0

I have a linux user with various folders and files in their home:

User: foo
/home/foo/somefolder

I want to rename this user and move their home directory to end up with:

User: bar
/home/bar/somefolder

I would do this by hand with

sudo usermod --login new_username old_username

Followed by

sudo usermod --home /home/new_username --move-home new_username

Can I create an Ansible role to do this for me?

In Ansible's user module I can find:

home        Optionally set the user's home directory.
move_home   If set to yes when used with home=, attempt to move the user's old home directory to the specified directory if it isn't there already and the old home exists.

This sounds like a modify is intended, but how do specify the rename itself?

Worp
  • 287
  • 1
  • 4
  • 15
  • The move_home is intended for use when changing the location of an existing user. Renaming a user is not something that occurs often so no module exists for that; best just to do that via the shell module. – wurtel May 06 '19 at 12:19
  • Best and easy way will be create new user and sync files if need any and delete/disable the old user. Reason for not recommending rename user is complexity. – asktyagi May 07 '19 at 05:18

1 Answers1

1

I came up with a quick ansible playbook when I had to rename a user on a few systems myself. The playbook does the following:

  1. Adds a ssh key to the root user (as the old user)
  2. Modifies the sshd so that root can login (as the old user)
  3. Kills all running processes by the user (as root)
  4. Moves the home directory (as root)
  5. Renames the user (as root)
  6. Restores the old sshd config (as root)

There are three variables to set, one for the old username, one for the new username and one for the ssh key to add to root.

---
- name: "Rename user"
  hosts: all
  become: true
  gather_facts: no
  ignore_errors: true
  vars:
    ssh_key: "{{ lookup('file', lookup('env','HOME') + '/.ssh/id_ed25519.pub') }}"
    old_username: john
    new_username: johnny

  handlers:
    - name: restart sshd
      service:
        name: ssh
        state: restarted

  tasks:
    - name: Install ssh key for root access
      authorized_key:
        user: root
        key: "{{ ssh_key }}"
        state: present
      remote_user: "{{ old_username }}"

    - name: Make sure root can ssh in
      lineinfile:
        dest: /etc/ssh/sshd_config
        backup: yes
        regexp: "^PermitRootLogin"
        line: "PermitRootLogin prohibit-password"
        state: present
      remote_user: "{{ old_username }}"
      register: sshd_config
      notify: restart sshd

    - name: Kill processes by user
      shell: "pkill -u {{ old_username }}"
      remote_user: root
      ignore_errors: true

    - name: Move home directory
      user:
        name: "{{ old_username }}"
        home: "/home/{{ new_username }}"
        move_home: yes
      remote_user: root

    - name: Rename user
      command: "usermod --login {{ new_username }} {{ old_username }}"
      remote_user: root
      ignore_errors: true

    - name: Restore sshd config
      copy:
        remote_src: yes
        src: "{{ sshd_config.backup }}"
        dest: /etc/ssh/sshd_config
      remote_user: root
      notify: restart sshd
gardar
  • 11
  • 1
  • Looks promising! Can't test it right now but something I noticed: Does the "rename user" task change the user's home folder in /etc/passwd as well? I'm referring to this line in /etc/passwd: `MyUser:x:1003:1003::/home/MyUser:/bin/bash`. `/home/myUser` would need to be changed from `/home/oldusername` to `/home/newusername`. Unless the rename task takes care of that implicity? – Worp Mar 18 '20 at 11:26