我正在学习ansible,并且已经编写了LDAP验证任务。但是,当我运行剧本时,即使验证正确,任务也会失败。
以下是一项烦人的任务,它将检查LDAP密码的最大使用期限
- name: LDAP Validation
shell: /usr/bin/ldapsearch -w admin -H ldap://localhost:10389 -x -D "cn=manager,dc=apache,dc=com" -b "cn=default,ou=pwpolicies,dc=apache,dc=com" | grep 'pwdMaxAge'
register: output
- name: LDAP password age check
fail:
msg: "Password MaxAge not set to 0"
when: output.stdout != "pwdMaxAge: 0"
下面是更新任务后ansible抛出的新语法错误。
ERROR! Syntax Error while loading YAML.
mapping values are not allowed here
The error appears to have been in '/etc/ansible/server/roles/LDAP/tasks/ldap.yml': line 40, column 36, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
msg: "Password MaxAge not set to 0"
when: output.stdout != "pwdMaxAge: 0"
^ here
答案 0 :(得分:1)
变量output是一个字典;将其与字符串进行比较是没有意义的:比较将从不相等。看看the documentation,看看shell模块返回什么值。
例如,您可能最终会像这样检查stdout属性:
- name: LDAP password age check
fail:
msg: "Password MaxAge not set to 0"
when: 'output.stdout != "pwdMaxAge: 0"'
按照@PatrickForget的建议,您可以使用debug任务来检查您的注册变量:
- name: show output variable
debug:
var: output