Best approach to add or remove users to match list

Randolph_Kahle · January 11, 2014, 11:25pm

I am using a list of users to define the exact set of user accounts I need on all of my managed compute instances.

For example:

users:

{name: randy, group: admin, shell: /bin/bash, uid: 1000, sshkey: /files/users/randy_rsa.pub, … }
{name: teresa, group: admin, shell: /bin/bash, uid: 1001, sshkey: /files/users/teresa_rsa.pub, … }
{name: mircea, group: admin, shell: /bin/bash, uid: 1002, sshkey: /files/users/mircea_rsa.pub, … }

I would like to be able to add or remove users from this list and have the user accounts modified on all systems to match this list.

What this means is:

If a /home/user-unwanted is found, it should be removed
if a /home/user-wanted is not found, it should be added

otherwise, the user accounts should not be touched.

What is the best practice approach to obtaining two lists (the list of /home/* directories) and the above list in a variable file, and making only the changes needed to make these list match each other?

Thanks – Randy

Jurgen_Haas2 · January 14, 2014, 5:35pm

I have the similar requirement and started working on a role called user management. It is available from https://galaxy.ansibleworks.com/list#/roles/22 but it is far from complete. As a proof-of-concept it currently deals with user-accounts that should be removed (or locked / disabled) if they no longer exist in a given list.

I’m planing to enhance that role and if you were interested in joining forces, that would be great.

Topic		Replies	Views
better way to manage users on unix machine Ansible Project	2	0	July 14, 2017
Subcollection diff Ansible Project	5	0	March 27, 2014
Looking for ideas: secure user management Ansible Project	15	0	December 11, 2013
Struggling with user accounts Ansible Project	7	1	November 15, 2012
only add users, but dont allow changing users Ansible Project	1	0	September 12, 2013

Best approach to add or remove users to match list

Related topics