Hi there.
I’m trying to use ansible to automate standard controls on redhat servers, I have several bash scripts that I currently run locally on each server so I can control them.
Script in bash
today=date
host=hostname
version=cat /etc/redhat-release
direccionip=hostname -i
user=whoami
azure=systemd-detect-virt
echo “############################################################################################”
echo “### HOSTNAME $host”
echo “### VERSION $version”
echo “### DIRECCION IP $direccionip”
echo “### TIPO (AWS=kvm, zen o microsoft | Azure=hyper-v | Vmware=vmware) $azure”
echo “### FECHA $today”
echo “### USUARIO $user”
echo “############################################################################################”
echo " "
echo “############################################################################################”
echo “### 5.12 - Configure data retention ###”
echo “############################################################################################”
echo " "
echo “### 5.12.6 - Collect privileged command usage ###”
echo " "
UIDMINVAL=$(/bin/awk ‘/^\s*UID_MIN/{print $2}’ /etc/login.defs); LINES=$(sudo find / -xdev -perm -4000 -o -perm -2000 -type f); for LINE in $LINES; do LINE1=“-a always,exit -F path=$LINE -F perm=x -F auid>=$UIDMINVAL -F auid!=4294967295 -k privileged”; if [ $(sudo cat /etc/audit/rules.d/audit.rules |/bin/egrep – “^$LINE1” | wc -l) -eq 0 ]; then LINE2=“-a always,exit -F path=$LINE -F perm=x -F auid>=$UIDMINVAL -F auid!=4294967295 -k privileged”; if [ $(sudo cat /etc/audit/rules.d/audit.rules |/bin/egrep – “^$LINE2” | wc -l) -eq 0 ]; then echo “$LINE2 - not found in /etc/audit/rules.d/audit.rules”; fi; fi; done
echo " "
echo “############################################################################################”
echo “### Fin ###”
echo “############################################################################################”
ere is my playbook that I am trying to put together in ansible. Everything works perfect, until I add line 12 and there it fails.
- name: Shell Examples
hosts: all
tasks: - name: Check Date with Shell command
shell: |
date
hostname
cat /etc/redhat-release
hostname -i
whoami
systemd-detect-virt
UIDMINVAL=$(/bin/awk ‘/^\s*UID_MIN/{print $2}’ /etc/login.defs); LINES=$(sudo find / -xdev -perm -4000 -o -perm -2000 -type f); for LINE in $LINES; do LINE1=“-a always,exit -F path=$LINE -F perm=x -F auid>=$UIDMINVAL -F auid!=4294967295 -k privileged”; if [ $(sudo cat /etc/audit/rules.d/audit.rules |/bin/egrep – “^$LINE1” | wc -l) -eq 0 ]; then LINE2=“-a always,exit -F path=$LINE -F perm=x -F auid>=$UIDMINVAL -F auid!=4294967295 -k privileged”; if [ $(sudo cat /etc/audit/rules.d/audit.rules |/bin/egrep – “^$LINE2” | wc -l) -eq 0 ]; then echo “$LINE2 - not found in /etc/audit/rules.d/audit.rules”; fi; fi; done
register: fileout
tags: fileout - debug: msg=“{{ fileout.stdout_lines }}”
From already thank you very much.