From 9f71b2eebe33ce602f29b86830a62568e6386624 Mon Sep 17 00:00:00 2001
From: Adar Nimrod <nimrod@shore.co.il>
Date: Sun, 16 Apr 2017 18:49:28 +0300
Subject: [PATCH] - Better handling of not removing the nobody user.

---
 tasks/prune.yml | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/tasks/prune.yml b/tasks/prune.yml
index 56e4e7f..1c9f804 100644
--- a/tasks/prune.yml
+++ b/tasks/prune.yml
@@ -10,9 +10,13 @@
   command: whoami
   register: users_whoami
 
+- name: Get the nobody uid
+  command: id -u nobody
+  register: users_nobody_uid
+
 - name: Prune users
-  with_items: '{{ getent_passwd|difference(users_unique_names) }}'
-  when: getent_passwd[item][2]|int > 999 and getent_passwd[item][2]|int != 65534 and item != users_whoami.stdout.strip()
+  with_items: '{{ getent_passwd|difference(users_unique_names)|difference(["nobody", users_whoami.stdout.strip()]) }}'
+  when: getent_passwd[item][2]|int > 999 and getent_passwd[item][2] != users_nobody_uid.stdout.strip() # Actual, non-system users.
   user:
       name: '{{ item }}'
       state: absent
-- 
GitLab