From a295a887a71f2cfd1dfd4136b591bb69fd94b9de Mon Sep 17 00:00:00 2001
From: A Holt <holta@users.noreply.github.com>
Date: Wed, 14 Oct 2020 21:16:53 -0400
Subject: [PATCH] Update local_vars_big.yml

---
 vars/local_vars_big.yml | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/vars/local_vars_big.yml b/vars/local_vars_big.yml
index 5b7eb39e7..e79400196 100644
--- a/vars/local_vars_big.yml
+++ b/vars/local_vars_big.yml
@@ -22,18 +22,18 @@ language_priority: en es fr
 # Real-time clock: set RTC chip family here.  Future auto-detection plausible?
 # rtc_id: ds3231
 
-# Please read more about the 'iiab-admin' Linux user and group, which allow
-# you to log in to IIAB's Admin Console (http://box.lan/admin):
+# Please read more about the 'iiab-admin' Linux user, for login to IIAB's
+# Admin Console (http://box.lan/admin) AND to help you at the command-line:
 # https://github.com/iiab/iiab/tree/master/roles/iiab-admin
 # https://github.com/iiab/iiab-admin-console/blob/master/Authentication.md
+#
+iiab_admin_user: iiab-admin    # Some prefer to reuse 'pi' or 'ubuntu' etc.
 # Set iiab_admin_user_install: False if you don't want iiab_admin_user auto-
-# created e.g. by IIAB's 1-line installer and roles/iiab-admin/tasks/main.yml
+# configured e.g. by IIAB's 1-line installer & roles/iiab-admin/tasks/main.yml
 iiab_admin_user_install: True
-# If iiab_admin_user_install: False, set iiab_admin_user to an existing Linux
-# user that's a member of group sudo (or group below?) for Admin Console login:
-iiab_admin_user: iiab-admin
-iiab_admin_user_group: iiab-admin    # 2020-10-13: Coming Soon?
-# Password hash to be used if Ansible creates the above user:
+iiab_admin_can_sudo: True    # For /usr/bin/iiab-* support commands.  Optional.
+
+# DEPRECATED - Password hash to override above, if Ansible creates above user:
 iiab_admin_pwd_hash: $6$xsce51$D.IrrEeLBYIuJkGDmi27pZUGOwPFp98qpl3hxMwWV4hXigFGmdSvy3s/j7tn6OnyTTLmlV7SsN0lCUAFzxSop.
 # Obtain a password hash - NEW MORE SECURE WAY:
 #    python3 -c 'import crypt; print(crypt.crypt("<plaintext>", crypt.mksalt(crypt.METHOD_SHA512)))'