我正在尝试检查路径中名为“deployments”的所有目录的组所有权。为此,我使用for命令循环并将所有部署dir存储在变量中。然后使用grep我正在检查是否有任何偏差。以下是我的任务。问题是它不工作,即使群体所有权不同,它也没有检测到它。 我如何检查并修复我在shell模块中传递的命令如何由shell模块正确运行。
---
- name: deployment dir group ownership check
shell: for i in `find /{{ path }} -name deployments -type d -print`;do ls -ld $i | grep -v 'sag';done > /dev/null 2>&1; echo $?
register: find_result
delegate_to: "{{ pub_server }}"
changed_when: False
ignore_errors: true
tags:
- deployment_dir
- debug: var=find_result
- name: status of the group in deployments dir
shell: echo "Success:Deployments dir is owned by sag group in {{ path }} in server {{ pub_server }}" >> groupCheck.log
when: find_result.stdout == "1"
changed_when: False
tags:
- deployment_dir
- name: status of the group in deployments dir
shell: echo "Fail:Deployments dir is NOT owned by sag group in {{ path }} in server {{ pub_server }}" >> groupCheck.log
changed_when: False
when: find_result.stdout == "0"
tags:
- deployment_dir
答案 0 :(得分:0)
为什么将这个shell与find一起使用?
您可以stat该文件夹,然后获取UID和GID以设置这些权限...
---
- hosts: localhost
gather_facts: no
connection: local
tasks:
- stat:
path: /tmp
register: tmp
- debug: msg="Uid {{ tmp.stat.uid }} - Guid {{ tmp.stat.gid }}"
Playbook run:
PLAY ***************************************************************************
TASK [stat] ********************************************************************
ok: [localhost]
TASK [debug] *******************************************************************
ok: [localhost] => {
"msg": "Uid 0 - Guid 0"
}
Tmp文件夹:
14:17:17 kelson@local:/# ls -la /
drwxrwxrwt 23 root root 4096 Mai 14 14:17 tmp
使用这种思路,你可以使用find模块,注册输出并使用stat和你的结果来寻找每个文件夹权限或设置你想要的那些...