forked from ISTI-ansible-roles/ansible-roles
users: do not add users to the sudo group if they are not meant to be administrators.
This commit is contained in:
parent
5556c1318d
commit
805062b3c0
|
@ -14,4 +14,4 @@ users_update_password: 'on_create'
|
|||
#users_system_users:
|
||||
# - { login: 'foo', name: "Foo Bar", home: '{{ users_home_dir }}', createhome: 'yes', ssh_key: '{{ foo_ssh_key }}', shell: '/bin/bash', admin: False, log_as_root: False }
|
||||
#users_additional_groups:
|
||||
# -
|
||||
# - { group: 'foo' }
|
||||
|
|
|
@ -25,6 +25,7 @@
|
|||
- name: Add the admin users to the sudoers group
|
||||
user: name={{ item.login }} groups={{ users_sudoers_group }} append=yes
|
||||
with_items: '{{ users_system_users | default([]) }}'
|
||||
when: item.admin
|
||||
|
||||
- name: ensure that the users can login with their ssh keys as root if we want ensure direct access
|
||||
authorized_key: user=root key="{{ item.ssh_key }}" state=present
|
||||
|
|
Loading…
Reference in New Issue