bashshellubuntuansible

Creating a new user and password with Ansible


I have an ansible task which creates a new user on ubuntu 12.04;

- name: Add deployment user
    action: user name=deployer password=mypassword

it completes as expected but when I login as that user and try to sudo with the password I set it always says it's incorrect. What am I doing wrong?


Solution

  • If you read Ansible's manual for user module, it'll direct you to the Ansible-examples github repo for details how to use password parameter.

    There you'll see that your password must be hashed.

    - hosts: all
      user: root
      vars:
        # created with:
        # python -c 'import crypt; print crypt.crypt("This is my Password", "$1$SomeSalt$")'
        password: $1$SomeSalt$UqddPX3r4kH3UL5jq5/ZI.
    
      tasks:
        - user: name=tset password={{password}}
    

    If your playbook or ansible command line has your password as-is in plain text, this means your password hash recorded in your shadow file is wrong. That means when you try to authenticate with your password its hash will never match.

    Additionally, see Ansible FAQ regarding some nuances of password parameter and how to correctly use it.