Shi*_*r G 5 linux shell openssh ansible
我正在尝试制作可以sshd_config正确处理的 ansible 任务。我从其他问题中找到了类似的正则表达式,但它们什么也没做。
name: Disable SSH password authentication
become: true
lineinfile:
dest: /etc/ssh/sshd_config
regexp: '^#?\s*PasswordAuthentication\s'
line: 'PasswordAuthentication no'
state: present
问题是它应该处理重复的通道和注释。例如:
PasswordAuthentication no
PasswordAuthentication yes
或者
PasswordAuthentication no
PasswordAuthentication no
或者
PasswordAuthentication yes
PasswordAuthentication yes
或者
PasswordAuthentication no
#PasswordAuthentication no
或者
PasswordAuthentication no
# PasswordAuthentication no
或者
# PasswordAuthentication no
# PasswordAuthentication no
等等这么多的组合。但我只想有一个未注释的行PasswordAuthentication no
这可能吗?
问:“处理重复行以及注释......有单个未注释行PasswordAuthentication no”
A:给定文件列表
my_files:
- sshd_config.0
- sshd_config.1
- sshd_config.2
- sshd_config.3
- sshd_config.4
- sshd_config.5
和内容
shell> for f in files-17/*; do printf "\n%s\n" $f; cat $f; done
files-17/sshd_config.0
PasswordAuthentication no
PasswordAuthentication yes
files-17/sshd_config.1
PasswordAuthentication no
PasswordAuthentication no
files-17/sshd_config.2
PasswordAuthentication yes
PasswordAuthentication yes
files-17/sshd_config.3
PasswordAuthentication no
#PasswordAuthentication no
files-17/sshd_config.4
PasswordAuthentication no
# PasswordAuthentication no
files-17/sshd_config.5
# PasswordAuthentication no
# PasswordAuthentication no
下面的任务删除除第一行之外的所有内容,其中包括PasswordAuthentication
- replace:
path: 'files-17/{{ item }}'
after: 'PasswordAuthentication'
regexp: '^(.*)PasswordAuthentication(.*)$'
replace: ''
loop: "{{ my_files }}"
给出
shell> for f in files-17/*; do printf "\n%s\n" $f; cat $f; done
files-17/sshd_config.0
PasswordAuthentication no
files-17/sshd_config.1
PasswordAuthentication no
files-17/sshd_config.2
PasswordAuthentication yes
files-17/sshd_config.3
PasswordAuthentication no
files-17/sshd_config.4
PasswordAuthentication no
files-17/sshd_config.5
# PasswordAuthentication no
下一个任务将这些行替换为PasswordAuthentication no
- lineinfile:
path: 'files-17/{{ item }}'
regexp: '^(.*)PasswordAuthentication(.*)$'
line: 'PasswordAuthentication no'
loop: "{{ my_files }}"
给出
shell> for f in files-17/*; do printf "\n%s\n" $f; cat $f; done
files-17/sshd_config.0
PasswordAuthentication no
files-17/sshd_config.1
PasswordAuthentication no
files-17/sshd_config.2
PasswordAuthentication no
files-17/sshd_config.3
PasswordAuthentication no
files-17/sshd_config.4
PasswordAuthentication no
files-17/sshd_config.5
PasswordAuthentication no
任务的顺序是幂等的。
| 归档时间: |
|
| 查看次数: |
10213 次 |
| 最近记录: |