Skip to content
Snippets Groups Projects
Commit 96854dc5 authored by Jörg Sachse's avatar Jörg Sachse
Browse files

fix: modify users only if they aren't used for the current management connection

parent 25f374f3
No related branches found
No related tags found
No related merge requests found
...@@ -37,15 +37,18 @@ ...@@ -37,15 +37,18 @@
uid: "{{ item.value.uid }}" uid: "{{ item.value.uid }}"
update_password: on_create update_password: on_create
loop: "{{ human_users | dict2items }}" loop: "{{ human_users | dict2items }}"
when: ( item.value.state == "present" ) when:
no_log: true - item.value.state == "present"
- item.key != ansible_user # we cannot modify the user that is used to make the connection, because the Python process uses it
- name: lock HUMAN users - name: lock HUMAN users
ansible.builtin.user: ansible.builtin.user:
name: "{{ item.key }}" name: "{{ item.key }}"
password_lock: "{{ item.value.password_lock }}" password_lock: "{{ item.value.password_lock }}"
loop: "{{ human_users | dict2items }}" loop: "{{ human_users | dict2items }}"
when: ( item.value.state == "present" ) when:
- item.value.state == "present"
- item.key != ansible_user # we cannot modify the user that is used to make the connection, because the Python process uses it
- name: create ROBOT users - name: create ROBOT users
ansible.builtin.user: ansible.builtin.user:
...@@ -61,12 +64,15 @@ ...@@ -61,12 +64,15 @@
uid: "{{ item.value.uid }}" uid: "{{ item.value.uid }}"
update_password: on_create update_password: on_create
loop: "{{ robot_users | dict2items }}" loop: "{{ robot_users | dict2items }}"
when: ( item.value.state == "present" ) when:
no_log: true - item.value.state == "present"
- item.key != ansible_user # we cannot modify the user that is used to make the connection, because the Python process uses it
- name: lock ROBOT users - name: lock ROBOT users
ansible.builtin.user: ansible.builtin.user:
name: "{{ item.key }}" name: "{{ item.key }}"
password_lock: "{{ item.value.password_lock }}" password_lock: "{{ item.value.password_lock }}"
loop: "{{ robot_users | dict2items }}" loop: "{{ robot_users | dict2items }}"
when: ( item.value.state == "present" ) when:
- item.value.state == "present"
- item.key != ansible_user # we cannot modify the user that is used to make the connection, because the Python process uses it
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment