标签:key group name sudo 用户 Playbook file newuser ssh
---
- hosts: serverf
vars:
- password:
key1: redhat
key2: rhceforserver
key3: demonzwl
tasks:
- name: Useradd rhce for remote host
user:
name: rhce
shell: /bin/bash
groups: wheel
append: yes
register: newuser
- name: debug some message
debug:
var: newuser['name']
- name: password to newuser
shell:
cmd: echo "{{ password['key1'] }}" | passwd --stdin "{{ newuser['name'] }}"
# 以下是实现 SSH免密登录 的Task
- block:
- name: Use module-authorized_key public key to remote host
authorized_key:
user: rhce
state: present
key: "{{ lookup('file', '/home/student/.ssh/id_rsa.pub') }}"
rescue:
- name: mkdir ssh dir
file:
path: /home/rhce/.ssh
owner: "{{ newuser['name'] }}"
group: "{{ newuser['group'] }}"
mode: 0644
state: directory
- name: touch file authorized
file:
path: /home/rhce/.ssh/authorized_keys
owner: "{{ newuser['name'] }}"
group: "{{ newuser['group'] }}"
mode: 0600
state: touch
- name: copy public key to remote host
copy:
src: ~/.ssh/id_rsa.pub
dest: /home/rhce/.ssh/authorized_keys
mode: 0600
# rescue 部分有些许繁琐
# 若是想直接调用 authorized_key 模块
# 可以参考 https://www.cnblogs.com/Anzi-0524/p/16538242.html
always:
- name: debug some message
debug:
var: newuser
# 修改受控主机上的 sudoers 文件
- name: change file permissionins
file:
path: /etc/sudoers
owner: root
group: root
mode: 0600
- name: add message to /etc/sudoers
lineinfile:
path: /etc/sudoers
insertafter: '^# %wheel'
line: '%wheel ALL=(ALL) NOPASSWD: ALL'
- name: change file permissionins
file:
path: /etc/sudoers
owner: root
group: root
mode: 0400
标签:key,group,name,sudo,用户,Playbook,file,newuser,ssh 来源: https://www.cnblogs.com/Anzi-0524/p/16463549.html
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。