exam 9

 It is a recommended practice to apply the security updates on the system in periodic intervals.


Write a playbook /home/thor/playbooks/patch_system.yml to ensure servers listed in /home/thor/playbooks/inventory are up to date with periodic security updates.

In CentOS, ensure the playboook installs and configures the yum-cron package to fit the need.

Confiure the yum-cron config file: /etc/yum/yum-cron.conf as update_cmd = security, to auto-update security packages and ensure yum-cron service is restarted afterwards.






Create patch_system.yml playbook and add below given code
---
- hosts: all
  tasks:
    - package:
        name: yum-cron
        state: present
    - lineinfile:
        path: /etc/yum/yum-cron.conf
        regexp: "^update_cmd"
        line: "update_cmd = security"
    - service:
        name: yum-cron
        state: restarted

Comments

Post a Comment

Popular posts from this blog

exam 16

  Write a playbook  /home/thor/playbooks/install_from_source.yml  to install a tool:  mosh  from the source: https://github.com/mobile-shell/mosh  on all servers inside the inventory  /home/thor/playbooks/inventory . A normal install from source flow is: git clone https://github.com/mobile-shell/mosh cd mosh ./autogen.sh ./configure make && make install To compile mosh from source, you need these dependencies: git make autoconf automake protobuf-devel libutempter-devel ncurses-devel openssl-devel gcc gcc-c++ Create  install_from_source.yml  playbook and add below given code --- - hosts: all tasks: - package: name: " {{ item }} " state: present with_items: - git - make - autoconf - automake - protobuf-devel - libutempter-devel - ncurses-devel - openssl-devel - gcc - gcc-c++ - git: rep...
Read more

ansible 5

Check if  report_status.sh  copied earlier to  web2  remote host is executable or not. If it is not executable, log the message:  File report_status.sh is not executable, making it executable...  in file  /tmp/change.log  on  web2  remote host and make it executable. Develop a playbook   /home/thor/playbooks/make_it_executable.yml   and use the inventory file   /home/thor/playbooks/inventory ====================================================================  --- - hosts: all   gather_facts: no   vars:     remote_dest: /usr/local/bin/report_status.sh   tasks:     - stat:         path: "{{remote_dest}}"       register: file_status     - debug: var=file_status     - shell: echo "File report_status.sh is not exective " > /tmp/change.log       when: file_status.stat.executable == false     - name: Make th...
Read more

practical 3

Help your friend fix this playbook  /home/thor/playbooks/copy_file_only_if.yml . Your firend is trying to copy this script   /home/thor/playbooks/report_status.sh   to   web2   at location   /usr/local/bin/report_status.sh   based on a condition: if variable   copy_file_only_if=true . Problem is: Even though (s)he is passing   True   or   true   the boolean variable set this way is being evaulated as string and the conditional is being skipped as   Conditional result was False Please use the inventory file   /home/thor/playbooks/inventory ==================================================  --- - name: copy script if not present   gather_facts: no   hosts: web2   vars:     remote_dest: /usr/local/bin/report_status.sh   tasks:     - copy:         src: report_status.sh         dest: "{{remote_dest}}"       when: copy_file_...
Read more