• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • Liutauras Vilda
  • Jeanne Boyarsky
  • paul wheaton
Sheriffs:
  • Ron McLeod
  • Devaka Cooray
  • Henry Wong
Saloon Keepers:
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
  • Tim Moores
  • Mikalai Zaikin
Bartenders:
  • Frits Walraven

How to resolve 'dict object' has no attribute 'files' error in Ansible playbook?

 
Greenhorn
Posts: 13
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm working on an Ansible playbook to set permissions for initialization files in user home directories to meet STIG requirements. However, I'm running into an issue with the 'Correct file permissions' task, where I get the following error:

fatal: [SERVER_NAME]: FAILED! => { "msg": "The conditional check 'init_files.results | map(attribute='files') | flatten | length > 0' failed. The error was: Could not load \"length\": 'length'\n line 0\n\nThe error appears to be in '/home/path/to/playbook/tasks/playbook name.yml': line 21, column 7, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n - name: Correct file permissions\n ^ here\n" }  

Here's the snippet of the playbook causing the issue:

- name: Set permissions for initialization files in user home directories

find:  

paths: "/home/{{ item }}"

patterns: ".*"  

file_type: file  

hidden: yes  

register: init_files  

loop: "{{ users.stdout_lines }}"  

- name: Correct file permissions

file:

path: "{{ item.path }}"

mode: '0740'  

loop: "{{ init_files.results | map(attribute='files') | flatten }}"  

when: init_files.results | map(attribute='files') | flatten | length > 0  

The task before 'Correct file permissions' is supposed to find all hidden files within the user's home directory and register the results. I expected to loop over these results to correct file permissions but it seems like the init_files variable is not structured as anticipated. I've attempted to debug with a var output, but the issue persists.

Can someone help me understand why the init_files variable isn't structured with a files attribute as the find module documentation suggests, or point out what I might be doing wrong?

   Here is what I have tried: Checked for invisible characters or issues with line endings using :set list in vi.

   Ensured that the indentation is consistent throughout the playbook.

   Replaced select('length') | list | length with flatten | length in the when conditional.

   Verified the Ansible and Jinja2 documentation for the correct syntax and usage of filters and conditionals.

Stig: Check Text: Verify that all local initialization files have a mode of "0740" or less permissive with the following command:

Note: The example will be for the "smithj" user, who has a home directory of "/home/smithj".

$ sudo ls -al /home/smithj/.[^.]* | more

-rw-------. 1 smithj users 2984 Apr 27 19:02 .bash_history

-rw-r--r--. 1 smithj users 18 Aug 21 2019 .bash_logout

-rw-r--r--. 1 smithj users 193 Aug 21 2019 .bash_profile

If any local initialization files have a mode more permissive than "0740", this is a finding.

Any help or resources for troubleshooting this playbook would be greatly appreciated.
 
Bartender
Posts: 224
7
Android Python Oracle Postgres Database Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
First of all I think YAML code should be formatted. Otherwise it's nearly unreadable. I noticed your question already some days ago but found an answer only after copy&pasting the code to an editor supporting YAML.

The SW running the Coderanch site does not support YAML but formatting as text makes the it already easy to understand and preserves whitespace.

My findings are:
In task "Set permissions for initialization files in user home directories"  the register directive must be after the loop. Otherwise Ansible thinks its should be a parameter of find

The task "Correct file permissions" then works with or without the when condition. The when can be omitted. In case there are no matched files the action indie the loop is simply not carried out.




My test dir '{{ SLASH_HOME}}' after test run. permisions of the .a files that are directly under their home dir are changed, but other files not.

 
Saloon Keeper
Posts: 28321
210
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
When in doubt, use Code Tags for formatted text. It will at least preserve formatting, even if the language in question is not supported. And PLEASE don't double-space!

I have found that conditional expressions can fail in ansible if you're invoking functionality that may not always produce results. That appears to be the case here, where the results of "init_files.results | map(attribute='files') | flatten" must be returning no data rather than an empty collection (which would have a length of 0 for that case).

The only cure for that is to make tests that won't fail and that can be a bit of trial-and-error if you cannot find good documentation.

Offhand, I'd omit the "when" clause here, since iterating over nothing does nothing.
 
My favorite is a chocolate cupcake with white frosting and tiny ad sprinkles.
Gift giving made easy with the permaculture playing cards
https://coderanch.com/t/777758/Gift-giving-easy-permaculture-playing
reply
    Bookmark Topic Watch Topic
  • New Topic