users Package

users Package

Roles in this namespace are meant to enable user management in Debian distributions.

ssh Module

Roles in this namespace are meant to provide SSH keygen utilities for Debian distributions.

class provy.more.debian.users.ssh.SSHRole(prov, context)[source]

Bases: provy.core.roles.Role

This role provides SSH keygen utilities for Debian distributions.

Example:

from provy.core import Role
from provy.more.debian import SSHRole

class MySampleRole(Role):
    def provision(self):
        with self.using(SSHRole) as role:
            role.ensure_ssh_key(user='someuser', private_key_file="private-key")
ensure_ssh_key(user, private_key_file)[source]

Ensures that the specified private ssh key is present in the remote server. Also creates the public key for this private key.

The private key file must be a template and be accessible to the Role.render method.

Parameters:
  • user (str) – Owner of the keys.
  • private_key_file (str) – Template file for the private key.

Example:

from provy.core import Role
from provy.more.debian import SSHRole

class MySampleRole(Role):
    def provision(self):
        with self.using(SSHRole) as role:
            role.ensure_ssh_key(user='someuser', private_key_file="private-key")

user Module

Roles in this namespace are meant to provide user management operations for Debian distributions.

class provy.more.debian.users.user.UserRole(prov, context)[source]

Bases: provy.core.roles.Role

This role provides many utility methods for user management operations within Debian distributions.

Example:

from provy.core import Role
from provy.more.debian import UserRole

class MySampleRole(Role):
    def provision(self):
        with self.using(UserRole) as role:
            role.ensure_user('myuser', identified_by='mypass', is_admin=True)
ensure_group(group_name, group_id=None)[source]

Ensures that a given user group is present in the remote server.

Parameters:
  • group_name (str) – Name of the group to create.
  • group_id (int) – GID of the group. Defaults to None, which assigns the next available GID.

Example:

from provy.core import Role
from provy.more.debian import UserRole

class MySampleRole(Role):
    def provision(self):
        with self.using(UserRole) as role:
            role.ensure_group('users-group')
ensure_user(username, identified_by=None, home_folder=None, default_script='/bin/bash', groups=[], is_admin=False, password_encrypted=False)[source]

Ensures that a given user is present in the remote server.

Parameters:
  • username (str) – Name of the user.
  • identified_by (str) – Password that the user will use to login to the remote server. If set to None, the user will not have a password.
  • home_folder (str) – Specifies the user’s home folder. Defaults to /home/<username>.
  • default_script (str) – Sets the user’s default script, the one that will execute commands per default when logging in. Defaults to /bin/sh.
  • groups (iterable) – Groups that this user belongs to. If the groups do not exist they are created prior to user creation. Defaults to the name of the user.
  • is_admin (bool) – If set to True the user is added to the ‘admin’ (or ‘sudo’ if provisioning to Ubuntu) user group as well. Defaults to False.
  • password_encrypted (bool) – If set to True password is considered to be in ecrypted form (as found in /etc/shadow). To generate encrypted form of password you may use provy.more.debian.users.passwd_utils.hash_password_function(). defaults to False

Example:

from provy.core import Role
from provy.more.debian import UserRole

class MySampleRole(Role):
    def provision(self):
        with self.using(UserRole) as role:
            role.ensure_user('myuser', identified_by='mypass', is_admin=True)
ensure_user_groups(username, groups=[])[source]
group_exists(group_name)[source]

Returns True if the given group exist, False otherwise.

Parameters:group_name (str) – Name of the group to verify.
Returns:Whether the group exists or not.
Return type:bool

Example:

class MySampleRole(Role):
    def provision(self):
        with self.using(UserRole) as role:
            if role.group_exists('usersgroup'):
                pass
set_user_password(username, password, encrypted=False)[source]

Sets user password.

Parameters:
  • username (str) – Name of user for which to update password
  • password (str) – Password to set
  • encrypted (bool) – If True it meas that password is encrypted, (that is in hashed format), else it means password is in plaintext.
user_exists(username)[source]

Returns True if the given user exist, False otherwise.

Parameters:username (str) – Name of the user to verify.
Returns:Whether the user exists or not.
Return type:bool

Example:

class MySampleRole(Role):
    def provision(self):
        with self.using(UserRole) as role:
            if role.user_exists('myuser'):
                pass
user_in_group(username, group_name)[source]

Returns True if the given user is in the given group, False otherwise.

Parameters:
  • username (str) – Name of the user to verify.
  • group_name (str) – Name of the group to verify.
Returns:

Whether the user pertains to the group or not.

Return type:

bool

Example:

from provy.core import Role
from provy.more.debian import UserRole

class MySampleRole(Role):
    def provision(self):
        with self.using(UserRole) as role:
            if role.user_in_group('myuser', 'mygroup'):
                pass