in cmd/core_plugin/metadatasshkey/metadatasshkey_linux.go [56:87]
func defaultDeprovisionUnusedUsers(ctx context.Context, config *cfg.Sections, activeUsers userKeyMap) []error {
googleUsers, err := listGoogleUsers(ctx)
if err != nil {
return []error{fmt.Errorf("could not determine which users are unused, failed to list google users: %w", err)}
}
var errs []error
for _, guser := range googleUsers {
if _, ok := activeUsers[guser]; ok || guser == "" {
continue
}
guserAccount, err := accounts.FindUser(ctx, guser)
if err != nil {
errs = append(errs, fmt.Errorf("not deprovisioning unused user %q, could not find local account: %w", guser, err))
continue
}
if config.Accounts.DeprovisionRemove {
if err := accounts.DelUser(ctx, guserAccount); err != nil {
errs = append(errs, fmt.Errorf("error removing user account %s from system: %w", guser, err))
}
continue
}
if err := updateSSHKeys(ctx, guserAccount, nil); err != nil {
errs = append(errs, fmt.Errorf("failed to remove user %s's ssh keys: %w", guser, err))
continue
}
if err := accounts.RemoveUserFromGroup(ctx, guserAccount, supplementalGroups[googleSudoersGroup]); err != nil {
errs = append(errs, fmt.Errorf("failed to remove user %s from %s: %w", guser, googleSudoersGroup, err))
continue
}
}
return errs
}