From ed2814bce6a78288c9427532360db9fccfc73527 Mon Sep 17 00:00:00 2001 From: Nathan Moyer Date: Fri, 12 Jul 2024 08:28:28 -0400 Subject: [PATCH 1/2] Add changed_when line for awk command to allow for idempotency when no results are found. --- .../no_empty_passwords_etc_shadow/ansible/shared.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords_etc_shadow/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords_etc_shadow/ansible/shared.yml index eb6c9b98195..040fe1dd280 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords_etc_shadow/ansible/shared.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords_etc_shadow/ansible/shared.yml @@ -8,6 +8,7 @@ command: > awk -F: '!$2 {print $1}' /etc/shadow register: users_nopasswd + changed_when: users_nopasswd.stdout_lines | length > 0 - name: Lock users with no password command: > From 97b87d5215b858924611e9bc1849220193a54dfe Mon Sep 17 00:00:00 2001 From: namoyer10 <48189779+namoyer10@users.noreply.github.com> Date: Wed, 17 Jul 2024 08:25:46 -0400 Subject: [PATCH 2/2] Changed_when to false --- .../no_empty_passwords_etc_shadow/ansible/shared.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords_etc_shadow/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords_etc_shadow/ansible/shared.yml index 040fe1dd280..79abb77db67 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords_etc_shadow/ansible/shared.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords_etc_shadow/ansible/shared.yml @@ -8,7 +8,7 @@ command: > awk -F: '!$2 {print $1}' /etc/shadow register: users_nopasswd - changed_when: users_nopasswd.stdout_lines | length > 0 + changed_when: false - name: Lock users with no password command: >