Commit 167ff8f8 authored by Maciej Delmanowski's avatar Maciej Delmanowski

[debops.users] Install missing shells if needed

parent 36489f2a
......@@ -56,11 +56,30 @@ users__default_shell: ''
# APT packages [[[
# ----------------
# .. envvar:: users__shell_package_map [[[
#
# YAML dictionary that maps known shells used in the :file:`/etc/passwd`
# database to the APT packages with these shells. The role will install missing
# shell packages if any users have them as their login shells.
users__shell_package_map:
'/bin/bash': 'bash'
'/bin/csh': 'csh'
'/usr/bin/fish': 'fish'
'/bin/ksh': 'ksh'
'/bin/zsh': 'zsh'
# ]]]
# .. envvar:: users__base_packages [[[
#
# List of base packages to install.
users__base_packages: [ 'acl' ]
# ]]]
# .. envvar:: users__shell_packages [[[
#
# List of login shell APT packages expected on the host.
users__shell_packages: '{{ lookup("template", "lookup/users__shell_packages.j2") }}'
# ]]]
# .. envvar:: users__packages [[[
#
......
......@@ -2,11 +2,10 @@
- name: Install required packages
package:
name: '{{ item }}'
name: '{{ q("flattened", (users__base_packages
+ users__shell_packages
+ users__packages)) }}'
state: 'present'
with_flattened:
- '{{ users__base_packages }}'
- '{{ users__packages }}'
register: users__register_packages
until: users__register_packages is succeeded
when: users__enabled | bool
......@@ -31,22 +30,6 @@
getent:
database: 'group'
- name: Check if defined shells exist
stat:
path: "{{ item }}"
loop: '{{ ((users__default_accounts + users__admin_accounts
+ users__accounts + users__group_accounts + users__host_accounts
+ users__dependent_accounts) | selectattr("shell", "defined")
| map(attribute="shell") | unique | list)
+ ([ users__default_shell ] if users__default_shell|d() else []) }}'
register: users__register_shell_stats
- name: Fail if a defined shell does not exist
fail:
msg: "Trying to set a shell that does not exist, this can lock you out!"
loop: '{{ users__register_shell_stats.results }}'
when: not item.stat.exists
- name: Manage user accounts
user:
name: '{{ item.name }}'
......
{% set users__tpl_shells = [] %}
{% for shell in (users__combined_accounts | parse_kv_items
| selectattr("state", "equalto", "present")
| selectattr("shell", "defined")
| map(attribute="shell") | unique | list) %}
{% if shell in users__shell_package_map.keys() %}
{% set _ = users__tpl_shells.append(users__shell_package_map[shell]) %}
{% endif %}
{% endfor %}
{{ users__tpl_shells | to_json }}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment