From 96854dc5e24d2aa0a2eb3426fb73ce65b2988cbd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Sachse?= <Joerg.Sachse@slub-dresden.de>
Date: Tue, 2 Aug 2022 09:07:02 +0200
Subject: [PATCH] fix: modify users only if they aren't used for the current
management connection
---
tasks/create_users_groups.yml | 18 ++++++++++++------
1 file changed, 12 insertions(+), 6 deletions(-)
diff --git a/tasks/create_users_groups.yml b/tasks/create_users_groups.yml
index 85603de..c6627e9 100644
--- a/tasks/create_users_groups.yml
+++ b/tasks/create_users_groups.yml
@@ -37,15 +37,18 @@
uid: "{{ item.value.uid }}"
update_password: on_create
loop: "{{ human_users | dict2items }}"
- when: ( item.value.state == "present" )
- no_log: true
+ when:
+ - item.value.state == "present"
+ - item.key != ansible_user # we cannot modify the user that is used to make the connection, because the Python process uses it
- name: lock HUMAN users
ansible.builtin.user:
name: "{{ item.key }}"
password_lock: "{{ item.value.password_lock }}"
loop: "{{ human_users | dict2items }}"
- when: ( item.value.state == "present" )
+ when:
+ - item.value.state == "present"
+ - item.key != ansible_user # we cannot modify the user that is used to make the connection, because the Python process uses it
- name: create ROBOT users
ansible.builtin.user:
@@ -61,12 +64,15 @@
uid: "{{ item.value.uid }}"
update_password: on_create
loop: "{{ robot_users | dict2items }}"
- when: ( item.value.state == "present" )
- no_log: true
+ when:
+ - item.value.state == "present"
+ - item.key != ansible_user # we cannot modify the user that is used to make the connection, because the Python process uses it
- name: lock ROBOT users
ansible.builtin.user:
name: "{{ item.key }}"
password_lock: "{{ item.value.password_lock }}"
loop: "{{ robot_users | dict2items }}"
- when: ( item.value.state == "present" )
+ when:
+ - item.value.state == "present"
+ - item.key != ansible_user # we cannot modify the user that is used to make the connection, because the Python process uses it
--
GitLab