Example 3: Update passwords by passwordstore
Update passwords of users at host test_01. New passwords will be
created by the pass
utility and will be stored in
passwordstore
. Use the same playbook and variables as in
Example 1. Remove the attributes userpass
from the variable
lp_users. The only required attribute is the name
of the user.
shell> cat host_vars/test_01/lp-users.yml
lp_users:
- name: user1
- name: user2
Update the passwords
shell> ansible-playbook lp.yml -t lp_passwords \
-e lp_passwordstore_create=True \
-e lp_passwordstore_overwrite=True
...
TASK [vbotka.linux_postinstall : users: Manage user accounts] **********
changed: [test_01] => (item=user1)
changed: [test_01] => (item=user2)
The command is idempotent
shell> ansible-playbook lp.yml -t lp_passwords
...
PLAY RECAP *************************************************************
test_01: ok=18 changed=0 unreachable=0 failed=0 skipped=20 rescued=0 ...
Show the passwords stored in passwordstore at the controller
shell> pass test_01
test_01
├── user1
└── user2
shell> pass test_01/user1
A,5bH5NtdYQ9FCO:
lookup_pass: First generated by ansible on 01/07/2020 16:59:00
shell> pass test_01/user2
gUp-cn5C.cse6Cx0
lookup_pass: First generated by ansible on 01/07/2020 16:59:00
See the passwordstore log at the controller git log
and test the
new passwords at test_01.