22 lines
848 B
YAML
22 lines
848 B
YAML
---
|
|
- name: Podman Host | AUDIT | Gather rootless user facts
|
|
ansible.builtin.getent:
|
|
database: passwd
|
|
key: "{{ _podman_host_rootless_user }}"
|
|
register: _podman_host_rootless_user_facts
|
|
|
|
- name: Podman Host | AUDIT | Ensure the rootless user exists
|
|
ansible.builtin.assert:
|
|
that:
|
|
- _podman_host_rootless_user in _podman_host_rootless_user_facts.ansible_facts.getent_passwd.keys()
|
|
fail_msg: "User '{{ _podman_host_rootless_user }}' does not exist on this host."
|
|
|
|
- name: Podman Host | AUDIT | Ensure the rootless user has subuids defined
|
|
ansible.builtin.command:
|
|
cmd: "getsubids {{ _podman_host_rootless_user }}"
|
|
changed_when: false
|
|
|
|
- name: Podman Host | AUDIT | Ensure the rootless user has subgids defined
|
|
ansible.builtin.command:
|
|
cmd: "getsubids -g {{ _podman_host_rootless_user }}"
|
|
changed_when: false
|