Thanks for the tip.  Setting up a chroot-only ansible-only user is a pretty 
good idea.

In this particular case, after talking with a co-worker, I ended up simply 
copying one shadow file to the other (note that this is a redacted copy for 
informational purposes only)

  tasks:
  - name: "update system password"
    user:
      name: "{{ item }}"
      update_password: always
  - name: "update chroot password"
    copy:
      src: /etc/shadow
      remote_src: yes
      dest: /mnt/pxe/etc/shadow
    notify: "rebuild image"


On Thursday, January 17, 2019 at 11:51:53 AM UTC-5, Hugo Gonzalez wrote:
>
> If there is a complete chroot environment under /mnt/pxe, you could 
> configure a new ansible user to always log into a chrooted environment, 
> using a sshd_config file and these two lines:
>
> Match User new_ansible_user
> ChrootDirectory /mnt/pxe
>
> Then use ansible normally under that special user.
>
> But that seems overkill, it would be easier to script the password change 
> locally with mkpassword and some text manipulation.
>
>
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/4d41305f-9ba2-4a22-920f-583a51b1c2aa%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to