Jérémy Lecour
2027420877
whitespaces
2018-04-18 12:16:04 +02:00
Jérémy Lecour
13abc44992
evolinux-users: use assert instead of fail
2018-04-18 12:16:04 +02:00
Jérémy Lecour
f152ba66cd
evolinux-users: regroup tasks
...
1. create all accounts
2. configure sudo for everyone
3. configure ssh for everyone
2018-04-18 12:16:04 +02:00
Jérémy Lecour
e0ac7760f0
Use AllowGroups mode also if no AllowUsers is present at all
2018-04-18 12:16:04 +02:00
Jérémy Lecour
4fc58e4b1e
evolinux-users: rename included files
2018-04-18 12:16:04 +02:00
Jérémy Lecour
b01d9178d0
evolinux-users: split AllowGroups/AllowUsers modes
...
If an AllowGroups directive is found or when using Debian 9+,
we use the AllowGroups directive and comment AllowUsers that may be
already present.
When adding a user, we make sure that the allowed group exists
and the use is in that group, to be sure that at least this user
is allowed to connect.
In other situations, we use the AllowUsers directive.
2018-04-18 12:16:04 +02:00
Jérémy Lecour
46a6a35486
evolinux-users: add check_minifirewall in sudoers commands
2018-04-06 10:36:48 +02:00
Jérémy Lecour
8abed3e258
Use "command" instead of "shell" where possible
2018-04-04 23:36:00 +02:00
Jérémy Lecour
84924c38f4
evolinux-users: create .profile for evomaintenance if missing
2018-03-13 09:37:27 +01:00
Jérémy Lecour
097f732922
evolinux-users: evomaintenance trap detection also with check_mode
2018-02-08 15:33:28 +01:00
Jérémy Lecour
c18b83d974
evolinux-users: deal with AllowGroups and AllowUsers differently
2018-02-08 15:29:53 +01:00
Jérémy Lecour
290dfd300a
evolinux-users: add users to adm group for Stretch
2017-12-28 11:01:31 +01:00
Jérémy Lecour
b7cede7654
Don't add the trap if it is present or commented
2017-10-17 18:07:51 +02:00
Jérémy Lecour
71cd04029c
Insert "Match User" if missing (Jessie only)
2017-10-17 10:28:49 +02:00
Jérémy Lecour
1091dfeeed
evolinux-users: Handle "PermitRootLogin prohibit-password"
2017-10-11 22:17:52 +02:00
Jérémy Lecour
c77bc14e95
Evolinux: don't remove root from AllowUsers list
2017-10-11 17:58:59 +02:00
Jérémy Lecour
ae4b9675c2
evolix-users: disable root ssh login by default
2017-10-10 22:01:44 +02:00
Jérémy Lecour
8435ac192d
evolinux-users: better detection of AllowUsers
2017-10-10 22:01:12 +02:00
Jérémy Lecour
13e1c0486b
"egrep" is deprecated, use "grep -E"
2017-10-08 22:47:03 +02:00
Jérémy Lecour
8c1024c23c
No need to add individual users, a group is enough
2017-10-08 14:23:21 +02:00
Jérémy Lecour
fedbc5b579
evolinux-users: no need to repeat condition
2017-10-06 12:05:07 +02:00
Jérémy Lecour
2b253e075c
Users can be added to secondary groups
2017-10-06 01:06:59 +02:00
Jérémy Lecour
f759b849a5
evolinux-users: install many ssh keys if needed
2017-10-06 01:06:59 +02:00
Jérémy Lecour
7b88393ccf
Refactoring of admin-users + evolinux-base roles
...
* rename admin-users to evolinux-users
* splitting the "sudo" part for users between jessie and stretch
* with stretch, the sudo group is customizable and properly configured
* import evolinux-users role from evolinux-base at proper time
to ensure ssh connections are possible for other users before
cutting root's access
* evomaintenance is also included in evolinux-base to have it available
when users are created
2017-10-06 01:06:59 +02:00