy | /usr/bin/wc -l | tr -d ' '",
"delta": "0:00:00.005415",
"end": "2015-09-08 20:59:33.379516",
"invocation": {
"module_args": "/usr/bin/getent passwd someguy | /usr/bin/wc -l | tr -d ' '",
"module_name": "shell"
},
"item": {
"description": "Some Guy",
"groups": [
"sudo",
"guy"
],
"new_id": 6001,
"old_gid": null,
"old_uid": null,
"password": "waffles",
"user_exists": null,
"username": "someguy"
},
"rc": 0,
"start": "2015-09-08 20:59:33.374101",
"stderr": "",
"stdout": "0",
"stdout_lines": [
"0"
],
"warnings": []
},
{
"changed": true,
"cmd": "/usr/bin/getent passwd somedude | /usr/bin/wc -l | tr -d ' '",
"delta": "0:00:00.006362",
"end": "2015-09-08 20:59:33.530546",
"invocation": {
"module_args": "/usr/bin/getent passwd somedude | /usr/bin/wc -l | tr -d ' '",
"module_name": "shell"
},
"item": {
"description": "Some Dude",
"groups": [
"dude"
],
"new_id": 6002,
"old_gid": null,
"old_uid": null,
"password": "toast",
"user_exists": null,
"username": "somedude"
},
"rc": 0,
"start": "2015-09-08 20:59:33.524184",
"stderr": "",
"stdout": "0",
"stdout_lines": [
"0"
],
"warnings": []
}
]
}
}
因此,结果不仅包含所有项的实际结果,还包含输入对象。这使您可以遍历users_checked.results而不是原始的users列表。
- name: Check user current UID
shell: /usr/bin/id -u {{ item.item.username }}
with_items: users_checked.results
when: item.stdout == 1
但是现在它会变得很糟糕,因为您想要检查另外两个东西。您可能会继续使用这种方法,注册上面的结果,然后使用注册的数据结构作为下一个循环的输入,但是您最终会得到一个深度嵌套的对象,并且最终在registered_var.results[x].item.results[y].item.results[z].item...的某个地方拥有原始对象。
为了避免这种混乱,您可能需要考虑为该任务创建一个自定义模块。