Skip to content

Instantly share code, notes, and snippets.

@jwkenney

jwkenney/groups.fact

Last active December 23, 2021 17:22
Show Gist options
  • Save jwkenney/7378c96c20d989d40cbacba879557530 to your computer and use it in GitHub Desktop.
Save jwkenney/7378c96c20d989d40cbacba879557530 to your computer and use it in GitHub Desktop.
Download ZIP
Custom Ansible fact for local Linux groups
Raw
groups.fact
#!/usr/bin/env bash
# Requires Bash v4+
# Gather Ansible facts for local Linux groups defined in /etc/group
# Place this under /etc/ansible/facts.d/ on your remote hosts,
# and make it executable. Ansible will save group info under the 'ansible_local' fact,
# whenever a playbook gathers facts.
readarray -t the_groups < <(getent group)
let "lastitem = ${#the_groups[@]} - 1"
echo "{"
for index in "${!the_groups[@]}"; do
IFS=: read -r groupname grouppw gid members <<< "${the_groups[$index]}"
IFS=',' read -ra MEMBER_ARRAY <<< "${members}"
member_list_str=""
for i in "${MEMBER_ARRAY[@]}"; do
[ -z "${member_list_str}" ] && member_list_str="\"${i}\"" || member_list_str="${member_list_str}, \"${i}\""
done
[ ${index} -eq ${lastitem} ] && delim='' || delim=','
cat <<- EOF
"${groupname}": {
"name": "${groupname}",
"gid": ${gid},
"members": [${member_list_str}]
}${delim}
EOF
done
echo "}"
@jwkenney
Copy link
Author

jwkenney commented Dec 10, 2021
edited
Loading

This is an example of a custom/local Ansible fact for local Linux groups on a node.

Requirements:

  • Bash v4+
  • Tested on RHEL 7/8, Ubuntu 20.04

Usage:

  1. Create folder /etc/ansible/facts.d/ on all of your remote Linux nodes, and copy the file in as groups.fact
  2. Make the file executable with: chmod +x /etc/ansible/facts.d/groups.fact
  3. To test from the remote node: log into the node with the same credentials Ansible uses, and execute the file like any bash script
  4. To test from your Ansible controller, run the following command (including the comma): ansible -i your_host, -m setup your_host
  5. You should see the facts populate under ansible_local.groups for the node.

Data for groups should look like below:

    "sys": {
      "name": "sys",
      "gid": 3,
      "members": []
    },
    "adm": {
      "name": "adm",
      "gid": 4,
      "members": ["syslog", "joeshmoe"]
    },
    "tty": {
      "name": "tty",
      "gid": 5,
      "members": ["syslog"]
    },

Troubleshooting:

  • The script throws errors when executed.
    • Ensure your OS has Bash v4 or higher available. bash --version
  • The facts do not appear for the node(s) when I run a playbook.
    • The data should appear under the ansible_local.users fact.
    • Ensure that the file has been copied to each node, the file is executable, and that Ansible's connecting user has permissions to execute it. chmod +x /etc/ansible/facts.d/groups.fact

Alternatives:

The official getent module included with Ansible, allows you to quickly parse the various databases for users, groups, etc. into a set of facts as well. The resulting facts are very basic, with each entry split into an array of values. You will need to know which values correspond to what settings for a given database.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment