Verified Commit 5492d679 authored by Evangelos Foutras's avatar Evangelos Foutras 🐱
Browse files

archusers: Allow overriding users' shell setting

Useful for mail.archlinux.org where this setting doesn't matter since we
force the SSH command to passwd and zsh was removed as part of the tools
cleanup effort recently (stops shadow.service from complaining about zsh
missing).
parent dc3436a8
Pipeline #11719 passed with stage
in 35 seconds
...@@ -14,7 +14,7 @@ ...@@ -14,7 +14,7 @@
- { role: rspamd, rspamd_dkim_domain: archlinux.org, tags: ["mail"] } - { role: rspamd, rspamd_dkim_domain: archlinux.org, tags: ["mail"] }
- { role: unbound, unbound_port: 5353, tags: ["mail"] } - { role: unbound, unbound_port: 5353, tags: ["mail"] }
- { role: postfwd, tags: ['mail'] } - { role: postfwd, tags: ['mail'] }
- { role: archusers, archusers_ssh_options: 'command="/usr/bin/passwd",restrict,pty' } - { role: archusers, shell_override: '/bin/bash', archusers_ssh_options: 'command="/usr/bin/passwd",restrict,pty' }
- { role: fail2ban } - { role: fail2ban }
- { role: prometheus_exporters } - { role: prometheus_exporters }
- { role: promtail } - { role: promtail }
......
...@@ -15,7 +15,7 @@ ...@@ -15,7 +15,7 @@
group: users group: users
groups: "{{ item.value.groups | join(',') }}" groups: "{{ item.value.groups | join(',') }}"
comment: "{{ item.value.name }}" comment: "{{ item.value.name }}"
shell: "{{ item.value.shell | default('/bin/bash') }}" shell: "{{ shell_override | default(item.value.shell | default('/bin/bash')) }}"
password: "" password: ""
update_password: on_create update_password: on_create
state: present state: present
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment