N
GitHub
commit
5b67c5513a
@ -29,6 +29,9 @@ users:
|
||||
manage_bashrc: False
|
||||
manage_profile: False
|
||||
expire: 16426
|
||||
# Disables user management except sudo rules.
|
||||
# Useful for setting sudo rules for system accounts created by package instalation
|
||||
sudoonly: False
|
||||
sudouser: True
|
||||
# sudo_rules doesn't need the username as a prefix for the rule
|
||||
# this is added automatically by the formula.
|
||||
@ -124,6 +127,8 @@ users:
|
||||
33333333
|
||||
44444444
|
||||
55555555
|
||||
# unique: True allows user to have non unique uid
|
||||
unique: False
|
||||
uid: 1001
|
||||
|
||||
user_files:
|
||||
|
||||
@ -9,6 +9,9 @@
|
||||
{%- if user == None -%}
|
||||
{%- set user = {} -%}
|
||||
{%- endif -%}
|
||||
{%- if 'sudoonly' in user and user['sudoonly'] %}
|
||||
{%- set _dummy=user.update({'sudouser': True}) %}
|
||||
{%- endif %}
|
||||
{%- if 'sudouser' in user and user['sudouser'] %}
|
||||
{%- do used_sudo.append(1) %}
|
||||
{%- endif %}
|
||||
@ -47,6 +50,7 @@ include:
|
||||
{%- set user_group = name -%}
|
||||
{%- endif %}
|
||||
|
||||
{%- if not ( 'sudoonly' in user and user['sudoonly'] ) %}
|
||||
{% for group in user.get('groups', []) %}
|
||||
users_{{ name }}_{{ group }}_group:
|
||||
group.present:
|
||||
@ -122,6 +126,9 @@ users_{{ name }}_user:
|
||||
{% if not user.get('createhome', True) %}
|
||||
- createhome: False
|
||||
{% endif %}
|
||||
{% if not user.get('unique', True) %}
|
||||
- unique: False
|
||||
{% endif %}
|
||||
{% if 'expire' in user -%}
|
||||
{% if grains['kernel'].endswith('BSD') and
|
||||
user['expire'] < 157766400 %}
|
||||
@ -360,6 +367,7 @@ users_ssh_known_hosts_delete_{{ name }}_{{ loop.index0 }}:
|
||||
- name: {{ host }}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
|
||||
{% set sudoers_d_filename = name|replace('.','_') %}
|
||||
{% if 'sudouser' in user and user['sudouser'] %}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user