Hello I provision my servers using ansible, but sometimes developers will log into a server and do adhoc things. Changes that happen on things that have been provisioned by ansible (e.g templated files, changes on configs using ini_file etc) can quickly be spotted by running the playbook using --diff --check But what about all other "ansible untracked" changes?
For example: - someone adds a crontab entry - someone alters something in /etc/hosts which is not provisioned by ansible - someone installs a package which does not appear at all in my playbooks I understand that ansible cannot easily solve this unless I write a million rules to catch all such cases. So, what would a sensible approach to solving this be (apart from denying server access to those people)? thanks -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/fbc15fe1-9cb4-4b20-a64b-b571d595df2e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
