- name: Set password length
shell: authconfig --passminle=8 --update
设置密码同一字符允许的最大长度
- name: Sets the maximum length allowed for the same character of the password
shell: authconfig --passmaxclassrepeat=4 --update
使密码中包含小写字母
- name: Include lowercase letters in your password
shell: authconfig --enablereqlower --update
使密码中包含大写字母
- name: Make the password contain capital letters
shell: authconfig --enablerequpper --update
使密码中包含数字
- name: To include in the password
shell: authconfig --enablereqdigit --update
使密码中包含特殊字符
- name: Causes the password to contain special characters
shell: authconfig --enablereqother --update
新密码与旧密码相同的字数不能超过6个
- name: The new password can't have more than six words as the old password
linfile:
path: /etc/security/pwquality.conf
regexp: '^difok'
line: 'difok = 6'
修改密码不能使用上次密码
- name: You cannot use your last password if you change it
linefile:
path: /etc/pam.d/system-auth-ac
regexp: '^password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok'
line: 'password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok remember=1'
- name: Setting up a common user Su
linefile:
path: /etc/pam.d/su
regexp: '^#auth required pam_wheel.so use_uid'
line: 'auth required pam_wheel.so use_uid'
开启wheel组的免密sudo
- name: Set wheel group users free of sudo
linefile:
path: /etc/sudoers
state: present
regexp: '^%wheel'
line: '%wheel ALL=(ALL) NOPASSWD: ALL'
- name: Add the user 'sauser' with a specific uid and a primary group of 'wheel'
user:
name: sauser
password: '$6$cYbg7R6j$Q4uARdTl8m9MCx5RtR64xb7yPgZDGqtTsuwU8vYsAY/XloFwnLr8ezTf5eYCmzwm7Tv32PgbtDcFh0KHMZzmh1'
uid: 2048
groups: wheel
shell: /bin/bash
createhome: yes
home: /home/sauser
state: present