How can I add a user to additional groups with Ansible? For example, I would like to add a user to the sudo group without replacing the user's existing set of groups.
Asked
Active
Viewed 1.6e+01k times
104
user2514157
- 103
vdboor
- 3,940
3 Answers
151
If {{ user }} already exists in the system, you should use the following to just add it to a group:
- name: adding existing user '{{ user }}' to group sudo
user:
name: '{{ user }}'
groups: sudo
append: yes
To add it to a set of groups, you can use a comma separated list, for example groups: admin,sudo.
Just beware that if you omit append: yes, your user will be removed from all other groups, according to the usermod man page. That would useful if you want to use a specific list of groups a user should belong to.
admirabilis
- 1,735
76
According to the User module you can use this:
- name: Adding user {{ user }}
user: name={{ user }}
group={{ user }}
shell=/bin/bash
password=${password}
groups=sudo
append=yes
You can just add the groups=groupname and append=yes to add them to an existing user when you're creating them
25
Please note that {{ user }} was changed to {{ ansible_user }} in recent Ansible versions (https://github.com/ansible/ansible/blob/c600ab81ee/lib/ansible/playbook/play_context.py#L46-L55). Alternatively, you can also use ansible_ssh_user - it's the same. So, the updated code from admirabilis looks like:
- name: adding existing user "{{ ansible_user }}" to group sudo
user:
name: "{{ ansible_user }}"
groups: sudo
append: yes
become: yes
More fixes:
- Use double quotes so the variable expands
- Add
become: yessince it needs administrative privileges to change the groups file
tinlyx
- 129
- 1
- 8
