From 96854dc5e24d2aa0a2eb3426fb73ce65b2988cbd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Sachse?= <Joerg.Sachse@slub-dresden.de> Date: Tue, 2 Aug 2022 09:07:02 +0200 Subject: [PATCH] fix: modify users only if they aren't used for the current management connection --- tasks/create_users_groups.yml | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/tasks/create_users_groups.yml b/tasks/create_users_groups.yml index 85603de..c6627e9 100644 --- a/tasks/create_users_groups.yml +++ b/tasks/create_users_groups.yml @@ -37,15 +37,18 @@ uid: "{{ item.value.uid }}" update_password: on_create loop: "{{ human_users | dict2items }}" - when: ( item.value.state == "present" ) - no_log: true + when: + - item.value.state == "present" + - item.key != ansible_user # we cannot modify the user that is used to make the connection, because the Python process uses it - name: lock HUMAN users ansible.builtin.user: name: "{{ item.key }}" password_lock: "{{ item.value.password_lock }}" loop: "{{ human_users | dict2items }}" - when: ( item.value.state == "present" ) + when: + - item.value.state == "present" + - item.key != ansible_user # we cannot modify the user that is used to make the connection, because the Python process uses it - name: create ROBOT users ansible.builtin.user: @@ -61,12 +64,15 @@ uid: "{{ item.value.uid }}" update_password: on_create loop: "{{ robot_users | dict2items }}" - when: ( item.value.state == "present" ) - no_log: true + when: + - item.value.state == "present" + - item.key != ansible_user # we cannot modify the user that is used to make the connection, because the Python process uses it - name: lock ROBOT users ansible.builtin.user: name: "{{ item.key }}" password_lock: "{{ item.value.password_lock }}" loop: "{{ robot_users | dict2items }}" - when: ( item.value.state == "present" ) + when: + - item.value.state == "present" + - item.key != ansible_user # we cannot modify the user that is used to make the connection, because the Python process uses it -- GitLab