---
- name: Clear Service Status Check (auditd & mlocate focus)
hosts: all
gather_facts: yes
vars:
service_check_results: []
tasks:
- name: Check if auditd service unit file exists
stat:
path: /usr/lib/systemd/system/auditd.service
register: auditd_unit_file
- name: Check auditd service status only if unit exists
systemd:
name: auditd
register: auditd_status
failed_when: false
when: auditd_unit_file.stat.exists
- name: Check if mlocate-updatedb.timer exists
stat:
path: /usr/lib/systemd/system/mlocate-updatedb.timer
register: mlocate_timer_file
- name: Check mlocate updatedb timer status
systemd:
name: mlocate-updatedb.timer
register: mlocate_timer_status
failed_when: false
when: mlocate_timer_file.stat.exists
- name: Check if updatedb.timer exists (alternative)
stat:
path: /usr/lib/systemd/system/updatedb.timer
register: updatedb_timer_file
- name: Check updatedb timer status
systemd:
name: updatedb.timer
register: updatedb_timer_status
failed_when: false
when: updatedb_timer_file.stat.exists and not mlocate_timer_file.stat.exists
- name: Check if mlocate package is installed
package_facts:
manager: rpm
- name: Check locate database paths
stat:
path: "{{ item }}"
register: locate_db_paths
loop:
- /var/lib/mlocate/mlocate.db
- /var/lib/locate/locatedb
- /var/lib/slocate/slocate.db
- name: Analyze service status
set_fact:
node_result:
hostname: "{{ inventory_hostname }}"
os_info: "{{ ansible_distribution }} {{ ansible_distribution_version }}"
auditd:
service_exists: "{{ auditd_unit_file.stat.exists }}"
status: "{{ auditd_status.status.ActiveState if (auditd_unit_file.stat.exists and auditd_status.status is defined) else 'N/A' }}"
enabled: "{{ auditd_status.status.UnitFileState if (auditd_unit_file.stat.exists and auditd_status.status is defined) else 'N/A' }}"
running: "{{ auditd_status.status.ActiveState == 'active' if (auditd_unit_file.stat.exists and auditd_status.status is defined) else false }}"
mlocate:
package_installed: "{{ 'mlocate' in ansible_facts.packages or 'plocate' in ansible_facts.packages }}"
timer_exists: "{{ mlocate_timer_file.stat.exists or updatedb_timer_file.stat.exists }}"
timer_service: "{{ 'mlocate-updatedb.timer' if mlocate_timer_file.stat.exists else ('updatedb.timer' if updatedb_timer_file.stat.exists else 'none') }}"
timer_status: "{{ mlocate_timer_status.status.ActiveState if mlocate_timer_status.status is defined else (updatedb_timer_status.status.ActiveState if updatedb_timer_status.status is defined else 'N/A') }}"
timer_running: "{{ (mlocate_timer_status.status.ActiveState == 'active') if mlocate_timer_status.status is defined else ((updatedb_timer_status.status.ActiveState == 'active') if updatedb_timer_status.status is defined else false) }}"
db_exists: "{{ locate_db_paths.results | selectattr('stat.exists', 'equalto', true) | list | length > 0 }}"
db_path: "{{ (locate_db_paths.results | selectattr('stat.exists', 'equalto', true) | first).item if locate_db_paths.results | selectattr('stat.exists', 'equalto', true) | list | length > 0 else 'none' }}"
db_size_mb: "{{ ((locate_db_paths.results | selectattr('stat.exists', 'equalto', true) | first).stat.size / 1024 / 1024) | round(2) if locate_db_paths.results | selectattr('stat.exists', 'equalto', true) | list | length > 0 else 0 }}"
- name: Display clear service status
debug:
msg: |
================================================
HOST: {{ inventory_hostname }} ({{ ansible_distribution }} {{ ansible_distribution_version }})
================================================
🔍 AUDITD SERVICE ANALYSIS:
{% if node_result.auditd.service_exists %}
✅ Service Definition: FOUND (/usr/lib/systemd/system/auditd.service)
{% if node_result.auditd.running %}
✅ Current Status: ACTIVE AND RUNNING
{% else %}
❌ Current Status: {{ node_result.auditd.status | upper }} (NOT RUNNING)
{% endif %}
📋 Boot Status: {{ node_result.auditd.enabled | upper }}
{% else %}
❌ Service Definition: NOT FOUND
❌ auditd is NOT INSTALLED on this system
{% endif %}
📍 MLOCATE/LOCATE SERVICE ANALYSIS:
{% if node_result.mlocate.package_installed %}
✅ Package: INSTALLED (mlocate or plocate found)
{% else %}
❌ Package: NOT INSTALLED
{% endif %}
{% if node_result.mlocate.timer_exists %}
✅ Timer Service: FOUND ({{ node_result.mlocate.timer_service }})
{% if node_result.mlocate.timer_running %}
✅ Timer Status: ACTIVE AND RUNNING
{% else %}
❌ Timer Status: {{ node_result.mlocate.timer_status | upper }} (NOT RUNNING)
{% endif %}
{% else %}
❌ Timer Service: NOT FOUND
{% endif %}
{% if node_result.mlocate.db_exists %}
✅ Locate Database: FOUND
📁 Path: {{ node_result.mlocate.db_path }}
📏 Size: {{ node_result.mlocate.db_size_mb }}MB
{% else %}
❌ Locate Database: NOT FOUND
{% endif %}
🎯 SUMMARY:
{% if node_result.auditd.service_exists and node_result.auditd.running %}
✅ auditd: FULLY OPERATIONAL
