From 3a4f5d220920b7c34e26d66ecc43414242e557ed Mon Sep 17 00:00:00 2001 From: Marjorie Middleton Date: Wed, 26 May 2021 13:57:53 -0600 Subject: [PATCH] User-management now creates users User-management now creates users if they do not exist. This is to handle users that are created after this task runs. Change-Id: I12ea54dbf39d09af27fb4d944a61b9f71c3ead00 --- .../assets/playbooks/roles/osconfig/defaults/main.yaml | 6 +++--- .../playbooks/roles/osconfig/tasks/user-management.yaml | 6 +----- 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/image-builder/assets/playbooks/roles/osconfig/defaults/main.yaml b/image-builder/assets/playbooks/roles/osconfig/defaults/main.yaml index 8079c6c..3e032cc 100644 --- a/image-builder/assets/playbooks/roles/osconfig/defaults/main.yaml +++ b/image-builder/assets/playbooks/roles/osconfig/defaults/main.yaml @@ -228,11 +228,11 @@ file_permissions: - "{{ default_run_context }}" # Set password and login shell for existing users # Mainly intended to lock down system users -# Will not create user if does not exist +# Creates user if does not exist user_management: - name: test - shell: /usr/sbin/nologin - password: '!' + shell: /bin/false + password: '' password_lock: yes run_contexts: - "{{ default_run_context }}" diff --git a/image-builder/assets/playbooks/roles/osconfig/tasks/user-management.yaml b/image-builder/assets/playbooks/roles/osconfig/tasks/user-management.yaml index c0bc479..2f838f5 100644 --- a/image-builder/assets/playbooks/roles/osconfig/tasks/user-management.yaml +++ b/image-builder/assets/playbooks/roles/osconfig/tasks/user-management.yaml @@ -1,7 +1,3 @@ -- name: "Get all account info" - getent: - database: passwd - - name: "User Management | Modifying user settings for {{ item.name }}" user: name: "{{ item.name }}" @@ -9,4 +5,4 @@ password_lock: "{{ item.password_lock }}" shell: "{{ item.shell }}" loop: "{{ user_management }}" - when: run_context in item.run_contexts and item.name in ansible_facts.getent_passwd \ No newline at end of file + when: run_context in item.run_contexts \ No newline at end of file