--- - name: Fetch fstab content command: "grep -v '^#' /etc/fstab" check_mode: false register: fstab_content failed_when: false changed_when: false tags: - fstab - name: / partition is customized - softdep replace: dest: /etc/fstab regexp: '(\s+/\s+\S+\s+rw)(.*)' replace: '\1,softdep\2' when: - fstab_content.stdout | regex_search('\s/\s') - not (fstab_content.stdout | regex_search('\s+/\s+\S+\s+rw,softdep')) tags: - fstab - name: /var partition is customized - softdep replace: dest: /etc/fstab regexp: '(\s+/var\s+\S+\s+rw)(.*)' replace: '\1,softdep\2' when: - fstab_content.stdout | regex_search('\s/var\s') - not (fstab_content.stdout | regex_search('\s+/var\s+\S+\s+rw,softdep')) tags: - fstab - name: /usr partition is customized - softdep replace: dest: /etc/fstab regexp: '(\s+/usr\s+\S+\s+rw)(.*)' replace: '\1,softdep\2' when: - fstab_content.stdout | regex_search('\s/usr\s') - not (fstab_content.stdout | regex_search('\s+/usr\s+\S+\s+rw,softdep')) tags: - fstab - name: /tmp partition is customized - noexec replace: dest: /etc/fstab regexp: '(\s+/tmp\s+\S+\s+rw(,softdep)*)(.*)' replace: '\1,noexec\3' when: - fstab_content.stdout | regex_search('\s/tmp\s') - not (fstab_content.stdout | regex_search('\s+/tmp\s+\S+\s+rw,(softdep,)*noexec')) tags: - fstab - name: /tmp partition is customized - softdep replace: dest: /etc/fstab regexp: '(\s+/tmp\s+\S+\s+rw)(.*)' replace: '\1,softdep\2' notify: remount /tmp when: - fstab_content.stdout | regex_search('\s/tmp\s') - not (fstab_content.stdout | regex_search('\s+/tmp\s+\S+\s+rw,(noexec,)*softdep')) tags: - fstab - name: /home partition is customized - softdep replace: dest: /etc/fstab regexp: '(\s+/home\s+\S+\s+rw)(.*)' replace: '\1,softdep\2' when: - fstab_content.stdout | regex_search('\s/home\s') - not (fstab_content.stdout | regex_search('\s+/home\s+\S+\s+rw,softdep')) tags: - fstab