[libvirt] [jenkins-ci PATCH 8/3] guests: Centralize user creation and configuration
We already have a separate task for creating the non-root user,
so it makes sense to move everything related to the root user to
that taks as well.
Signed-off-by: Andrea Bolognani <abologna(a)redhat.com>
---
guests/site.yml | 2 +-
guests/tasks/base.yml | 20 --------------------
guests/tasks/{user.yml => users.yml} | 20 ++++++++++++++++++++
3 files changed, 21 insertions(+), 21 deletions(-)
rename guests/tasks/{user.yml => users.yml} (67%)
diff --git a/guests/site.yml b/guests/site.yml
index a00be86..351e575 100644
--- a/guests/site.yml
+++ b/guests/site.yml
@@ -31,7 +31,7 @@
state: absent
# Create users. This needs to happen after installing base packages
- - include: tasks/user.yml
+ - include: tasks/users.yml
# Install build dependencies for each project
- include: tasks/packages.yml
diff --git a/guests/tasks/base.yml b/guests/tasks/base.yml
index debf6e4..33681b4 100644
--- a/guests/tasks/base.yml
+++ b/guests/tasks/base.yml
@@ -121,26 +121,6 @@
hostname:
name: '{{ inventory_hostname }}'
-- name: Configure ssh access for the root user
- authorized_key:
- user: root
- key: '{{ lookup("file", lookup("env", "HOME") +
"/.ssh/id_rsa.pub") }}'
- state: present
-
-- name: Configure root password and shell
- user:
- name: root
- password: '{{ lookup("file", root_password_file) }}'
- shell: '{{ bash }}'
-
-- name: Disable password authentication for the root user
- lineinfile:
- path: /etc/ssh/sshd_config
- regexp: '^#*\s*PermitRootLogin\s*.*$'
- line: 'PermitRootLogin without-password'
- state: present
- backup: yes
-
- name: Look for GRUB2 configuration
stat:
path: /etc/default/grub
diff --git a/guests/tasks/user.yml b/guests/tasks/users.yml
similarity index 67%
rename from guests/tasks/user.yml
rename to guests/tasks/users.yml
index 3db5258..6134228 100644
--- a/guests/tasks/user.yml
+++ b/guests/tasks/users.yml
@@ -1,4 +1,24 @@
---
+- name: 'root: Set password'
+ user:
+ name: root
+ password: '{{ lookup("file", root_password_file) }}'
+ shell: '{{ bash }}'
+
+- name: 'root: Configure ssh access'
+ authorized_key:
+ user: root
+ key: '{{ lookup("file", lookup("env", "HOME") +
"/.ssh/id_rsa.pub") }}'
+ state: present
+
+- name: 'root: Disable ssh password authentication'
+ lineinfile:
+ path: /etc/ssh/sshd_config
+ regexp: '^#*\s*PermitRootLogin\s*.*$'
+ line: 'PermitRootLogin without-password'
+ state: present
+ backup: yes
+
- name: '{{ flavor }}: Create user account'
user:
name: '{{ flavor }}'
--
2.14.3