I suspect your problem is simply that your shell command's incorrectly
quoted and something like:
ansible.builtin.shell: |
set -o pipefail && awk -F':' '($3<500 && $1!="root" && $1!="sync" &&
$1!="shutdown" && $1!="sync" && $1!="shutdown" && $1!="halt" &&
$7!="/sbin/nologin") { print $1 } ' /etc/passwd
Note the additional quotes.
https://github.com/major/ansible-role-cis/blob/master/tasks/section_07_level1.yml
mostly matches your snippet but uses simpler formatting/quoting as an
example.
https://github.com/major/ansible-role-cis appears to be deprecated, as does
https://github.com/major/cis-rhel-ansible
It might also be worth including:
1. What target operating system release(s) you're targeting and
2. What versions of upstream CIS roles you're using.
On Tue, 21 Mar 2023 at 11:52, [email protected] <[email protected]> wrote:
> We have a role that implements the CIS benchmarks on our systems. When we
> get to the following play, we get the error described below:
>
> - name: Disable System Accounts - preparation
> ansible.builtin.shell: |
> set -o pipefail && awk -F':' \|
> ($3<500 && $1!="root" && $1!="sync" && $1!="shutdown" && $1!="sync" &&
> $1!="shutdown" && $1!="halt" && $7!="/sbin/nologin") { print $1 }
> /etc/passwd
> register: enabled_system_accounts
> changed_when: false
>
> Error:
>
> awk: cmd. line:1: |
> awk: cmd. line:1: ^ syntax error
> /bin/sh: -c: line 1: syntax error near unexpected token `{'
> /bin/sh: -c: line 1: `($3<500 && $1!="root" && $1!="sync" &&
> $1!="shutdown" && $1!="sync" && $1!="shutdown" && $1!="halt" &&
> $7!="/sbin/nologin") { print $1 } /etc/passwd'
>
> Any ideas?
>
> Thanks,
> Harry
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/eeb341e7-e45a-4a3e-b1dd-77471c4d9706n%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/eeb341e7-e45a-4a3e-b1dd-77471c4d9706n%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CAKtKohTcYy-8V2nxXrVOkF03Ts772MDZPCVHCxgmj95JxE9tdg%40mail.gmail.com.
