jumpserver/apps/accounts/automations/gather_account/host/posix/main.yml

- hosts: demo
  gather_facts: no
  tasks:
    - name: Get users
      ansible.builtin.shell:
        cmd: >
          getent passwd | awk -F: '$7 !~ /(false|nologin|true|sync)$/' | grep -v '^$' | awk -F":" '{ print $1 }'
      register: users

    - name: Gather posix account last login
      ansible.builtin.shell: |
        for user in {{ users.stdout_lines | join(" ") }}; do
          last -i --time-format iso -n 1 ${user}  | awk '{ print $1,$3,$4, $NF }' | head -1 | grep -v ^$
        done
      register: last_login

    - name: Get user password change date and expiry
      ansible.builtin.shell: |
        for user in {{ users.stdout_lines | join(" ") }}; do
          k=$(getent shadow $user | awk -F: '{ print $3, $5 }')
          echo "$user:$k"
        done
      register: passwd_date

    - name: Get user groups
      ansible.builtin.shell: |
        for user in {{ users.stdout_lines | join(" ") }}; do
          echo "$(groups $user)" | sed 's@ : @:@g'
        done
      register: user_groups

    - name: Get sudoers
      ansible.builtin.shell: |
        for user in {{ users.stdout_lines | join(" ") }}; do
          echo "$user: $(grep "^$user " /etc/sudoers | tr '\n' ';' || echo '')"
        done
      register: user_sudo

    - name: Get authorized keys
      ansible.builtin.shell: |
        for user in {{ users.stdout_lines | join(" ") }}; do
          home=$(getent passwd $user | cut -d: -f6)
          echo -n "$user:"
          if [[ -f ${home}/.ssh/authorized_keys ]]; then
            cat ${home}/.ssh/authorized_keys | tr '\n' ';'
          fi
          echo
        done
      register: user_authorized

    - set_fact:
        info:
          users: "{{ users.stdout_lines }}"
          last_login: "{{ last_login.stdout_lines }}"
          user_groups: "{{ user_groups.stdout_lines }}"
          user_sudo: "{{ user_sudo.stdout_lines }}"
          user_authorized: "{{ user_authorized.stdout_lines }}"
          passwd_date: "{{ passwd_date.stdout_lines }}"

    - debug:
        var: info
perf: gather accounts 2022-10-27 10:53:10 +00:00			`- hosts: demo`
			`gather_facts: no`
			`tasks:`
perf: update filter 2024-10-30 08:10:46 +00:00			`- name: Get users`
perf: automations push ping verify 2022-10-28 10:28:41 +00:00			`ansible.builtin.shell:`
			`cmd: >`
perf: 更新风险发现 2024-11-11 03:12:10 +00:00			`getent passwd \| awk -F: '$7 !~ /(false\|nologin\|true\|sync)$/' \| grep -v '^$' \| awk -F":" '{ print $1 }'`
perf: update filter 2024-10-30 08:10:46 +00:00			`register: users`

perf: 更新风险发现 2024-11-11 03:12:10 +00:00			`- name: Gather posix account last login`
perf: update filter 2024-10-30 08:10:46 +00:00			`ansible.builtin.shell: \|`
			`for user in {{ users.stdout_lines \| join(" ") }}; do`
perf: 更新风险发现 2024-11-11 03:12:10 +00:00			`last -i --time-format iso -n 1 ${user} \| awk '{ print $1,$3,$4, $NF }' \| head -1 \| grep -v ^$`
perf: update filter 2024-10-30 08:10:46 +00:00			`done`
			`register: last_login`

perf: 更新风险发现 2024-11-11 03:12:10 +00:00			`- name: Get user password change date and expiry`
			`ansible.builtin.shell: \|`
			`for user in {{ users.stdout_lines \| join(" ") }}; do`
			`k=$(getent shadow $user \| awk -F: '{ print $3, $5 }')`
			`echo "$user:$k"`
			`done`
			`register: passwd_date`

perf: update filter 2024-10-30 08:10:46 +00:00			`- name: Get user groups`
			`ansible.builtin.shell: \|`
			`for user in {{ users.stdout_lines \| join(" ") }}; do`
perf: 更新风险发现 2024-11-11 03:12:10 +00:00			`echo "$(groups $user)" \| sed 's@ : @:@g'`
perf: update filter 2024-10-30 08:10:46 +00:00			`done`
			`register: user_groups`

perf: update gathered account 2024-10-31 09:03:23 +00:00			`- name: Get sudoers`
perf: update filter 2024-10-30 08:10:46 +00:00			`ansible.builtin.shell: \|`
			`for user in {{ users.stdout_lines \| join(" ") }}; do`
			`echo "$user: $(grep "^$user " /etc/sudoers \| tr '\n' ';' \|\| echo '')"`
			`done`
			`register: user_sudo`

			`- name: Get authorized keys`
			`ansible.builtin.shell: \|`
			`for user in {{ users.stdout_lines \| join(" ") }}; do`
			`home=$(getent passwd $user \| cut -d: -f6)`
			`echo -n "$user:"`
			`if [[ -f ${home}/.ssh/authorized_keys ]]; then`
			`cat ${home}/.ssh/authorized_keys \| tr '\n' ';'`
			`fi`
perf: 更新风险发现 2024-11-11 03:12:10 +00:00			`echo`
perf: update filter 2024-10-30 08:10:46 +00:00			`done`
			`register: user_authorized`

perf: update gathered account 2024-10-31 09:03:23 +00:00			`- set_fact:`
perf: update pam 2024-11-12 08:00:41 +00:00			`info:`
			`users: "{{ users.stdout_lines }}"`
			`last_login: "{{ last_login.stdout_lines }}"`
			`user_groups: "{{ user_groups.stdout_lines }}"`
			`user_sudo: "{{ user_sudo.stdout_lines }}"`
			`user_authorized: "{{ user_authorized.stdout_lines }}"`
			`passwd_date: "{{ passwd_date.stdout_lines }}"`
perf: update filter 2024-10-30 08:10:46 +00:00
perf: update gathered account 2024-10-31 09:03:23 +00:00			`- debug:`
perf: update pam 2024-11-12 08:00:41 +00:00			`var: info`