1.用ansible做安全自查,形成报告
--- - hosts: huidu tasks: - name: register shell result to variable shell: ps aux|grep 18086|grep -v 'grep'|wc -l register: host_ps - name: get 18086 count and judge if ok debug: msg: "{{ host_ps['stdout']}}" - name: get ssh version shell: ssh -V register: ssh_version - name: echo ssh -V result debug: msg: "{{ ssh_version['stderr_lines'] }}" - name: judge root login permission shell: cat /etc/ssh/sshd_config|grep -i 'PermitRootLogin'|grep -i yes|wc -l register: root_ssh - name: get ps num into a file template: src=ps.html.j2 dest=/tmp/ps.html
2.jinja2模板
items result ok/nook process num {{ host_ps['stdout']}} {% if "{{host_ps['stdout']}}" ==2 %} ok {% else %} not ok {% endif %} ssh_version {{ ssh_version['stderr_lines']}} 'judge myself' root_ssh {{ root_ssh}} {% if "{{root_ssh['stdout']}}" != '0' %} ok {% else %} not ok {% endif %}
3.形成报告