RedHat Exam EX294 Topic 7 Question 23 Discussion

Actual exam question for RedHat's EX294 exam

Question #: 23
Topic #: 7

[All EX294 Questions]

Create user accounts

------------------------

--> A list of users to be created can be found in the file called user_list.yml

which you should download from http://classroom.example.com/user_list.yml and

save to /home/admin/ansible/

--> Using the password vault created elsewhere in this exam, create a playbook called

create_user.yml

that creates user accounts as follows:

--> Users with a job description of developer should be:

--> created on managed nodes in the "dev" and "test" host groups assigned the

password from the "dev_pass"

variable and these user should be member of supplementary group "devops".

--> Users with a job description of manager should be:

--> created on managed nodes in the "prod" host group assigned the password from

the "mgr_pass" variable

and these user should be member of supplementary group "opsmgr"

--> Passwords should use the "SHA512" hash format. Your playbook should work using

the vault password file

created elsewhere in this exam.

while practising you to create these file hear. But in exam have to download as per

questation.

user_list.yml file consist:

---

user:

- name: user1

job: developer

- name: user2

job: manager

AExplanation:
Solution as:
# pwd
/home/admin/ansible
# wget http://classroom.example.com/user_list.yml
# cat user_list.yml
# vim create_user.yml
---
- name:
hosts: all
vars_files:
- ./user_list.yml
- ./vault.yml
tasks:
- name: creating groups
group:
name: '{{ item }}'
state: present
loop:
- devops
- opsmgr
- name: creating user
user:
name: '{{ item.name }}'
state: present
groups: devops
password: '{{ dev_pass|password_hash ('sha512') }}'
loop: '{{ user }}'
when: (inventory_hostname in groups['dev'] or inventory_hostname in
groups['test']) and item.job == 'developer'
- name: creating user
user:
name: '{{ item.name }}'
state: present
groups: opsmgr
password: '{{ mgr_pass|password_hash ('sha512') }}'
loop: '{{ user }}'
when: inventory_hostname in groups['prod'] and item.job == 'manager'
:wq!
# ansible-playbook create_user.yml ---vault-password-file=password.txt ---syntax-check
# ansible-playbook create_user.yml ---vault-password-file=password.txt

Show Suggested Answer

Suggested Answer: A

by Penney at Feb 27, 2023, 06:48 PM

Limited Time Offer

25%

Off

Get Premium EX294 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Vincent

10 days ago

Alright, folks, let's keep it professional. No password cracking allowed, even if it's just for funsies. Let's focus on getting those user accounts created correctly.

upvoted 0 times

...

Chaya

12 days ago

Ooh, managed nodes in different host groups, that's a nice touch. Gotta make sure the playbook is targeting the right hosts for each user type. Time to start coding!

upvoted 0 times

...

Karan

13 days ago

Haha, 'SHA512' password hashing? I guess they really want to make sure those passwords are secure. Wonder if anyone's gonna try to crack the vault password just for fun.

upvoted 0 times

Rasheeda

2 days ago

Yeah, SHA512 is pretty secure. I wouldn't want to mess with that.

upvoted 0 times

...

Kimbery

22 days ago

Alright, let's see if I've got this straight. We need to download a YAML file, create a playbook that uses a password vault, and handle group membership for different types of users. Sounds like a good challenge!

upvoted 0 times

...

Jeannetta

23 days ago

Wow, this question covers a lot of ground! Creating user accounts with different permissions based on job descriptions, and using a password vault - that's some serious DevOps-y stuff.

upvoted 0 times