From 2b45211ac0d9ca68c663d05a0ddd58b0dfed920e Mon Sep 17 00:00:00 2001
From: Alex Tavarez <admin@sukaato.moe>
Date: Fri, 5 Sep 2025 12:30:01 -0400
Subject: [PATCH] Removed import of task meant to be done via non-root user
 with privilege escalation

---
 .ansible/roles/lockdown/tasks/main.yml | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

diff --git a/.ansible/roles/lockdown/tasks/main.yml b/.ansible/roles/lockdown/tasks/main.yml
index 614d2d1..1d9d83c 100644
--- a/.ansible/roles/lockdown/tasks/main.yml
+++ b/.ansible/roles/lockdown/tasks/main.yml
@@ -44,7 +44,7 @@
       loop: "{{ create_users[1:] }}"
       tags:
         - other_users
-      register: created_user
+      register: created_users
 - name: Specify authorized SSH keys for users based on local public keys
   when: not files_mode and ansible_facts["user_id"] == "root"
   block:
@@ -87,7 +87,7 @@
       tags:
         - other_users
         - others_ssh
-      loop: "{{ created_user }}"
+      loop: "{{ created_users.results }}"
       register: authorized_ssh_pubkeys
 - name: Specify authorized SSH keys for users
   when: files_mode and ansible_facts["user_id"] == "root"
@@ -118,7 +118,7 @@
       tags:
         - other_users
         - others_ssh
-      loop: "{{ created_user }}"
+      loop: "{{ created_users.results }}"
       register: authorized_ssh_pubkeys
 - name: Lock down root SSH access
   when: ansible_facts["user_id"] == "root"
@@ -154,7 +154,4 @@
   tags:
     - default
     - deroot
-  notify: "restart ssh"
-- name: Import disabling of shell root by sys-admin user
-  ansible.builtin.import_tasks:
-    file: ./deshell.yml
\ No newline at end of file
+  notify: "restart ssh"
\ No newline at end of file