Skip to content

Commit 1d48b0d

Browse files
author
Sebastian Gumprich
committed
change shadow owner in debian systems
1 parent 987a333 commit 1d48b0d

File tree

4 files changed

+24
-8
lines changed

4 files changed

+24
-8
lines changed

defaults/main.yml

Lines changed: 0 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -18,14 +18,6 @@ os_auth_sys_uid_max: 999
1818
os_auth_sys_gid_min: 100
1919
os_auth_sys_gid_max: 999
2020

21-
# Different distros use different standards for /etc/shadow perms, e.g.
22-
# RHEL derivatives use root:root 0600, whereas Debian-based use root:shadow 0640.
23-
# You must provide key/value pairs for owner, group, and mode if overriding.
24-
os_shadow_perms:
25-
owner: root
26-
group: root
27-
mode: "0600"
28-
2921
os_chfn_restrict: ''
3022
# may contain: change_user
3123
os_security_users_allow: []

vars/Debian.yml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,3 +4,11 @@ os_packages_pam_cracklib: 'libpam-cracklib'
44
passwdqc_path: '/usr/share/pam-configs/passwdqc'
55
tally2_path: '/usr/share/pam-configs/tally2'
66
os_nologin_shell_path: '/usr/sbin/nologin'
7+
8+
# Different distros use different standards for /etc/shadow perms, e.g.
9+
# RHEL derivatives use root:root 0600, whereas Debian-based use root:shadow 0640.
10+
# You must provide key/value pairs for owner, group, and mode if overriding.
11+
os_shadow_perms:
12+
owner: root
13+
group: shadow
14+
mode: "0640"

vars/Oracle Linux.yml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,3 +2,11 @@ os_packages_pam_ccreds: 'pam_ccreds'
22
os_packages_pam_passwdqc: 'pam_passwdqc'
33
os_packages_pam_cracklib: 'pam_cracklib'
44
os_nologin_shell_path: '/sbin/nologin'
5+
6+
# Different distros use different standards for /etc/shadow perms, e.g.
7+
# RHEL derivatives use root:root 0600, whereas Debian-based use root:shadow 0640.
8+
# You must provide key/value pairs for owner, group, and mode if overriding.
9+
os_shadow_perms:
10+
owner: root
11+
group: root
12+
mode: "0600"

vars/RedHat.yml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,3 +2,11 @@ os_packages_pam_ccreds: 'pam_ccreds'
22
os_packages_pam_passwdqc: 'pam_passwdqc'
33
os_packages_pam_cracklib: 'pam_cracklib'
44
os_nologin_shell_path: '/sbin/nologin'
5+
6+
# Different distros use different standards for /etc/shadow perms, e.g.
7+
# RHEL derivatives use root:root 0600, whereas Debian-based use root:shadow 0640.
8+
# You must provide key/value pairs for owner, group, and mode if overriding.
9+
os_shadow_perms:
10+
owner: root
11+
group: root
12+
mode: "0600"

0 commit comments

Comments
 (0)