Handle 'groups=' (empty string) in user module (Linux)
Makes it possible to remove a user from all but the primary group. Setting 'groups=' is the equivalent to passing '-G ""' to useradd/usermod, which is interpreted as "no group" on Linux.
This commit is contained in:
parent
19f3cf45f4
commit
8f70883541
1 changed files with 27 additions and 18 deletions
45
library/user
45
library/user
|
@ -48,7 +48,9 @@ options:
|
||||||
groups:
|
groups:
|
||||||
required: false
|
required: false
|
||||||
description:
|
description:
|
||||||
- Puts the user in this comma-delimited list of groups.
|
- Puts the user in this comma-delimited list of groups. When set to
|
||||||
|
the empty string ('groups='), the user is removed from all groups
|
||||||
|
except the primary group.
|
||||||
append:
|
append:
|
||||||
required: false
|
required: false
|
||||||
description:
|
description:
|
||||||
|
@ -249,9 +251,10 @@ class User(object):
|
||||||
cmd.append(self.group)
|
cmd.append(self.group)
|
||||||
|
|
||||||
if self.groups is not None:
|
if self.groups is not None:
|
||||||
for g in self.groups.split(','):
|
if self.groups != '':
|
||||||
if not self.group_exists(g):
|
for g in self.groups.split(','):
|
||||||
self.module.fail_json(msg="Group %s does not exist" % (g))
|
if not self.group_exists(g):
|
||||||
|
self.module.fail_json(msg="Group %s does not exist" % (g))
|
||||||
cmd.append('-G')
|
cmd.append('-G')
|
||||||
cmd.append(self.groups)
|
cmd.append(self.groups)
|
||||||
|
|
||||||
|
@ -301,23 +304,29 @@ class User(object):
|
||||||
|
|
||||||
if self.groups is not None:
|
if self.groups is not None:
|
||||||
current_groups = self.user_group_membership()
|
current_groups = self.user_group_membership()
|
||||||
groups = self.groups.split(',')
|
|
||||||
for g in groups:
|
|
||||||
if not self.group_exists(g):
|
|
||||||
self.module.fail_json(msg="Group %s does not exist" % (g))
|
|
||||||
|
|
||||||
group_diff = set(sorted(current_groups)).symmetric_difference(set(sorted(groups)))
|
|
||||||
groups_need_mod = False
|
groups_need_mod = False
|
||||||
|
groups = []
|
||||||
|
|
||||||
if group_diff:
|
if self.groups == '':
|
||||||
if self.append:
|
if current_groups and not self.append:
|
||||||
for g in groups:
|
|
||||||
if g in group_diff:
|
|
||||||
cmd.append('-a')
|
|
||||||
groups_need_mod = True
|
|
||||||
break
|
|
||||||
else:
|
|
||||||
groups_need_mod = True
|
groups_need_mod = True
|
||||||
|
else:
|
||||||
|
groups = self.groups.split(',')
|
||||||
|
for g in groups:
|
||||||
|
if not self.group_exists(g):
|
||||||
|
self.module.fail_json(msg="Group %s does not exist" % (g))
|
||||||
|
|
||||||
|
group_diff = set(sorted(current_groups)).symmetric_difference(set(sorted(groups)))
|
||||||
|
|
||||||
|
if group_diff:
|
||||||
|
if self.append:
|
||||||
|
for g in groups:
|
||||||
|
if g in group_diff:
|
||||||
|
cmd.append('-a')
|
||||||
|
groups_need_mod = True
|
||||||
|
break
|
||||||
|
else:
|
||||||
|
groups_need_mod = True
|
||||||
|
|
||||||
if groups_need_mod:
|
if groups_need_mod:
|
||||||
cmd.append('-G')
|
cmd.append('-G')
|
||||||
|
|
Loading…
Reference in a new issue