【发布时间】:2016-12-27 19:08:46
【问题描述】:
我正在尝试在运行 ubuntu-16.04 Xenial 的 vagrant 虚拟机上创建一个新用户 deployer。用户创建似乎工作(用户名添加到/etc/passwd)
$ cat /etc/passwd | grep deployer
deployer1:x:1001:1001::/home/deployer1:/bin/bash
deployer2:x:1002:1003::/home/deployer2:
deployer1000:x:1003:1004::/home/deployer1000:/bin/bash
deployershell:x:1004:1005::/home/deployershell:/bin/bash
但是我无法通过ssh直接登录:
$ ssh deployer@local-box-2
deployer@local-box-2's password:
Permission denied, please try again.
deployer@local-box-2's password:
Permission denied, please try again.
在与现有用户 vagrant 进行 ssh-ing 后,也不通过 su deployer:
vagrant@local-box-2:~$ su deployer
Password:
su: Authentication failure
我尝试使用 ad-hoc ansible 命令创建用户:
$ ansible all -m user -a 'name=deployer group=admin update_password=always password=rawpass2 state=present shell=/bin/bash force=yes' -u vagrant -b -vvvv
local-box-2 | SUCCESS => {
"append": false,
"changed": true,
"comment": "",
"group": 1001,
"home": "/home/deployer",
"invocation": {
"module_args": {
"append": false,
"comment": null,
"createhome": true,
"expires": null,
"force": true,
"generate_ssh_key": null,
"group": "admin",
"groups": null,
"home": null,
"login_class": null,
"move_home": false,
"name": "deployer1",
"non_unique": false,
"password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"remove": false,
"seuser": null,
"shell": "/bin/bash",
"skeleton": null,
"ssh_key_bits": 0,
"ssh_key_comment": "ansible-generated on local-box-2",
"ssh_key_file": null,
"ssh_key_passphrase": null,
"ssh_key_type": "rsa",
"state": "present",
"system": false,
"uid": null,
"update_password": "always"
},
"module_name": "user"
},
"move_home": false,
"name": "deployer",
"password": "NOT_LOGGING_PASSWORD",
"shell": "/bin/bash",
"state": "present",
"uid": 1001
}
并通过运行剧本
$ ansible-playbook local-box.yml
- name: Add 'deployer' user
hosts: local-box-2
gather_facts: false
remote_user: vagrant
become: true
become_method: sudo
become_user: root
tasks:
- remote_user: vagrant
become: true
become_method: sudo
become_user: root
group:
name: admin
state: present
- remote_user: vagrant
become: true
become_method: sudo
become_user: root
user:
name: deployer
groups: admin
append: yes
shell: /bin/bash
password: rawpass2
state: present
同样,两者都创建用户,但显然他们都没有设置密码。
你的原因可能是什么?
后期编辑:
显然,如果我将原始密码传递给散列过滤器,那么我将能够使用(未散列的)原始密码登录。我想解释一下为什么会这样。
password: "{{ 'rawpass2' | password_hash('sha512') }}"
注意: answer 给了我尝试使用过滤器的想法。
【问题讨论】:
-
那么这里的问题是什么? Ansible 文档清楚地说明了要求。 docs.ansible.com/ansible/user_module.html 并给出docs.ansible.com/ansible/…
标签: vagrant ansible ansible-playbook ubuntu-16.04 ansible-2.x