Hi,
I can’t seem to make this work from the command line:
ansible -m lineinfile -a “dest=/etc/ssh/sshd_config backup=yes backrefs=yes regexp=‘^(AllowGroups .*)$’ line=‘\1 groupname’” -vvv -s -K local
which replaces the whole “AllowGroups .*” line with " wheel".
The playbook entry works fine, though:
lineinfile dest=/etc/ssh/sshd_config backup=yes backrefs=yes regexp=“^(AllowGroups .*)$” line=“\1 $groupname”
I’m most likely escaping it wrong? Any pointers will be greatly appreciated. Thanks.
I’m only skimming this, but
.*
is a greedy expression so you will want to terminate it with something?
I’m also not sure what you think “$groupname” is but it’s not something Ansible gives you.
switch the quotes. quote the argument string with single quotes to keep the shell from messing with it:
ansible -m lineinfile -a 'dest=/etc/ssh/sshd_config backup=yes backrefs=yes regexp="^(AllowGroups .*)$" line="\\1 $groupname"' -vvv -s -K local
regards,
-ap
And this is not idempotent as it append the contents of the $groupname to the AllowGroups declaration
Not necessarely what you want
Phil
It worked! Thanks.
Admittedly, this is an off-band change to the standard sshd_config
file -- necessary for those one-off tasks to provide temporary SSH
access to certain groups. ("$groupname" is just a placeholder I used;
it will be replaced by the actual group name when invoked. Sorry for
the misunderstanding.)
Thanks again, all!