Closed
Description
Description
Playbook fail when no users without password or authentification_string:
TASK [devsec.hardening.mysql_hardening : Create a fact for users without password or authentication_string users_wo_auth={{ mysql_users_wo_passwords_or_auth_string.query_result.0.0 | community.general.json_query('users') }}] *********************
Thursday 23 February 2023 12:42:57 +0100 (0:00:00.103) 0:00:22.887 *****
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: AttributeError: module 'jmespath' has no attribute 'functions'
fatal: [centreonnew.xxx.int]: FAILED! => changed=false
Reproduction steps
When debugging, the query for retrieving "users without password or authentication_string users_wo_auth" return NULL and it seems that Python or ansible interpret it as "Hello world !"
Debugging playbook :
- name: Get all users that have no authentication_string on MySQL version >= 5.7.6 or Mariadb version >= 10.4.0
community.mysql.mysql_query:
query: >
SELECT GROUP_CONCAT(QUOTE(USER), '@', QUOTE(HOST) SEPARATOR ', ') AS users
FROM mysql.user
WHERE (length(authentication_string)=0
OR authentication_string="")
AND USER NOT IN ('mysql.sys',
'mysqlxsys',
'mariadb.sys');
login_unix_socket: "{{ login_unix_socket | default(omit) }}"
register: mysql_users_wo_passwords_or_auth_string
- name: debug
debug:
msg:"{{ mysql_users_wo_passwords_or_auth_string }}"
Result :
TASK [Get all users that have no authentication_string on MySQL version >= 5.7.6 or Mariadb version >= 10.4.0 query=SELECT GROUP_CONCAT(QUOTE(USER), '@', QUOTE(HOST) SEPARATOR ', ') AS users FROM mysql.user WHERE (length(authentication_string)=0
OR authentication_string="")
AND USER NOT IN ('mysql.sys',
'mysqlxsys',
'mariadb.sys');
, login_unix_socket={{ login_unix_socket | default(omit) }}] ***
Thursday 23 February 2023 12:46:10 +0100 (0:00:00.103) 0:00:01.766 *****
ok: [centreonnew.xxx.int]
TASK [debug _variable_params=msg:"{{ mysql_users_wo_passwords_or_auth_string }}"] ********************************************************************************************************************************************************************
Thursday 23 February 2023 12:46:11 +0100 (0:00:00.697) 0:00:02.464 *****
ok: [centreonnew.xxx.int] =>
msg: Hello world!
Direct query in mysql :
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 99
Server version: 10.5.19-MariaDB-1:10.5.19+maria~deb11 mariadb.org binary distribution
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> SELECT GROUP_CONCAT(QUOTE(USER), '@', QUOTE(HOST) SEPARATOR ', ') AS users FROM mysql.user WHERE (length(authentication_string)=0
-> OR authentication_string="")
-> AND USER NOT IN ('mysql.sys',
-> 'mysqlxsys',
-> 'mariadb.sys');
+-------+
| users |
+-------+
| NULL |
+-------+
1 row in set (0.002 sec)
MariaDB [(none)]>
Current Behavior
Expected Behavior
No error in execution
OS / Environment
Provide all relevant information below, e.g. target OS versions, network device firmware, etc.
Ansible server : Ubuntu 22.04
node : Debian 11
Ansible Version
ansible [core 2.14.2]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/ansible/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3/dist-packages/ansible
ansible collection location = /home/ansible/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible
python version = 3.10.6 (main, Nov 14 2022, 16:10:14) [GCC 11.3.0] (/usr/bin/python3)
jinja version = 3.0.3
libyaml = TrueCollection Version
# /home/ansible/.ansible/collections/ansible_collections
Collection Version
----------------- -------
ansible.posix 1.4.0
community.crypto 2.9.0
community.general 5.5.0
community.mongodb 1.4.1
community.mysql 3.3.0
devsec.hardening 8.6.0Additional information
No response