From e82695cea6a883aececc26556317458129a42fe5 Mon Sep 17 00:00:00 2001 From: Adar Nimrod <nimrod@shore.co.il> Date: Sun, 16 Apr 2017 11:58:20 +0300 Subject: [PATCH] - Truely detect the user used for login with Ansible and don't remove it. --- tasks/prune.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/tasks/prune.yml b/tasks/prune.yml index 4b8c57e..aa88f5d 100644 --- a/tasks/prune.yml +++ b/tasks/prune.yml @@ -4,11 +4,14 @@ getent: database: passwd +- name: Get login user + become: False + command: whoami + register: users_whoami + - name: Prune users with_items: '{{ getent_passwd|difference(users_unique_names) }}' - when: getent_passwd[item][2]|int > 999 and getent_passwd[item][2]|int != 65534 + when: getent_passwd[item][2]|int > 999 and getent_passwd[item][2]|int != 65534 and item != users_whoami.stdout.strip() user: name: '{{ item }}' state: absent - register: users_prune_users - failed_when: users_prune_users|failed and not 'is currently used' in users_prune_users.msg and not 'is currently logged in' in users_prune_users.msg -- GitLab