From a66e1c1ee9974c8cf83807a3ed3e700581b7deea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Dubois?= Date: Tue, 20 Jun 2023 10:41:52 +0200 Subject: [PATCH] accounts: configure user home, ssh keys and groups only if it already exists, so that there is no error when run in check mode and user doesn't exist yet --- CHANGELOG | 1 + roles/accounts/tasks/user.yml | 10 +++++++++- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/CHANGELOG b/CHANGELOG index e165abf..e8335de 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -84,6 +84,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 * post-install: fix missing space in generateldif.sh script * logsentry: fix variables for configuration files * nagios-nrpe: fix allowed_hosts configuration: keep potential added IP, but we cannot use backrefs if the line does not exist yet +* accounts: configure user home, ssh keys and groups only if it already exists, so that there is no error when run in check mode and user doesn't exist yet ### Removed diff --git a/roles/accounts/tasks/user.yml b/roles/accounts/tasks/user.yml index 1b8b3c3..91ffa53 100644 --- a/roles/accounts/tasks/user.yml +++ b/roles/accounts/tasks/user.yml @@ -23,6 +23,10 @@ - accounts - admin +- name: "Gather available local users" + getent: + database: passwd + - name: "Home directory for '{{ user.name }}' is only accesible by owner" file: name: '/home/{{ user.name }}' @@ -30,6 +34,7 @@ owner: "{{ user.name }}" group: "{{ user.name }}" state: directory + when: user.name in getent_passwd.keys() tags: - accounts - admin @@ -42,7 +47,9 @@ with_items: "{{ user.ssh_keys }}" loop_control: loop_var: ssk_key - when: user.ssh_keys is defined + when: + - user.ssh_keys is defined + - user.name in getent_passwd.keys() tags: - accounts - admin @@ -58,6 +65,7 @@ - "{{ evobsd_sudo_group }}" loop_control: loop_var: groups_item + when: user.name in getent_passwd.keys() tags: - accounts - admin