fix group and user handling
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Robert Kaussow 2019-08-21 09:54:57 +02:00
parent 7399845dbb
commit 2059c109d0
4 changed files with 23 additions and 10 deletions

View File

@ -13,8 +13,9 @@ cups_selinux_fcontext: []
# - -R /opt/brother
cups_selinux_restorecon: []
cups_admin_username: cupsadm
cups_admin_password: secure
cups_admin_group: printadmin
cups_admin_users:
- { name: 'cupsadm', password: 'secure' }
cups_bind_url:
- localhost:631
@ -25,8 +26,8 @@ cups_log_level: warn
cups_server_admin: admin@example.com
cups_remote_admin_enabled: False
cups_system_groups:
- sys
- root
- "{{ cups_admin_group }}"
cups_iptables_enabled: False
cups_open_ports:

View File

@ -22,13 +22,6 @@
- etc/cups/cups-files.conf
notify: __cupsd_restart
- name: Create user '{{ cups_admin_username }}'
user:
comment: Cups Admin
name: "{{ cups_admin_username }}"
password: "{{ cups_admin_password | password_hash('sha512', inventory_hostname) }}"
groups: printadmin
- name: Update pamd rule's control in /etc/pam.d/cups
pamd:
name: cups

View File

@ -1,4 +1,5 @@
---
- include_tasks: prepare.yml
- include_tasks: install.yml
- include_tasks: selinux.yml
when: ansible_selinux.status == "enabled"

18
tasks/prepare.yml Normal file
View File

@ -0,0 +1,18 @@
---
- block:
- name: Create system groups
group:
name: "{{ item }}"
state: present
loop: "{{ cups_system_groups }}"
- name: Create cups admin users
user:
comment: Cups Admin
name: "{{ item.name }}"
password: "{{ item.password | password_hash('sha512', inventory_hostname) }}"
groups: "{{ cups_admin_group }}"
state: present
loop: "{{ cups_admin_users }}"
become: True
become_user: root