I am running a ansible-playbook template from another user, which has a task to create a new user:-
---
- name: Create the application user
user: name={{ gunicorn_user }} state=present
- name: Create the application group
group: name={{ gunicorn_group }} system=yes state=present
- name: Add the application user to the application group
user: name={{ gunicorn_user }} group={{ gunicorn_group }} state=present
Here there is no password set for this user. The new user is created in system after running the playbook. But when I try to login using the newly created user, it is asking for password?
basically, rather than logging in using the new account, my intention is to understand how/why is it asking for a password? since I did not specify a password while creating user.
I checked in /etc/passwd :-
it shows youtubeadl:x:1003:999::/home/youtubeadl:
youtubeadl
is the new user created
If you leave out the password
parameter for the user
task, Ansible will create the used in a "locked" state, meaning the user has no password. She will not be able to login with a password, use a password for sudo commands or change her password.
But since you did not provide an alternative method of login authentication (e.g. an SSH key with an additional authorized_key
task), you will still be asked for a password.
Background Info:
You can have a look at the password state youself, by looking at /etc/shadow
(which stores the password info), not /etc/passwd
(which, despite the name, stores only user account info). See https://serverfault.com/a/116511/39608 for a history of those two files.
The entry will probably look like this:
youtubeadl:!:0:0:99999:7:::
The !
in the 2nd field means the password is locked. If you issue the command
passwd -d youtubeadl
You will set the password to empty and the password state to "expired". The entry will then look like this:
youtubeadl::0:0:99999:7:::
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With