cron – Manage cron.d and crontab entries
user – Manage user accounts
user模块是请求的是useradd, userdel, usermod三个指令(查看用户和组信息 参考下面附录A)
home:指定用户的家目录,需要与createhome配合使用
groups:指定用户的属组
uid:指定用的uid
password:指定用户的密码
name:指定用户名
createhome:是否创建家目录 yes|no
system:是否为系统用户
remove:当state=absent时,remove=yes则表示连同家目录一起删除,等价于userdel -r
state:是创建还是删除
shell:指定用户的shell环境
user模块:实现批量创建用户
创建用户示例
[root@ansible-server ansible]# ansible 10.192.27.115 -m user -a "name=user01" 10.192.27.115 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": true, "comment": "", "create_home": true, "group": 1001, "home": "/home/user01", "name": "user01", "shell": "/bin/bash", "state": "present", "system": false, "uid": 1001 }
[root@ansible-server ansible]# ansible 10.192.27.115 -m user -a "name=user02 uid=6666" 10.192.27.115 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": true, "comment": "", "create_home": true, "group": 6666, "home": "/home/user02", "name": "user02", "shell": "/bin/bash", "state": "present", "system": false, "uid": 6666 }
[root@ansible-server ansible]# ansible 10.192.27.115 -m user -a "name=user03 group=user02" 10.192.27.115 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": true, "comment": "", "create_home": true, "group": 6666, "home": "/home/user03", "name": "user03", "shell": "/bin/bash", "state": "present", "system": false, "uid": 6667 } [root@ansible-server ansible]# ansible 10.192.27.115 -m user -a "name=user04 group=user02" 10.192.27.115 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": true, "comment": "", "create_home": true, "group": 6666, "home": "/home/user04", "name": "user04", "shell": "/bin/bash", "state": "present", "system": false, "uid": 6668 }
[root@ansible-server ansible]# ansible 10.192.27.115 -m user -a "name=rsync create_home=no shell=/sbin/nologin" 10.192.27.115 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": true, "comment": "", "create_home": false, "group": 6669, "home": "/home/rsync", "name": "rsync", "shell": "/sbin/nologin", "state": "present", "system": false, "uid": 6669 } [root@ansible-server ansible]#
ps:利用ansible程序设置密码信息,需要将密码明文信息转换为密文信息进行设置
生成密文密码方法一:(注:-i 目标主机列表 -m 指定模块名称)
[root@ansible-server ansible]# ansible all -i localhost, -m debug -a "msg={{'123123'| password_hash('sha512','mysecretsalt')}}" #任意字符串加盐‘mysecretsalt’ localhost | SUCCESS => { "msg": "$6$mysecretsalt$i1SC5GcBrPyglwJHNJ0JdF8d5E68l6AN6nEL8gDwsyHZJsK.kSfSnasPq0Ubpd/aAkT1NZz1B137UXrR2dKmv." } [root@ansible-server ansible]#
[root@ansible-server ansible]# python -c "from passlib.hash import sha512_crypt; import getpass; print(sha512_crypt.using(rounds=5000).hash(getpass.getpass()))" Traceback (most recent call last): File "<string>", line 1, in <module> ImportError: No module named passlib.hash #由于本地没有安装这个模块(无网络就没有安装) [root@ansible-server ansible]#
4.给指定用户创建密码
[root@ansible-server ansible]# ansible all -i localhost, -m debug -a "msg={{ '123123' | password_hash('sha512','haha')}}" localhost | SUCCESS => { "msg": "$6$haha$3APjmPSwU.G/F8lE2n68TelpABeSX2S9KgMrMpqOsSbdqdC1tOvDaSB6FREobIxIPVKGvzF/imgHPusOJkWI.1" } [root@ansible-server ansible]# ansible 10.192.27.115 -m user -a 'name=user05 password=$6$haha$3APjmPSwU.G/F8lE2n68TelpABeSX2S9KgMrMpqOsSbdqdC1tOvDaSB6FREobIxIPVKGvzF/imgHPusOJkWI.1' 10.192.27.115 | CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": true, "comment": "", "create_home": true, "group": 6670, "home": "/home/user05", "name": "user05", "password": "NOT_LOGGING_PASSWORD", "shell": "/bin/bash", "state": "present", "system": false, "uid": 6670 }
group模块
,goup模块请求的是groupadd, groupdel, groupmod 三个指令。
yum模块Packaging modules
附录A: linux如何查看所有的用户和组信息?
-
【步骤一】cat /etc/passwd查看所有的用户信息,详情如下图
-
cat /etc/passwd|grep 用户名,用于查找某个用户,如下图
-
cat /etc/group查看所有组信息,如下图
-
cat /etc/group|grep 组名,用于查找某个用户组,如下图
-
groups 查看当前登录用户的组内成员
groups test 查看test用户所在的组,以及组内成员
whoami 查看当前登录用户名
