Detect and remove any user accounts that are not explicitly configured

caktus / tequila-common

Ansible role for setting up users, keys, directories, and a firewall for a Django server

BSD 3-Clause "New" or "Revised" License

1 stars 1 forks source link

Detect and remove any user accounts that are not explicitly configured #8

Closed jbradberry closed 6 years ago

jbradberry commented 6 years ago

These are accounts that have a directory under /home, are listed in /etc/passwd, and are not configured in either of users or unmanaged_users.

The new unmanaged_users variable does not create the accounts listed, merely prevents them from being purged, to be used for special case or legacy accounts that should not be removed.

TEQ-27 and SEC-87

fixes #7