diff options
author | Lars Engels <larsengels@users.noreply.github.com> | 2016-09-20 16:42:27 +0200 |
---|---|---|
committer | Brian Coca <bcoca@users.noreply.github.com> | 2016-09-20 10:42:27 -0400 |
commit | a49cd08832a4a948920297b628f6c255d5c6a498 (patch) | |
tree | 0e1a0bcbdc5611e83a2f8b08407b04f6cc0e233e | |
parent | 12a7027c49f03e969f219bab816bfb928005bacf (diff) | |
download | ansible-modules-core-a49cd08832a4a948920297b628f6c255d5c6a498.tar.gz |
Add support for password aging on Solaris (#4372)
* Add support for password aging on Solaris
* Fix shadow file editing when {MIN,MAX,WARN}WEEKS is not set in /etc/default/passwd
* Un-break with python3
* _Really_ un-break with python3
-rw-r--r-- | system/user.py | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/system/user.py b/system/user.py index 505bc3e4..9c1c9ada 100644 --- a/system/user.py +++ b/system/user.py @@ -1238,6 +1238,29 @@ class SunOS(User): distribution = None SHADOWFILE = '/etc/shadow' + def get_password_defaults(self): + # Read password aging defaults + try: + minweeks = '' + maxweeks = '' + warnweeks = '' + for line in open("/etc/default/passwd", 'r'): + line = line.strip() + if (line.startswith('#') or line == ''): + continue + key, value = line.split('=') + if key == "MINWEEKS": + minweeks = value.rstrip('\n') + elif key == "MAXWEEKS": + maxweeks = value.rstrip('\n') + elif key == "WARNWEEKS": + warnweeks = value.rstrip('\n') + except Exception: + err = get_exception() + self.module.fail_json(msg="failed to read /etc/default/passwd: %s" % str(err)) + + return (minweeks, maxweeks, warnweeks) + def remove_user(self): cmd = [self.module.get_bin_path('userdel', True)] if self.remove: @@ -1295,6 +1318,7 @@ class SunOS(User): if not self.module.check_mode: # we have to set the password by editing the /etc/shadow file if self.password is not None: + minweeks, maxweeks, warnweeks = self.get_password_defaults() try: lines = [] for line in open(self.SHADOWFILE, 'rb').readlines(): @@ -1304,6 +1328,12 @@ class SunOS(User): continue fields[1] = self.password fields[2] = str(int(time.time() / 86400)) + if minweeks: + fields[3] = str(int(minweeks) * 7) + if maxweeks: + fields[4] = str(int(maxweeks) * 7) + if warnweeks: + fields[5] = str(int(warnweeks) * 7) line = ':'.join(fields) lines.append('%s\n' % line) open(self.SHADOWFILE, 'w+').writelines(lines) @@ -1382,6 +1412,7 @@ class SunOS(User): if self.update_password == 'always' and self.password is not None and info[1] != self.password: (rc, out, err) = (0, '', '') if not self.module.check_mode: + minweeks, maxweeks, warnweeks = self.get_password_defaults() try: lines = [] for line in open(self.SHADOWFILE, 'rb').readlines(): @@ -1391,6 +1422,12 @@ class SunOS(User): continue fields[1] = self.password fields[2] = str(int(time.time() / 86400)) + if minweeks: + fields[3] = str(int(minweeks) * 7) + if maxweeks: + fields[4] = str(int(maxweeks) * 7) + if warnweeks: + fields[5] = str(int(warnweeks) * 7) line = ':'.join(fields) lines.append('%s\n' % line) open(self.SHADOWFILE, 'w+').writelines(lines) |