Question

我知道这听起来很奇怪。但是我需要在正确设置我的Playbook后删除当前用户。

我有一个更新服务器并正确配置用户和管理员的手册。我使用给定的用户成为root并设置admin我的主要sudoer。

只有在不是ansible_ssh_user或root的情况下，我才需要删除游戏手册末尾的admin？

以下解决方案不起作用

---
- hosts: all
  become: yes
  become_user: root


  tasks:
    - include_vars: secrets.yml

    - name: add admin user
      user: name={{ ADMIN_USERNAME }} password={{ ADMIN_PASSWORD | password_hash('sha512') }} shell=/bin/bash

    - name: delete current sudoer if not admin or root
      user: name={{ ansible_ssh_user }} state=absent remove=yes
      when: ({{ ansible_ssh_user }}!={{ ADMIN_USERNAME }}) or ({{ ansible_ssh_user }}!={{ ADMIN_USERNAME }})

它返回：

userdel: user admin is currently used by process 23537

Answer 1

您可以尝试运行asynchronous shell command为您完成工作。

- name: delete user
  command: sleep 10 && deluser foo
  async: 0
  poll: 0
  ignore_errors: true

在理论中，这将起作用

Answer 2

为时已晚，但是为了以后参考，我已经完成了以下两项任务：

# first change the current ssh user to the new user
- name: user | switch current user to {{ new_user }}
  set_fact:
     current_user: "{{ ansible_user }}"
     ansible_user: "{{ new_user }}"

# force remove the old user
- name: user | remove current user ({{ current_user }}) if it's not "{{ new_user }}"
  become: yes
  user:
    name: "{{ current_user }}"
    state: absent
    remove: yes
    force: yes
  when: "current_user != new_user"

如何用ansible删除当前的sudoer？

2 个答案: