The recent Test team came a big wave, the most company test that must have a QA environment, Test team boss and I have a good relationship, they group many people to Linux also know very well, usually get a thing what can also do their own, Ruanmoyingpao plus recently really busy to them to configure the Jenkins and opened the QA Environment user rights, Let's say saltstack user management.
Simply a small example, recorded. For the user management module of the various functions and parameters can see the official website or source code.
Demand is such a 4 different users, unified password, home directory What's casual, this for salt, simply TM too simple
We used the pillar.
[email protected]/srv/pillar# cat user/user.slsusers:-Username:bianji bash:/bin/bash uid:1024 password: ' $ 1$ukfpoat9$j7t83r38iwranyaz/yo1t1 '-username:zhaochunyu bash:/bin/bash uid:1025 password: ' $1$ukfpoat9$j7t83 R38iwranyaz/yo1t1 '
Very simply, I defined the username UID as well as bash and password. Note that this password is hash after, MD official online write set hash What I remember, thought to use Python hashlib generated cipher string. The result is two ... This password is using OpenSSL encryption.
The generated method:
OpenSSL passwd-l
Then let you output two times the password will generate an encryption string, we paste into the inside, and then refresh the pillar data, see the state file of the wording
{% for eachuser in pillar[' users ']%} {{Eachuser.username}}: User.present:-Name: {{eachuser.username}}-uid: {{eachuser.uid}}-bash: {{each User.bash}}-Password: {{Eachuser.password}}{% endfor%}
We all know pillar is a data structure is a dict
pillar[' users ' you know.
Create the user we use the present function of the user module, this is states under the AH! It's useradd.py under the modules.
Look at the supported parameters.
153 def present (name,154 uid=none,155 gid=none,156 gid_from_name=False,157 groups=None,158 optional_groups=None,159 remove_groups=True,160 home=None,161 createhome=True,162 password=None,163 enforce_password=true,164 empty_password=false,165 shell=None,166 unique=True,167 system=False,168 fullname=None,169 roomnumber=None,170 Workphone=none,171 homephone=none ,172 date=none,173 mindays=None,174 maxdays=None,175 inactdays=None,176 Warndays=none,177 expire=none) :178 ""
According to the requirements to write to the states file, I here the need is relatively simple, so naturally did not write so many pull. The for if endif endfor in the file is Python's Jinja syntax, and I don't know much about it.
OK, let's see the results.
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/5B/EB/wKioL1UWwtOitvxOAAJrxoR7ENM906.jpg "title=" 333. PNG "alt=" wkiol1uwwtoitvxoaajrxor7enm906.jpg "/> I like Saltstack recently also in the use of SALT-API and flask to complete the company Automation platform .... Welcome to add QQ Exchange 455471484 ..... Learn from each other.
This article from "Qiu Anxiaoqiu" blog, please be sure to keep this source http://heygirl32895.blog.51cto.com/7623150/1626049
Saltstack User Management