Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Problem with os_always_ignore_users --> template error while templating string: no test named 'in' #785

Open
tsmalmbe opened this issue Aug 8, 2024 · 1 comment
Open

Problem with os_always_ignore_users --> template error while templating string: no test named 'in' #785

tsmalmbe opened this issue Aug 8, 2024 · 1 comment
Labels
bug

Comments

@tsmalmbe
Copy link

tsmalmbe commented Aug 8, 2024
edited by rndmh3ro
Loading

Description

I have installed latest ansible. I am running Python 2.7. Ansible is installed using pip.

This is my playbook:

- hosts: newhardenings
  become: true
  gather_facts: true
  collections:
    - devsec.hardening
  roles: # Custom vars specified in src/main/resources/ansible/inventory/group_vars/all/global_vars.yml
    - role: os_hardening
    - role: ssh_hardening

I am moving from the "old roles" currently and was expecting the change to the new collection "plug and play". I am most likely doing something very stupidly wrong here.

Reproduction steps

This is how I run the playbook:

ansible-playbook --vault-id secrets@vault --ask-become-pass -i production server-hardening-latest.yml

Current Behavior

TASK [devsec.hardening.os_hardening : Extract system accounts from local user database] ********************************************************************************************
fatal: [servername.our.domain]: FAILED! => {"msg": "The conditional check 'item is not in os_always_ignore_users' failed. The error was: template error while templating string: no test named 'in'. String: {% if item is not in os_always_ignore_users %} True {% else %} False {% endif %}\n\nThe error appears to be in '/home/ansible/.ansible/collections/ansible_collections/devsec/hardening/roles/os_hardening/tasks/user_accounts.yml': line 14, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: Extract system accounts from local user database\n  ^ here\n"}

Expected Behavior

I expect this to work. I do not know what else to expect.

OS / Environment

Provide all relevant information below, e.g. target OS versions, network device firmware, etc.
Centos 7

Ansible Version

ansible 2.9.27
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/home/ansible/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /bin/ansible
  python version = 2.7.5 (default, Nov 14 2023, 16:14:06) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)]

Collection Version

Latest, just installed.
@tsmalmbe tsmalmbe added the bug label Aug 8, 2024
@rndmh3ro
Copy link
Member

rndmh3ro commented Aug 8, 2024

I am moving from the "old roles" currently and was expecting the change to the new collection "plug and play".

There were significant changes since the old roles where deprecated.

But I guess your problem is that you're using old, unsupported versions of basically anything. Centos 7 is unsupported, Python 2.7 is unsupported, Ansible 2.9 is unsupported. Try upgrading these, then it should work.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rndmh3ro @tsmalmbe