Ensure that the named user is present with the specified properties
- name
- The name of the user to manage
- uid
- The user id to assign, if left empty then the next available user id
will be assigned
- gid
- The default group id. Also accepts group name.
- gid_from_name
- If True, the default group id will be set to the id of the group with
the same name as the user, Default is
False
.
- groups
- A list of groups to assign the user to, pass a list object. If a group
specified here does not exist on the minion, the state will fail.
If set to the empty list, the user will be removed from all groups
except the default group.
- optional_groups
- A list of groups to assign the user to, pass a list object. If a group
specified here does not exist on the minion, the state will silently
ignore it.
NOTE: If the same group is specified in both "groups" and
"optional_groups", then it will be assumed to be required and not optional.
- remove_groups
- Remove groups that the user is a member of that weren't specified in
the state, Default is
True
.
- home
- The custom login directory of user. Uses default value of underlying
system if not set. Notice that this directory does not have to exists.
This also the location of the home directory to create if createhome is
set to True.
- createhome
- If False, the home directory will not be created if it doesn't exist.
Please note that directories leading up to the home directory
will NOT be created, Default is
True
.
- password
- A password hash to set for the user. This field is only supported on
Linux, FreeBSD, NetBSD, OpenBSD, and Solaris.
Changed in version 0.16.0: BSD support added.
- enforce_password
- Set to False to keep the password from being changed if it has already
been set and the password hash differs from what is specified in the
"password" field. This option will be ignored if "password" is not
specified, Default is
True
.
- empty_password
- Set to True to enable password-less login for user, Default is
False
.
- shell
- The login shell, defaults to the system default shell
- unique
- Require a unique UID, Default is
True
.
- system
- Choose UID in the range of FIRST_SYSTEM_UID and LAST_SYSTEM_UID, Default is
False
.
- loginclass
- The login class, defaults to empty
(BSD only)
User comment field (GECOS) support (currently Linux, BSD, and MacOS
only):
The below values should be specified as strings to avoid ambiguities when
the values are loaded. (Especially the phone and room number fields which
are likely to contain numeric data)
- fullname
- The user's full name
- roomnumber
- The user's room number (not supported in MacOS)
- workphone
- The user's work phone number (not supported in MacOS)
- homephone
- The user's home phone number (not supported in MacOS)
Changed in version 2014.7.0: Shadow attribute support added.
Shadow attributes support (currently Linux only):
The below values should be specified as integers.
- date
- Date of last change of password, represented in days since epoch
(January 1, 1970).
- mindays
- The minimum number of days between password changes.
- maxdays
- The maximum number of days between password changes.
- inactdays
- The number of days after a password expires before an account is
locked.
- warndays
- Number of days prior to maxdays to warn users.
- expire
- Date that account expires, represented in days since epoch (January 1,
1970).