Tech Chorus

Creating Administrative Linux User Accounts: gavika.administrators

written by Sudheer Satyanarayana on 2019-06-10

We are pleased to announce gavika.administrators.

The Ansible role provides a declarative method to create Linux user accounts with administrative privileges. In other words, the these users have sudo access without password and are empowered to run all commands on the system.

You might be wondering, why you would need a role when you can write a couple tasks yourselves in an Ansible playbook. The reason is, Do Not Repeat Yourself(DRY ). Instead of writing such playbook tasks over and over, use the abstraction provided by the role. You just have to write some YAML declaration and be done with it. Moreover, the maintenance is outsourced to an Apache licensed open source software. The role has Molecule tests to boost your confidence.

Here's an example:

  - hosts: servers  
    vars:
      - administrators_names: ['admin01', 'admin02']
      - administrators_keys:
          - username: admin01
            key: /path/to/id_rsa_pub_admin01
    roles:
       - role: gavika.administrators

This playbook will create the users admin01 and admin02. After creating the users, sudoers configuraion is added to empower these users to run any command with sudo and without password. In addition the public key from the file /path/to/id_rsa_pub_admin01 is added to autorized_keys file of admin01 .