Puppet Class: system_users::lock_empty_password

Defined in:
manifests/lock_empty_password.pp

Summary

Lock all user accounts with empty passwords

Overview

The ‘user_audit` fact contains a list of users with empty passwords, we use this to determine if any accounts need locking

Parameters:

  • lock_method (Any) (defaults to: '*')

    string to insert into password field to lock the account



7
8
9
10
11
12
13
14
 
# File 'manifests/lock_empty_password.pp', line 7

class system_users::lock_empty_password($lock_method = '*') {
  $users_to_lock = dig($facts, 'user_audit', 'empty_password')
  if $users_to_lock {
    user { $users_to_lock:
      password => $lock_method,
    }
  }
}