自动化管理工具Saltstack之用户管理篇(6)
1.添加用户
/srv/salt/top.sls
base:
'10.0.10.100':
- user.useradd
/srv/salt/user/useradd.slsjim:
user.present:
- fullname: jim
- shell: /bin/bash
- password: '$6$hyxchyxc$r2R3uQcnhIl8QSg7WrmojiJqRhD0s6KVYGvXZCswGwW9GDeLF4mhdQJ/Pq8ccWkdzkyYSpxnGqxciMJ53WPI//'
- home: /home/jim
- uid: 650
- gid: 650
- groups:
- jim
- root
- require:
- group: jim
group.present:
- gid: 650
命令行执行如下命令完成用户创建
salt '10.0.10.100' state.highstate #使用state.highstate,必须有且配置/srv/salt/top.sls或直接
salt '10.0.10.100' state.sls user.useradd #直接使用编写的state.sls
如何生成用户哈希密码?
方法1.可再命令行通过如下命令生产哈希密码
python -c "import crypt; print crypt.crypt('password', '\$6\$hyxchyxc')"
其中$6代表sha512
哈希类型支持如下几种:
Type Length
====== ======
$6 sha512 128
$5 sha384 96
$4 sha256 64
$3 sha224 56
$2 sha1 40
$1 md5 32
方法2.在命令行执行如下命令
salt '10.0.10.100' shadow.gen_password 'password' 默认为sha512
2.批量创建用户
/srv/salt/user/usersadd.sls
{% set users = ['jim','hwg','hyxc'] %} #采用jinja语言
{% for user in users %}
{{ user }}:
user.present:
- shell: /bin/bash
- password: '$6$hyxchyxc$r2R3uQcnhIl8QSg7WrmojiJqRhD0s6KVYGvXZCswGwW9GDeLF4mhdQJ/Pq8ccWkdzkyYSpxnGqxciMJ53WPI//'
- gid: 650
- groups:
- jim
{% endfor %}
3.删除用户
/srv/salt/user/userdel.sls
jim:
user.absent:
- purge: Ture
- force: Ture
4.修改用户密码
显示用户密码信息
salt '10.0.10.100' shadow.info root
设置或更改用户密码
salt '10.0.10.100' shadow.set_password hwg '$6$hyxchyxc$r2R3uQcnhIl8QSg7WrmojiJqRhD0s6KVYGvXZCswGwW9GDeLF4mhdQJ/Pq8ccWkdzkyYSpxnGqxciMJ53WPI//'
删除用户密码,删除后可无密码登陆
salt '10.0.10.100' shadow.del_password hwg
5.查看用户信息
显示所有用户列表
salt '10.0.10.100' user.list_users
显示指定用户信息
salt '10.0.10.100' user.info root
salt '10.0.10.100' shadow.info root