34 lines
968 B
YAML
34 lines
968 B
YAML
---
|
|
- name: Disable shell session root login
|
|
user:
|
|
name: "{{ item.username }}"
|
|
shell: /sbin/nologin
|
|
loop: "{{ roots }}"
|
|
register: root_deshelled
|
|
when: nonlogin_method == 'deshell'
|
|
tags: ['default', 'root_deshelling']
|
|
- name: Lock the root account
|
|
user:
|
|
name: "{{ item.username }}"
|
|
password_lock: yes
|
|
loop: "{{ roots }}"
|
|
register: root_locked
|
|
when: nonlogin_method == 'lock' or nonlogin_method == 'all'
|
|
tags: ['default', 'root_locking']
|
|
- name: Disable root account password
|
|
user:
|
|
name: "{{ item.username }}"
|
|
password: "*"
|
|
loop: "{{ roots }}"
|
|
register: root_closed
|
|
when: nonlogin_method == 'close'
|
|
tags: ['default', 'root_closing']
|
|
- name: Disable root account password and shell login
|
|
user:
|
|
name: "{{ item.username }}"
|
|
password: "*"
|
|
shell: /sbin/nologin
|
|
loop: "{{ roots }}"
|
|
register: root_delogged
|
|
when: nonlogin_method == 'delog' or nonlogin_method == 'all'
|
|
tags: ['default', 'root_locking'] |