본문 바로가기

퍼블릭 클라우드

[Ansible] shell, command, yum, user 모듈

반응형

Ansible shell, command, yum, user 모듈

Ansible에서 모듈 사용법

shell 모듈

$ ansible db1 -m shell -a "free -h"
db1 | CHANGED | rc=0 >>
              total        used        free      shared  buff/cache   available
Mem:           3.8G        162M        2.7G        540K        997M        3.4G
Swap:            0B          0B          0B

command 모듈

$ ansible db1 -m command -a "cat /etc/passwd"
db1 | CHANGED | rc=0 >>
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
...
ec2-user:x:1000:1000:EC2 Default User:/home/ec2-user:/bin/bash
apache:x:48:48:Apache:/usr/share/httpd:/sbin/nologin

yum 모듈

$ ansible db1 -m yum -a "name=httpd state=present"
db1 | SUCCESS => {
    "ansible_facts": {
        "pkg_mgr": "yum"
    },
    "changed": false,
    "msg": "",
    "rc": 0,
    "results": [
        "httpd-2.4.46-1.amzn2.x86_64 providing httpd is already installed"
    ]
}

user 모듈

- 패스워드 평문으로 입력

   ansible db1 -m user -b -K -a "user=a_username password=a_password"

$ ansible db1 -m user -b -K -a "user=a_username password=a_password"
BECOME password:
[WARNING]: The input password appears not to have been hashed. The 'password' argument must be encrypted for this module to work properly.
db1 | CHANGED => {
    "changed": true,
    "comment": "",
    "create_home": true,
    "group": 1001,
    "home": "/home/a_username",
    "name": "a_username",
    "password": "NOT_LOGGING_PASSWORD",
    "shell": "/bin/bash",
    "state": "present",
    "system": false,
    "uid": 1001
}

$ ansible db1 -m command -a "cat /etc/passwd" | grep a_username
a_username:x:1001:1001::/home/a_username:/bin/bash

$ cat /etc/shadow
...
a_username:a_password:18774:0:99999:7:::

- 패스워드 암호화

   ansible db1 -m user -b -K -a "user=b_username password={{'b_password'|password_hash('sha512')}}"

$ ansible db1 -m user -b -K -a "user=b_username password={{'b_password'|password_hash('sha512')}}"
BECOME password:
db1 | CHANGED => {
    "append": false,
    "changed": true,
    "comment": "",
    "group": 1002,
    "home": "/home/b_username",
    "move_home": false,
    "name": "b_username",
    "password": "NOT_LOGGING_PASSWORD",
    "shell": "/bin/bash",
    "state": "present",
    "uid": 1002
}

$ cat /etc/shadow
...
a_username:a_password:18774:0:99999:7:::
b_username:$6$HbM2JvTsgnslgrHT$hUVk06b3EamCaTRnghtSv0YZO9uUKcpoAdn8ls6SQ1:18774:0:99999:7:::

 

https://docs.ansible.com/ansible/2.8/modules/user_module.html?highlight=user 

 

user – Manage user accounts — Ansible Documentation

Docs » user – Manage user accounts You are reading an unmaintained version of the Ansible documentation. Unmaintained Ansible versions can contain unfixed security vulnerabilities (CVE). Please upgrade to a maintained version. See the latest Ansible doc

docs.ansible.com

 

 

728x90
반응형