Saltstack User Management

The recent Test team came a big wave, the most company test that must have a QA environment, Test team boss and I have a good relationship, they group many people to Linux also know very well, usually get a thing what can also do their own, Ruanmoyingpao plus recently really busy to them to configure the Jenkins and opened the QA Environment user rights, Let's say saltstack user management.

Simply a small example, recorded. For the user management module of the various functions and parameters can see the official website or source code.

Demand is such a 4 different users, unified password, home directory What's casual, this for salt, simply TM too simple

We used the pillar.

[email protected]/srv/pillar# cat user/user.slsusers:-Username:bianji bash:/bin/bash uid:1024 password: ' $ 1$ukfpoat9$j7t83r38iwranyaz/yo1t1 '-username:zhaochunyu bash:/bin/bash uid:1025 password: ' $1$ukfpoat9$j7t83 R38iwranyaz/yo1t1 '

Very simply, I defined the username UID as well as bash and password. Note that this password is hash after, MD official online write set hash What I remember, thought to use Python hashlib generated cipher string. The result is two ... This password is using OpenSSL encryption.

The generated method:

OpenSSL passwd-l

Then let you output two times the password will generate an encryption string, we paste into the inside, and then refresh the pillar data, see the state file of the wording

{% for eachuser in pillar[' users ']%} {{Eachuser.username}}: User.present:-Name: {{eachuser.username}}-uid: {{eachuser.uid}}-bash: {{each User.bash}}-Password: {{Eachuser.password}}{% endfor%}

We all know pillar is a data structure is a dict

pillar[' users ' you know.

Create the user we use the present function of the user module, this is states under the AH! It's useradd.py under the modules.

Look at the supported parameters.

153 def present (name,154              uid=none,155             gid=none,156              gid_from_name=False,157              groups=None,158              optional_groups=None,159              remove_groups=True,160              home=None,161              createhome=True,162              password=None,163              enforce_password=true,164             empty_password=false,165              shell=None,166              unique=True,167              system=False,168              fullname=None,169              roomnumber=None,170              Workphone=none,171             homephone=none ,172             date=none,173              mindays=None,174              maxdays=None,175              inactdays=None,176              Warndays=none,177             expire=none) :178      ""

According to the requirements to write to the states file, I here the need is relatively simple, so naturally did not write so many pull. The for if endif endfor in the file is Python's Jinja syntax, and I don't know much about it.

OK, let's see the results.

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/5B/EB/wKioL1UWwtOitvxOAAJrxoR7ENM906.jpg "title=" 333. PNG "alt=" wkiol1uwwtoitvxoaajrxor7enm906.jpg "/> I like Saltstack recently also in the use of SALT-API and flask to complete the company Automation platform .... Welcome to add QQ Exchange 455471484 ..... Learn from each other.

This article from "Qiu Anxiaoqiu" blog, please be sure to keep this source http://heygirl32895.blog.51cto.com/7623150/1626049

Saltstack User Management