Ver código fonte

Extend linux.user

- Add posibility do delete user password
 - Delete any password, if no other option has been passed
 - Allow to pass hash\plain password
 - Allow to unchange password

Change-Id: Id2b7234ca5d4417475b2114e74840292fc57d0de
pull/115/head
azvyagintsev 7 anos atrás
pai
commit
967af13b84
2 arquivos alterados com 28 adições e 6 exclusões
  1. +19
    -3
      README.rst
  2. +9
    -3
      linux/system/user.sls

+ 19
- 3
README.rst Ver arquivo

@@ -31,7 +31,10 @@ Basic Linux box
timezone: 'Europe/Prague'
utc: true

Linux with system users, some with password set
Linux with system users, some with password set:
.. WARNING::
If no 'password' variable has been passed - any predifined password
will be removed.

.. code-block:: yaml

@@ -50,9 +53,22 @@ Linux with system users, some with password set
jsmith:
name: 'jsmith'
enabled: true
full_name: 'Password'
full_name: 'With clear password'
home: '/home/jsmith'
password: userpassword
hash_password: true
password: "userpassword"
mark:
name: 'mark'
enabled: true
full_name: "unchange password'
home: '/home/mark'
password: false
elizabeth:
name: 'elizabeth'
enabled: true
full_name: 'With hased password'
home: '/home/elizabeth'
password: "$6$nUI7QEz3$dFYjzQqK5cJ6HQ38KqG4gTWA9eJu3aKx6TRVDFh6BVJxJgFWg2akfAA7f1fCxcSUeOJ2arCO6EEI6XXnHXxG10"

Configure sudo for users and groups under ``/etc/sudoers.d/``.
This ways ``linux.system.sudo`` pillar map to actual sudo attributes:

+ 9
- 3
linux/system/user.sls Ver arquivo

@@ -19,11 +19,17 @@ system_user_{{ name }}:
user.present:
- name: {{ name }}
- home: {{ user.home }}
{%- if user.password is defined %}
- password: {{ user.password }}
{% if user.get('password') == False %}
- enforce_password: false
{% elif user.get('password') == None %}
- enforce_password: true
- password: '*'
{% elif user.get('password') %}
- enforce_password: true
- password: {{ user.password }}
- hash_password: {{ user.get('hash_password', False) }}
{% endif %}
- gid_from_name: true
{%- endif %}
{%- if user.groups is defined %}
- groups: {{ user.groups }}
{%- endif %}

Carregando…
Cancelar
Salvar