Playbook ansible permisos

Get Help
12

Okay, here’s an even shorter version that loads the list of files and directories from a file.

The grep in the first task skips blank lines and lines where the first non-space character is a pound sign (#), so you can put in comments and some white-space to help manage the file.

There’s a commented-out one-line quick-n-dirty debug task in case you want to see how the registered output from the stat module is structured.

This version dispenses with the set_fact steps, instead looping over paths_stats filtered to include just the directory names or file names relevant to your target host.

Change the value of “paths_to_fix_filename” to point to your file of file and directory names. You might want to experiment with a very small subset of files – five or six maybe – on a very small subset of target hosts (1?) until you’re comfortable with what it’s doing.

The biggest question in the “what it’s doing” category is about the “recurse: true” on the “Fix mode of existing directories” task. That’s a mighty big hammer for a guy with only two thumbs, so be careful.

---
# file-mode-fix.yml
- name: File mode parameter
  hosts: localhost  # ← Use whatever is appropriate here
  gather_facts: false
  vars:
    paths_to_fix_filename: file-mode-fix-interesting_files.txt

  tasks:
    - name: Load interesting_files
      ansible.builtin.command:
        grep -v -E '^ *(#.*)?$' "{{ paths_to_fix_filename }}"
      changed_when: false
      register: paths_to_fix

    - name: Stat paths_to_fix
      ansible.builtin.stat:
        path: '{{ item }}'
      loop: '{{ paths_to_fix.stdout_lines }}'
      register: paths_stats

#   - debug: msg='{{ paths_stats }}'

    - name: Fix mode of existing directories
      ansible.builtin.file:
        path: '{{ item }}'
        mode: 'o-rwx' # or however you want to change directory modes
        state: directory
        recurse: true  # or false if you don't want to do this to all sub-directories
      loop: '{{ paths_stats.results
                | selectattr("stat.exists")
                | selectattr("stat.isdir")
                | map(attribute="stat.path") }}'

    - name: Fix mode of existing files
      ansible.builtin.file:
        path: '{{ item }}'
        mode: 'o-rwx' # or however you want to change file modes
        state: file
      loop: '{{ paths_stats.results
                | selectattr("stat.exists")
                | selectattr("stat.isreg")
                | map(attribute="stat.path") }}'
1 Like