user模块:
user模块用于管理用户账户和用户属性。
如果是windows要换一个win_user模块。
创建用户:present:
[root@localhost ~]# ansible group1 -m user -a "name=aaa state=present"
192.168.17.106 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 1000,
"home": "/home/aaa",
"name": "aaa",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1000
}
192.168.17.105 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"comment": "",
"create_home": true,
"group": 1000,
"home": "/home/aaa",
"name": "aaa",
"shell": "/bin/bash",
"state": "present",
"system": false,
"uid": 1000
}
[root@agent1 tmp]# id aaa
uid=1000(aaa) gid=1000(aaa) groups=1000(aaa)
[root@agent2 ~]# id aaa
uid=1000(aaa) gid=1000(aaa) groups=1000(aaa)
更改用户uid::这些内容都是Linux基础。
[root@localhost ~]# ansible group1 -m user -a "name=aaa uid=2000"
192.168.17.106 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"append": false,
"changed": false,
"comment": "",
"group": 1000,
"home": "/home/aaa",
"move_home": false,
"name": "aaa",
"shell": "/bin/bash",
"state": "present",
"uid": 2000
}
192.168.17.105 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"append": false,
"changed": false,
"comment": "",
"group": 1000,
"home": "/home/aaa",
"move_home": false,
"name": "aaa",
"shell": "/bin/bash",
"state": "present",
"uid": 2000
}
更改用户的属性:那这块还需要自己再进一步的分析:
[root@localhost ~]# ansible group1 -m user -a "name=aaa home=/data/haha shell=/bin/false comment=@_@"
192.168.17.106 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"append": false,
"changed": true,
"comment": "@_@",
"group": 1000,
"home": "/data/haha",
"move_home": false,
"name": "aaa",
"shell": "/bin/false",
"state": "present",
"uid": 2000
}
192.168.17.105 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"append": false,
"changed": true,
"comment": "@_@",
"group": 1000,
"home": "/data/haha",
"move_home": false,
"name": "aaa",
"shell": "/bin/false",
"state": "present",
"uid": 2000
}
然后到agent机器上检查:
[root@agent1 tmp]# cat /etc/passwd |grep aaa
aaa:x:2000:1000:@_@:/data/haha:/bin/false
删除用户:
[root@localhost ~]# ansible group1 -m user -a "name=aaa state=absent" 192.168.17.106 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"force": false,
"name": "aaa",
"remove": false,
"state": "absent"
}
192.168.17.105 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"force": false,
"name": "aaa",
"remove": false,
"state": "absent"
}
然后再到agent的机器上检查,可见用户已删除:
[root@agent1 tmp]# id aaa
id: aaa: no such user
[root@agent1 tmp]# grep aaa /etc/passwd
[root@agent1 tmp]#
删除用户的时候需要注意删除家目录的问题:
删除家目录的场景:
[root@localhost ~]# ansible group1 -m user -a "name=bbb state=absent remove=yes"
192.168.17.105 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"force": false,
"name": "bbb",
"remove": true,
"state": "absent"
}
192.168.17.106 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"force": false,
"name": "bbb",
"remove": true,
"state": "absent"
}
[root@agent1 tmp]# cd /home/bbb
-bash: cd: /home/bbb: No such file or directory
这两个,如果工作中需要可以试下。