Do you guys have a good idea what is the best way to determine a group’s id them reuse that in a variable?
For ex:
% getent group monitor
monitor:x:990:polkitd
I need 990, then I have to add a line to /etc/fstab including 990
Thanks!
Hi,
Not tested, but should be closed to what you're looking into :
- getent:
database: group
key: monitor
split: ':'
- debug:
var: getent_group[1]
Regards,
JYL
For example
- getent:
database: group
- debug:
var: getent_group.nobody
gives
getent_group.nobody:
- '*'
- '65534'
Thank you guys, this fixes the first part.
But how do I reuse the output of getent, I tried, the following but didn’t work
-
getent:
database: group -
debug:
var: getent_group.monitor -
name: add line to fstab
lineinfile:
path: /etc/fstab
line: proc /proc proc defaults,hidepid=2,gid={{ var }} 0 0
"The task includes an option with an undefined variable. The error was: ‘var’ is undefined
Use "mount". It will create the entry in fstab
https://docs.ansible.com/ansible/latest/modules/mount_module.html
- getent:
database: group
- debug:
var: getent_group.monitor- name: add line to fstab
lineinfile:
path: /etc/fstab
line: proc /proc proc defaults,hidepid=2,gid={{ var }}
0 0
Set the variable first. "gid" is the second item in the list. For example
- getent:
database: group
- set_fact:
my_gid: "{{ getent_group.monitor.1 }}"
See if this is what you want
- debug:
var: my_gid
Then use this variable to mount procfs. For example
- mount:
path: proc
src: /proc
fstype: proc
opts: "defaults,hidepid=2,gid={{ my_gid }}"
dump: 0
passno: 0
backup: true
state: mounted
(not tested)
It's a good idea to "backup: true" /etc/fstab. Take a look at the parameter
"state" and decide when you want to mount procfs.
Check the playbook first and see what's going to be changed
Thank you, this did it:
-
name: set fact for group
set_fact:
group_id: “{{ getent_group.monitor[1] }}” -
name: Add proc to fstab and mount it
mount:
path: /proc
src: proc
fstype: proc
opts: “defaults,hidepid=2,gid={{ group_id }}”
dump: 0
passno: 0
backup: true
state: mounted