users: do not add users to the sudo group if they are not meant to be administrators.

This commit is contained in:
Andrea Dell'Amico 2017-11-07 12:37:46 +01:00
parent 5556c1318d
commit 805062b3c0
2 changed files with 2 additions and 1 deletions

View File

@ -14,4 +14,4 @@ users_update_password: 'on_create'
#users_system_users:
# - { login: 'foo', name: "Foo Bar", home: '{{ users_home_dir }}', createhome: 'yes', ssh_key: '{{ foo_ssh_key }}', shell: '/bin/bash', admin: False, log_as_root: False }
#users_additional_groups:
# -
# - { group: 'foo' }

View File

@ -25,6 +25,7 @@
- name: Add the admin users to the sudoers group
user: name={{ item.login }} groups={{ users_sudoers_group }} append=yes
with_items: '{{ users_system_users | default([]) }}'
when: item.admin
- name: ensure that the users can login with their ssh keys as root if we want ensure direct access
authorized_key: user=root key="{{ item.ssh_key }}" state=present