diff --git a/examples/playbooks/user_commands.yml b/examples/playbooks/user_commands.yml index 4d66dd392af..07e4c167bf7 100644 --- a/examples/playbooks/user_commands.yml +++ b/examples/playbooks/user_commands.yml @@ -13,7 +13,7 @@ # Walk through account creation, modification, and deletion - name: test basic user account creation - action: user name=tset comment=TsetUser gid=100 shell=/sbin/nologin createhome=no + action: user name=tset comment=TsetUser group=100 shell=/sbin/nologin createhome=no # the following is just a simple example of how you don't have to include # the 'name' element for each task diff --git a/library/user b/library/user index 5f77cac1233..cd9d5871742 100755 --- a/library/user +++ b/library/user @@ -23,6 +23,7 @@ except ImportError: import simplejson as json import os import pwd +import grp import shlex import spwd import subprocess @@ -54,7 +55,7 @@ def add_user_info(kwargs): kwargs['state'] = 'present' info = user_info(name) kwargs['uid'] = info[2] - kwargs['gid'] = info[3] + kwargs['group'] = info[3] kwargs['comment'] = info[4] kwargs['home'] = info[5] kwargs['shell'] = info[6] @@ -84,9 +85,12 @@ def user_add(user, **kwargs): if key == 'uid' and kwargs[key] is not None: cmd.append('-u') cmd.append(kwargs[key]) - elif key == 'gid' and kwargs[key] is not None: - cmd.append('-g') - cmd.append(kwargs[key]) + elif key == 'group' and kwargs[key] is not None: + if group_exists(kwargs[key]): + cmd.append('-g') + cmd.append(kwargs[key]) + else: + fail_json(msg="Group %s does not exist" % (kwargs[key])) elif key == 'comment' and kwargs[key] is not None: cmd.append('-c') cmd.append(kwargs[key]) @@ -121,10 +125,14 @@ def user_mod(user, **kwargs): if kwargs[key] is not None and info[2] != int(kwargs[key]): cmd.append('-u') cmd.append(kwargs[key]) - elif key == 'gid': - if kwargs[key] is not None and info[3] != int(kwargs[key]): - cmd.append('-g') - cmd.append(kwargs[key]) + elif key == 'group' and kwargs[key] is not None: + if group_exists(kwargs[key]): + ginfo = group_info(group) + if info[3] != ginfo[2]: + cmd.append('-g') + cmd.append(kwargs[key]) + else: + fail_json(msg="Group %s does not exist" % (kwargs[key])) elif key == 'comment': if kwargs[key] is not None and info[4] != kwargs[key]: cmd.append('-c') @@ -152,6 +160,25 @@ def user_mod(user, **kwargs): else: return False +def group_exists(group): + try: + if group.isdigit(): + if grp.getgrgid(group): + return True + else: + if grp.getgrnam(group): + return True + except KeyError: + return False + +def group_info(group): + if not group_exists(group): + return False + if group.isdigit(): + return list(grp.getgrgid(group)) + else: + return list(grp.getgrnam(group)) + def user_exists(user): try: if pwd.getpwnam(user): @@ -204,7 +231,7 @@ for x in items: state = params.get('state','present') name = params.get('name', None) uid = params.get('uid', None) -gid = params.get('gid', None) +group = params.get('group', None) comment = params.get('comment', None) home = params.get('home', None) shell = params.get('shell', None) @@ -234,11 +261,11 @@ if state == 'absent': exit_json(name=name, changed=changed, force=force, remove=remove) elif state == 'present': if not user_exists(name): - changed = user_add(name, uid=uid, gid=gid, comment=comment, + changed = user_add(name, uid=uid, group=group, comment=comment, home=home, shell=shell, password=password, createhome=createhome) else: - changed = user_mod(name, uid=uid, gid=gid, comment=comment, + changed = user_mod(name, uid=uid, group=group, comment=comment, home=home, shell=shell, password=password) if password is not None: