ansible创建用户
ansible创建用户
summerking
发布于 2022-09-19 03:43:53
发布于 2022-09-19 03:43:53
代码可运行
运行总次数:0
代码可运行
ansilbe 提供了一个 user 模块,用于创建和管理用户;但如何在创建用户的同时加秘设置用户密码呢?
# ansible用户创建
- 创建一个有登录shell 的用户,用户名是 summer1:
- name 指定创建的用户名
- shell 指定用户登录时获得的shell
- home 为用户创建 HOME 目录
- state 指定是创建还是删除用户,当 state=absent 时,为删除用户
[root@localhost ansible]# ansible redis -m user -a 'name=summer1 shell=/bin/bash home=/home/summer1/ state=present'
docker125 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 1000,
"home": "/home/summer1/",
"name": "summer1",
"shell": "/bin/bash",
"state": "present",
"stderr": "useradd: warning: the home directory already exists.\nNot copying any file from skel directory into it.\n",
"stderr_lines": [
"useradd: warning: the home directory already exists.",
"Not copying any file from skel directory into it."
],
"system": false,
"uid": 1000
}
docker123 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 1000,
"home": "/home/summer1/",
"name": "summer1",
"shell": "/bin/bash",
"state": "present",
"stderr": "useradd: warning: the home directory already exists.\nNot copying any file from skel directory into it.\n",
"stderr_lines": [
"useradd: warning: the home directory already exists.",
"Not copying any file from skel directory into it."
],
"system": false,
"uid": 1000
}
docker124 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 1000,
"home": "/home/summer1/",
"name": "summer1",
"shell": "/bin/bash",
"state": "present",
"stderr": "useradd: warning: the home directory already exists.\nNot copying any file from skel directory into it.\n",
"stderr_lines": [
"useradd: warning: the home directory already exists.",
"Not copying any file from skel directory into it."
],
"system": false,
"uid": 1000
}
# 如何设置用户密码
用 ansible 设置用户的密码时,由于需要对传输的密码进行加密,所以要在主机安装python 的passlib 库。
- 利用 pip 安装 passlib:
pip install passlib - 生成的经过加密的密码(sha512 加密算法)
说明:在 Password 后输入我们的密码"xxxxx",然后再按enter键
python -c 'from passlib.hash import sha512_crypt; import getpass; print (sha512_crypt.encrypt(getpass.getpass()))'PS F:\各组件相关说明\ansible相关> pip install passlib
Collecting passlib
Downloading https://pypi.tuna.tsinghua.edu.cn/packages/3b/a4/ab6b7589382ca3df236e03faa71deac88cae040af60c071a78d254a62172/passlib-1.7.4-py2.py3-none-any.whl (525 kB)
|████████████████████████████████| 525 kB 1.3 MB/s
Installing collected packages: passlib
Successfully installed passlib-1.7.4
WARNING: You are using pip version 20.2.4; however, version 20.3.3 is available.
You should consider upgrading via the 'c:\users\administrator\appdata\local\programs\python\python37\python.exe -m pip install --upgrade pip' command.
PS F:\各组件相关说明\ansible相关> python -c 'from passlib.hash import sha512_crypt; import getpass; print (sha512_crypt.encrypt(getpass.getpass()))'
Password:
-c:1: DeprecationWarning: the method passlib.handlers.sha2_crypt.sha512_crypt.encrypt() is deprecated as of Passlib 1.7, and will be removed in Passlib 2.0, use .hash() instead.
$6$rounds=656000$fkskseDMlRAr7..8$./zCF2UbGiO7RrtyILeIckqK1ZU78wVwhWFeSrh2Qki604dG3apeF7BCwynu1HcnBp1g.LaFmZsjRCzJYjvzp/- 创建带加密码summer用户
[root@localhost ansible]# ansible redis -m user -a 'name=summer shell=/bin/bash password=$6$rounds=656000$fkskseDMlRAr7..8$./zCF2UbGiO7RrtyILeIckqK1ZU78wVwhWFeSrh2Qki604dG3apeF7BCwynu1HcnBp1g.LaFmZsjRCzJYjvzp/ update_password=always'
docker125 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 1001,
"home": "/home/summer",
"name": "summer",
"password": "NOT_LOGGING_PASSWORD",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1001
}
docker124 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 1001,
"home": "/home/summer",
"name": "summer",
"password": "NOT_LOGGING_PASSWORD",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1001
}
docker123 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 1001,
"home": "/home/summer",
"name": "summer",
"password": "NOT_LOGGING_PASSWORD",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1001
}
[root@localhost ansible]# history
# 验证
[root@33a870725069 home]# ll
total 0
drwx------ 2 summer1 summer1 62 Apr 11 2018 summer1
drwx------ 2 summer summer 62 Dec 23 07:29 summer
[root@33a870725069 home]# su summer1
[summer1@33a870725069 home]$ su summer
Password:
[summer@33a870725069 home]$ 本文参与 腾讯云自媒体同步曝光计划,分享自作者个人站点/博客。
原始发表:2020-06-23,如有侵权请联系 cloudcommunity@tencent.com 删除
评论
登录后参与评论
暂无评论
推荐阅读
编辑精选文章
换一批
推荐阅读
相关推荐
centos ansible常用命令
更多 >
社区富文本编辑器全新改版!诚邀体验~
全新交互,全新视觉,新增快捷键、悬浮工具栏、高亮块等功能并同时优化现有功能,全面提升创作效率和体验
腾讯云开发者
