103 lines
2.5 KiB
ReStructuredText
103 lines
2.5 KiB
ReStructuredText
``profile::local_accounts``
|
|
===========================
|
|
|
|
This module helps managing local users and groups.
|
|
|
|
|
|
Parameters
|
|
----------
|
|
|
|
=============================== ======== ================================================
|
|
**Name** **Type** **Default**
|
|
------------------------------- -------- ------------------------------------------------
|
|
group_defs hash hiera('local_accounts::group_defs')
|
|
groups hash hiera('local_accounts::groups')
|
|
user_defs hash hiera('local_accounts::user_defs')
|
|
users list hiera('local_accounts:users')
|
|
=============================== ======== ================================================
|
|
|
|
|
|
``group_defs``
|
|
~~~~~~~~~~~~~~
|
|
|
|
A hash containing the definitions of local groups. The keys are the group names,
|
|
the values are the numeric group IDs.
|
|
|
|
|
|
Example::
|
|
|
|
local_accounts::group_defs:
|
|
'my_local_group': 673
|
|
|
|
Also see `groups`_.
|
|
|
|
|
|
``groups``
|
|
~~~~~~~~~~
|
|
|
|
A list containing the names of the local groups to be created. The definition
|
|
for each group is taken from `group_defs`_.
|
|
|
|
|
|
``user_defs``
|
|
~~~~~~~~~~~~~
|
|
|
|
A hash containing the definitions of local users. The keys are the user names,
|
|
the values are hashes containing the usual user properties, ie:
|
|
|
|
============ ==========================
|
|
``password`` password hash (optional)
|
|
``uid`` numeric UID (required)
|
|
``gid`` numeric GID (required)
|
|
``comment`` comment (optional)
|
|
``home`` home directory (required)
|
|
``shell`` shell (required)
|
|
============ ==========================
|
|
|
|
Ideally the password hash is generated with ``openssl passwd -6`` and then encrypted
|
|
|
|
|
|
``users``
|
|
~~~~~~~~~
|
|
|
|
A list of the users to be created. The definition of each user is taken from
|
|
`user_defs`_.
|
|
|
|
|
|
Examples
|
|
--------
|
|
|
|
The following defines three users and one group, but only creates one each::
|
|
|
|
local_accounts::group_defs:
|
|
'archadm': 503
|
|
|
|
local_accounts::user_defs:
|
|
'ioc':
|
|
'uid': 500
|
|
'gid': 9102
|
|
'home': '/home/ioc'
|
|
'shell': '/bin/bash'
|
|
'comment': 'IOC Account'
|
|
|
|
'slsop':
|
|
'uid': 501
|
|
'gid': 9102
|
|
'home': '/home/slsop'
|
|
'shell': '/bin/bash'
|
|
'comment': 'SLS Operator'
|
|
|
|
'archadm':
|
|
'uid': 503
|
|
'gid': 503
|
|
'home': '/home/archadm'
|
|
'shell': '/bin/bash'
|
|
'comment': ''
|
|
'password': 'ENC[PKCS7,MIIB2gYxxxxxx...xxxxxxx]'
|
|
|
|
local_accounts::groups:
|
|
- 'archadm'
|
|
|
|
local_accounts::users:
|
|
- 'archadm'
|