Disable creation of root user

[apiening]

I have the root user in my users: variable and weareinteractive.users fails for obvious reasons:

weareinteractive.users : Adding user 'root' to the system
usermod: user root is currently used by process 1

Is there an option to disable the creation of a specific user?

[franklinkim]

Hi, I added a check so that the root user is being ignored.

[j8r]

That's not a great fix, because it also ignore configuring the root home directory.
I would say having a new options, like a user_create boolean in a when for the task https://github.com/weareinteractive/ansible-users/blob/master/tasks/manage_user.yml#L3

Also, if you don't want to manage the root user at all: do not list it in the first place in users?

[apiening]

Hi @j8r,

I agree that this is not an optimal solution.

Not listing the root user in the users list is not an option, when this list does also feed other playbooks.

I submitted a PR that enables to choose whether the user and / or home should be created on a per user basis: #47

In the discussion of the PR I also provided a use case where another role references the users variable to setup additional things.

[j8r]

Agree @apiening , your PR is exactly what I would done.
@franklinkim can you reconsider it? This can also happen to other users, like admin on Debian/Ubuntu.

That's indeed a not uncommon practice to modify the root dotfiles, like the .bashrc, aliases etc, for example to have a`red warning prompt in production, or providing useful aliases/commands.

[zen]

I agree with above, I'm also managing some of the root dotfiles for the same reason.
Since other user roles are not maintained, you are our only hope @franklinkim :)

[franklinkim]

Since this seems to be a wanted feature, let's take another look.

[franklinkim]

Would 038d8c0 work for you all?

You would need to define some variables for the root user though in order to work:

- hosts: all
  become: yes
  roles:
    - weareinteractive.users
  vars:
    users:
      - username: root
        # don't create the user
        user_create: no
        # define root's home directory
        home: /root
        # override group in case you used users_group
        group: root

[j8r]

@franklinkim Yes, but to make it works it also means to revert 55d3c48
I suggest to reopen #47.

There are other options, but this one is the simplest and most flexible implementation (e.g. one may want to change the root's password or SSH keys.)

[franklinkim]

@j8r picked the wrong commit hash. Take a look at the diff.

[apiening]

@franklinkim Thank you very much for reconsidering this.
This diff looks pretty much like my PR #47 so it looks good to me.

[j8r]

Ok for me too, thanks @franklinkim, that's a great little change 👍