From b1c40430acc562ff56f453cd427a32a647808909 Mon Sep 17 00:00:00 2001
From: David Galloway <dgallowa@redhat.com>
Date: Tue, 23 Aug 2016 18:56:58 -0400
Subject: [PATCH] users: Leave managed_admin_users' other group memberships
 alone

This change is mainly so the users role can be run on vps_hosts.

Previously, in order to update the ubuntu user's authorized_keys on
vps_hosts, the testnodes role had to be run which caused ubuntu to be
removed from the libvirtd group.

The ubuntu user is in managed_admin_users on vps_hosts so this will
ensure the user is added to sudo and left in the libvirtd group.

managed_users, on the other hand, we want to make sure are only in
groups we specify so the "Create all users without sudo access." task is
left as-is (without append: yes).

Signed-off-by: David Galloway <dgallowa@redhat.com>
---
 roles/users/tasks/create_users.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/users/tasks/create_users.yml b/roles/users/tasks/create_users.yml
index 4b94808..cd4567b 100644
--- a/roles/users/tasks/create_users.yml
+++ b/roles/users/tasks/create_users.yml
@@ -13,6 +13,7 @@
     groups: sudo
     shell: /bin/bash
     state: present
+    append: yes
   with_items: "{{ managed_admin_users }}"
 
 - name: Create all users without sudo access.
-- 
2.39.5