{% elif node_result.auditd.service_exists %}
⚠️ auditd: INSTALLED BUT NOT RUNNING
{% else %}
❌ auditd: NOT INSTALLED
{% endif %}
{% if node_result.mlocate.package_installed and node_result.mlocate.timer_running and node_result.mlocate.db_exists %}
✅ mlocate: FULLY OPERATIONAL
{% elif node_result.mlocate.package_installed %}
⚠️ mlocate: INSTALLED BUT NOT FULLY FUNCTIONAL
{% else %}
❌ mlocate: NOT INSTALLED
{% endif %}
- name: Add to results collection
set_fact:
service_check_results: "{{ service_check_results + [node_result] }}"
delegate_to: localhost
delegate_facts: true
- name: Generate Summary Report
hosts: localhost
gather_facts: no
tasks:
- name: Calculate statistics
set_fact:
total_nodes: "{{ service_check_results | length }}"
auditd_installed: "{{ service_check_results | selectattr('auditd.service_exists', 'equalto', true) | list | length }}"
auditd_running: "{{ service_check_results | selectattr('auditd.running', 'equalto', true) | list | length }}"
mlocate_installed: "{{ service_check_results | selectattr('mlocate.package_installed', 'equalto', true) | list | length }}"
mlocate_functional: "{{ service_check_results | selectattr('mlocate.package_installed', 'equalto', true) | selectattr('mlocate.timer_running', 'equalto', true) | selectattr('mlocate.db_exists', 'equalto', true) | list | length }}"
- name: Display final summary
debug:
msg: |
================================================
📊 OVERALL SUMMARY REPORT
================================================
Total Nodes Analyzed: {{ total_nodes }}
🔍 AUDITD SERVICE:
├─ Installed: {{ auditd_installed }}/{{ total_nodes }} nodes ({{ ((auditd_installed / total_nodes) * 100) | round(1) }}%)
├─ Running: {{ auditd_running }}/{{ total_nodes }} nodes ({{ ((auditd_running / total_nodes) * 100) | round(1) }}%)
└─ Issues: {{ service_check_results | selectattr('auditd.service_exists', 'equalto', false) | map(attribute='hostname') | join(', ') if (total_nodes - auditd_installed) > 0 else 'None' }}
📍 MLOCATE SERVICE:
├─ Installed: {{ mlocate_installed }}/{{ total_nodes }} nodes ({{ ((mlocate_installed / total_nodes) * 100) | round(1) }}%)
├─ Fully Functional: {{ mlocate_functional }}/{{ total_nodes }} nodes ({{ ((mlocate_functional / total_nodes) * 100) | round(1) }}%)
└─ Issues: {{ service_check_results | selectattr('mlocate.package_installed', 'equalto', false) | map(attribute='hostname') | join(', ') if (total_nodes - mlocate_installed) > 0 else 'None' }}
{% if auditd_running < total_nodes %}
⚠️ AUDITD ISSUES DETECTED:
{% for node in service_check_results %}
{% if not node.auditd.service_exists %}
❌ {{ node.hostname }}: auditd NOT INSTALLED
{% elif not node.auditd.running %}
⚠️ {{ node.hostname }}: auditd installed but {{ node.auditd.status }}
{% endif %}
{% endfor %}
{% endif %}
{% if mlocate_functional < mlocate_installed %}
⚠️ MLOCATE ISSUES DETECTED:
{% for node in service_check_results %}
{% if node.mlocate.package_installed and not (node.mlocate.timer_running and node.mlocate.db_exists) %}
⚠️ {{ node.hostname }}: mlocate installed but timer={{ node.mlocate.timer_status }}, db={{ 'exists' if node.mlocate.db_exists else 'missing' }}
{% endif %}
{% endfor %}
{% endif %}
- name: Generate clear status report
copy:
content: |
Hostname,OS,auditd_Installed,auditd_Running,auditd_Status,mlocate_Installed,mlocate_Timer_Running,mlocate_DB_Exists,Overall_auditd,Overall_mlocate
{% for node in service_check_results -%}
{{ node.hostname }},{{ node.os_info }},{{ node.auditd.service_exists }},{{ node.auditd.running }},{{ node.auditd.status }},{{ node.mlocate.package_installed }},{{ node.mlocate.timer_running }},{{ node.mlocate.db_exists }},{{ 'OK' if node.auditd.running else ('INSTALLED' if node.auditd.service_exists else 'MISSING') }},{{ 'OK' if (node.mlocate.package_installed and node.mlocate.timer_running and node.mlocate.db_exists) else ('PARTIAL' if node.mlocate.package_installed else 'MISSING') }}
{% endfor %}
dest: "./clear_service_status.csv"
- name: Display action recommendations
debug:
msg: |
================================================
🔧 RECOMMENDED ACTIONS
================================================
{% if auditd_installed < total_nodes %}
📥 Install auditd on missing nodes:
sudo yum install audit (RHEL/CentOS)
{% endif %}
{% if auditd_running < auditd_installed %}
🚀 Start auditd service on inactive nodes:
sudo systemctl start auditd
sudo systemctl enable auditd
{% endif %}
{% if mlocate_installed < total_nodes %}
📥 Install mlocate on missing nodes:
sudo yum install mlocate (RHEL/CentOS)
{% endif %}
{% if mlocate_functional < mlocate_installed %}
🚀 Fix mlocate issues:
sudo systemctl start mlocate-updatedb.timer
sudo systemctl enable mlocate-updatedb.timer
sudo updatedb # Manual database update
{% endif %}
📄 Detailed report saved: ./clear_service_status.csv