Special shell for special users on special host %)

[Petr Sukharev]

Hello!
I find some issue and cant resolve it by myself.
My scenario:
3 users, 4 hosts
I add information about users in file vars/all (like login, uid, comment, group and password) and deploy users via role with variable (user logins) into all hosts

==========================hosts file=============
[group1]
serv1
[group2]
serv2
serv3
==================playbook=================
- hosts: all
vars:
ssh_users:
- "{{user1}}"
roles:
- users_add

- hosts: group1
vars:
ssh_users:
- "{{user2}}"
- "{{user3}}"
roles:
- users_add


- hosts: group2
vars:
ssh_users:
- "{{user2}}"
roles:
- users_add

============= vars/all====================
user1:
- { user: 'user1', uid: '11111' }
user2:
- { user: 'user2', uid: '11112' }
user3:
- { user: 'user3', uid: '11113' }
============= role file =====================
- name: Add ssh user
user: name={{ item.user }} uid= {{ item.uid}}
with_items: "ssh_users"
=======================================

My question is - how to point special shell value (like /bin/nologin) for users 2 and 3, but not for user 1, and only in host group1
As you can see - user 1 is like admin for all hosts and group1 - is like special host, where i need to use special shell for all users, but not for admin user

Can you help me, please?

[Brice Burgess]

Petr,

I'll augment your example with this behavior. Since you're adding "user 1" by it's own when matching all hosts; it kind of takes care of the requirement to avoid changing user 1's shell. See below;

==========================

hosts file=============
[group1]
serv1
[group2]
serv2
serv3
==================playbook=================
- hosts: all
vars:
   ssh_users:
     - "{{user1}}"
roles:
- users_add

- hosts: group1
vars:
   ssh_users:
     - "{{user2}}"
     - "{{user3}}"
   

   user_shell:
     - "/bin/special_shell"

roles:

- users_add


- hosts: group2
vars:
   ssh_users:
     - "{{user2}}"

roles:
- users_add

============= vars/all====================
user1:
  - { user: 'user1', uid: '11111' }
user2:
  - { user: 'user2', uid: '11112' }
user3:
  - { user: 'user3', uid: '11113' }
============= role file =====================
- name: Add

ssh user
  user: name={{ item.user }} uid={{ item.uid}} shell={{ user_shell | default("/bin/bash") }}
with_items: "ssh_users"
=======================================

+ host group "group1" provides the special shell by setting user_shell variable.
+ user_add attempts to use user_shell var for shell, defaulting to "/bin/bash" if not set.

[Michael DeHaan]

Hi folks,

When posting YAML it greatly helps if things are well formatted.

If you are posting in an mail editor that doesn't allow proper whitespace, I'd recommend using something like gist.github.com.

Otherwise it's pretty hard to read the above.

Thanks!

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/691987b0-5d0e-4223-92a1-90b5638269fb%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

[Petr Sukharev]

Hi, Bruce!
Yes, it is exactly what i am looking for! Working like charm!

Michael, i will use this source in next time, thanks

Thanks so much!