diff --git a/pillar.example b/pillar.example index 14cdc9e..61ad153 100644 --- a/pillar.example +++ b/pillar.example @@ -99,6 +99,7 @@ users: 33333333 44444444 55555555 + uid: 1001 user_files: enabled: True diff --git a/users/init.sls b/users/init.sls index e2af37f..a2270f2 100644 --- a/users/init.sls +++ b/users/init.sls @@ -48,9 +48,11 @@ include: {% for group in user.get('groups', []) %} users_{{ name }}_{{ group }}_group: - group: + group.present: - name: {{ group }} - - present + {% if group == 'sudo' %} + - system: True + {% endif %} {% endfor %} users_{{ name }}_user: @@ -111,7 +113,17 @@ users_{{ name }}_user: - createhome: False {% endif %} {% if 'expire' in user -%} + {% if grains['kernel'].endswith('BSD') and + user['expire'] < 157766400 %} + {# 157762800s since epoch equals 01 Jan 1975 00:00:00 UTC #} + - expire: {{ user['expire'] * 86400 }} + {% elif grains['kernel'] == 'Linux' and + user['expire'] > 84006 %} + {# 2932896 days since epoch equals 9999-12-31 #} + - expire: {{ (user['expire'] / 86400) | int}} + {% else %} - expire: {{ user['expire'] }} + {% endif %} {% endif -%} - remove_groups: {{ user.get('remove_groups', 'False') }} - groups: @@ -183,7 +195,7 @@ users_authorized_keys_{{ name }}: file.managed: - name: {{ home }}/.ssh/authorized_keys - user: {{ name }} - - group: {{ name }} + - group: {{ user_group }} - mode: 600 {% if 'ssh_auth_file' in user %} - contents: | diff --git a/users/sudo.sls b/users/sudo.sls index 2953ad2..092d004 100644 --- a/users/sudo.sls +++ b/users/sudo.sls @@ -6,16 +6,10 @@ users_bash-package: pkg.installed: - name: {{ users.bash_package }} -users_sudo-group: - group.present: - - name: sudo - - system: True - users_sudo-package: pkg.installed: - name: {{ users.sudo_package }} - require: - - group: users_sudo-group - file: {{ users.sudoers_dir }} users_{{ users.sudoers_dir }}: