Linux 主机到主机迁移

Question

Mike

Asked: 2022-12-15 00:01:58 +0800 CST2022-12-15 00:01:58 +0800 CST 2022-12-15 00:01:58 +0800 CST

Ansible：grep crontab 文件基于从 /etc/passwd 中提取的用户名

772

我希望从 /etc/passwd 中提取用户列表，然后 grep 他们的 crontab 文件以查找禁用的（注释：^#）作业。

高级步骤是：

从 /etc/passwd ("my_users") 中获取一组用户名
针对步骤 1 中命名的文件运行 grep (/var/spool/cron/{{my_users}})
使用“调试”打印出结果。

我将不胜感激任何建议，这是我到目前为止所拥有的：

  - name: ANSIBLE PLAYBOOK - disabled cronjob check
  hosts: "{{ variable_host | default('testvm') }}"
  remote_user: admin
  gather_facts: no
  become: yes

  tasks:    
  - getent:
      database: passwd
  - name: set_fact
    debugger: on_failed
    ansible.builtin.set_fact:
      my_users: "{{ getent_passwd|dict2items|json_query('[?contains(value,`/bin/bash`)].key') }}"
      cacheable: yes

  - name: set_fact_2
    ansible.builtin.set_fact:
      array_length: "{{ my_users|length }}"
  - debug:
      msg: "Debugging 2: {{ my_users|length }}"

  - name: Get disabled cron jobs
    debugger: always
    loop: "{{ my_users }}"
    ansible.builtin.lineinfile:
      path: "/var/spool/cron/{{ my_users }}"
      regexp: "^#"

这是有问题的输出，这不是我所期望的：

任务 [获取禁用的 cron 作业]********************************************* ****************************************************** ****************************************************** *************************************** 失败：[testvm] (item=n2disk) => {" ansible_loop_var": "item", "changed": false, "item": "n2disk", "msg": "line is required with state=present"} failed: [testvm] (item=cento) => {"ansible_loop_var “：“项目”，“已更改”：false，“项目”：“cento”，“msg”：“state = present需要行”}失败：[testvm]（item = admin）=> {“ansible_loop_var” : "item", "changed": false, "item": "admin", "msg": "line is required with state=present"} 失败：[testvm] (item=nprobe) => {"ansible_loop_var": "item", "changed": false, "item": "nprobe", "msg": "line is required with state=present"}失败：[testvm] (item=root) => {"ansible_loop_var": "item", "changed": false, "item": "root", "msg": "line is required with state=present"} 失败: [testvm] (item=backup) => {"ansible_loop_var": "item", "changed": false, "item": "backup", "msg": "line is required with state=present"}state=present 需要行”} failed: [testvm] (item=root) => {"ansible_loop_var": "item", "changed": false, "item": "root", "msg": "line需要 state=present"} failed: [testvm] (item=backup) => {"ansible_loop_var": "item", "changed": false, "item": "backup", "msg": "line is需要 state=present"}state=present 需要行”} failed: [testvm] (item=root) => {"ansible_loop_var": "item", "changed": false, "item": "root", "msg": "line需要 state=present"} failed: [testvm] (item=backup) => {"ansible_loop_var": "item", "changed": false, "item": "backup", "msg": "line is需要 state=present"}msg": "line is required with state=present"}msg": "line is required with state=present"}

1 个回答

Voted

Vladimir Botka · Answer 1 · 2022-12-15T05:48:03+08:00

作为提示，请参阅下面如何创建包含所有 crontab 信息的字典

^{声明变量

cron_tabs_path: /var/cron/tabs
cron_users: "{{ cron_user.files|map(attribute='path')|
map('basename')|list }}"
cron_tabs: "{{ cron_tab.results|map(attribute='stdout')|
map('community.general.jc', 'crontab')|list }}"
cron_tabs_dict_all: "{{ dict(ansible_play_hosts|
zip(ansible_play_hosts|
map('extract', hostvars, ['cron_tabs_dict']))) }}"

查找所有 crontab 文件 ( cron_users )

