Like that. Any objection if I included that in the github role?
Am Dienstag, 10. Dezember 2013 23:21:26 UTC+1 schrieb Kahlil Hodgson:
>
> Another approach occurs that does not require the Perl Crazy Glue:
>
> - name: grab passwd entries for this host
> shell: cat /etc/passwd'
> register: passwd
>
> - name: lock unknown users
> user: name={{ item.split(':').0 }} password='!!'
>
> when: item.split(':').0 not in known_users
> and item.split(':').2|int > 499
>
> with_items: passwd.stdout_lines
>
> - name: lock out unknown users
> command: rm -rf {{ item.split(':').5 }}/.ssh
>
> when: item.split(':').0 not in known_users
> and item.split(':').2|int > 499
>
> with_items: passwd.stdout_lines
>
> Kahlil (Kal) Hodgson GPG: C9A02289
> Head of Technology (m) +61 (0) 4 2573 0382
> DealMax Pty Ltd (w) +61 (0) 3 9008 5281
>
> Suite 1415
> 401 Docklands Drive
> Docklands VIC 3008 Australia
>
> "All parts should go together without forcing. You must remember that
> the parts you are reassembling were disassembled by you. Therefore,
> if you can't get them together again, there must be a reason. By all
> means, do not use a hammer." -- IBM maintenance manual, 1925
>
>
>
> On 10 December 2013 22:46, Jürgen Haas <[email protected] <javascript:>>
> wrote:
> > Here is the Ansible role on github.com:
> > https://github.com/jurgenhaas/ansible-user-management
> >
> > It can be executed as a role, e.g. like this:
> >
> > - name: "Manage Users"
> > hosts: "all"
> > connection: ssh
> > gather_facts: false
> > sudo: yes
> > roles:
> > - users
> >
> > Enjoy!
> >
> > My plan is to further enhance that role so that it is going to become
> the
> > full user management role including the creation of user accounts and
> > management of ssh keys plus many more ideas hopefully to come.
> >
> > Am Dienstag, 10. Dezember 2013 10:22:06 UTC+1 schrieb Jürgen Haas:
> >>
> >> Great, that works. And with $F[5] we also get the home directory for
> each
> >> user. So I'll see if I can turn that into a default playbook for
> general us
> >> as Michael DeHaan suggested.
> >>
> >> Am Montag, 9. Dezember 2013 21:31:32 UTC+1 schrieb Kahlil Hodgson:
> >>>
> >>> On 9 December 2013 19:51, Jürgen Haas <[email protected]> wrote:
> >>> > cat /etc/passwd | perl -ane -F: 'print $F[0],"\n" if $F[2] > 499'
> >>> >
> >>> > Generates the following error message:
> >>> >
> >>> > Warning: Use of "-F" without parentheses is ambiguous at -e line 1.
> >>> > syntax error at -e line 1, near "F:"
> >>> > Execution of -e aborted due to compilation errors.
> >>>
> >>> cat /etc/passwd | perl -aF: -ne 'print $F[0],"\n" if $F[2] > 499'
> >>>
> >>> Arghh! -e must precede the expression -- yesterday was not a good day.
> >>>
> >>> K
> >>>
> >>> Kahlil (Kal) Hodgson GPG: C9A02289
> >>> Head of Technology (m) +61 (0) 4 2573 0382
> >>> DealMax Pty Ltd (w) +61 (0) 3 9008 5281
> >>>
> >>> Suite 1415
> >>> 401 Docklands Drive
> >>> Docklands VIC 3008 Australia
> >>>
> >>> "All parts should go together without forcing. You must remember that
> >>> the parts you are reassembling were disassembled by you. Therefore,
> >>> if you can't get them together again, there must be a reason. By all
> >>> means, do not use a hammer." -- IBM maintenance manual, 1925
> >
> > --
> > You received this message because you are subscribed to the Google
> Groups
> > "Ansible Project" group.
> > To unsubscribe from this group and stop receiving emails from it, send
> an
> > email to [email protected] <javascript:>.
> > For more options, visit https://groups.google.com/groups/opt_out.
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