- find:
paths: "{{ cron_tabs_path }}"
register: cron_user

读取所有 crontab

- command: "crontab -u {{ item }} -l"
register: cron_tab
loop: "{{ cron_users }}"

创建用户及其 crontab 的字典

- set_fact:
cron_tabs_dict: "{{ dict(cron_users|zip(cron_tabs)) }}"

例如，给定远程主机 test_11 和 test_13 上的 crontab
shell> ssh admin@test_11 sudo crontab -u admin -l
#Ansible: test_1
5 12 * * * echo test 1
#Ansible: test_5
5 14 * * * echo test 5
#Ansible: test_4
5 13 * * * echo test 4
shell> ssh admin@test_11 sudo crontab -u alice -l
#Ansible: test_2
5 13 * * * echo test 2
shell> ssh admin@test_11 sudo crontab -u bob -l
#Ansible: test_3
5 14 * * * echo test 3

shell> ssh admin@test_13 sudo crontab -u admin -l
#Ansible: test_1
5 12 * * * echo test 1
#Ansible: test_4
5 13 * * * echo test 4
#Ansible: test_5
5 14 * * * echo test 5

剧本
shell> cat pb.yml
- hosts: test_11,test_13

vars:

cron_tabs_path: /var/cron/tabs
cron_tabs: "{{ cron_tab.results|map(attribute='stdout')|
map('community.general.jc', 'crontab')|list }}"
cron_users: "{{ cron_user.files|map(attribute='path')|
map('basename')|list }}"
cron_tabs_dict_all: "{{ dict(ansible_play_hosts|
zip(ansible_play_hosts|
map('extract', hostvars, ['cron_tabs_dict']))) }}"

tasks:

- find:
paths: "{{ cron_tabs_path }}"
register: cron_user
- debug:
var: cron_users

- command: "crontab -u {{ item }} -l"
register: cron_tab
loop: "{{ cron_users }}"
- debug:
var: cron_tabs

- set_fact:
cron_tabs_dict: "{{ dict(cron_users|zip(cron_tabs)) }}"
- debug:
var: cron_tabs_dict|to_yaml

- debug:
var: cron_tabs_dict_all|to_yaml
run_once: true

给
cron_tabs_dict_all:
test_11:
admin:
schedule:
- command: echo test 1
day_of_month: ['*']
day_of_week: ['*']
hour: ['12']
minute: ['5']
month: ['*']
- command: echo test 5
day_of_month: ['*']
day_of_week: ['*']
hour: ['14']
minute: ['5']
month: ['*']
- command: echo test 4
day_of_month: ['*']
day_of_week: ['*']
hour: ['13']
minute: ['5']
month: ['*']
variables: []
alice:
schedule:
- command: echo test 2
day_of_month: ['*']
day_of_week: ['*']
hour: ['13']
minute: ['5']
month: ['*']
variables: []
bob:
schedule:
- command: echo test 3
day_of_month: ['*']
day_of_week: ['*']
hour: ['14']
minute: ['5']
month: ['*']
variables: []
test_13:
admin:
schedule:
- command: echo test 1
day_of_month: ['*']
day_of_week: ['*']
hour: ['12']
minute: ['5']
month: ['*']
- command: echo test 4
day_of_month: ['*']
day_of_week: ['*']
hour: ['13']
minute: ['5']
month: ['*']
- command: echo test 5
day_of_month: ['*']
day_of_week: ['*']
hour: ['14']
minute: ['5']
month: ['*']
variables: []

使用getent读取/etc/passwd
- getent:
database: passwd}

Ansible：grep crontab 文件基于从 /etc/passwd 中提取的用户名

新安装后 postgres 的默认超级用户用户名/密码是什么？

SFTP 使用什么端口？

命令行列出 Windows Active Directory 组中的用户？

什么是 Pem 文件，它与其他 OpenSSL 生成的密钥文件格式有何不同？

如何确定bash变量是否为空？

Ansible：grep crontab 文件基于从 /etc/passwd 中提取的用户名

1 个回答

相关问题