diff options
author | Sergey <6213510+sshnaidm@users.noreply.github.com> | 2022-07-06 20:54:04 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-07-06 12:54:04 -0500 |
commit | bdeeaa528dbc973ce0d93c58ccbd383bebc16fd4 (patch) | |
tree | aa6793fd70e0ea419bf336c19b17e67f3630d92f | |
parent | 6468bb0cb66ac6e0148ee05c800ad1e25b51bd95 (diff) | |
download | ansible-bdeeaa528dbc973ce0d93c58ccbd383bebc16fd4.tar.gz |
Fix 'Permission denied' in user module while generating SSH keys (#78040) (#78054)
* Fix 'Permission denied' in user module while generating SSH keys
Fix #78017
Use try/except for spwd usage to prevent "Permission denied".
Signed-off-by: Sagi Shnaidman <sshnaidm@redhat.com>
Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit 30a923fb5c164d6cd18280c02422f75e611e8fb2)
-rw-r--r-- | changelogs/fragments/permission-denied-spwd-module.yml | 2 | ||||
-rw-r--r-- | lib/ansible/modules/user.py | 12 |
2 files changed, 13 insertions, 1 deletions
diff --git a/changelogs/fragments/permission-denied-spwd-module.yml b/changelogs/fragments/permission-denied-spwd-module.yml new file mode 100644 index 0000000000..437df4bc2a --- /dev/null +++ b/changelogs/fragments/permission-denied-spwd-module.yml @@ -0,0 +1,2 @@ +bugfixes: + - user - Fix error "Permission denied" in user module while generating SSH keys (https://github.com/ansible/ansible/issues/78017). diff --git a/lib/ansible/modules/user.py b/lib/ansible/modules/user.py index b247ba3682..3e35e90fac 100644 --- a/lib/ansible/modules/user.py +++ b/lib/ansible/modules/user.py @@ -1052,7 +1052,17 @@ class User(object): max_needs_change = self.password_expire_max is not None if HAVE_SPWD: - shadow_info = spwd.getspnam(self.name) + try: + shadow_info = spwd.getspnam(self.name) + except KeyError: + return None, '', '' + except OSError as e: + # Python 3.6 raises PermissionError instead of KeyError + # Due to absence of PermissionError in python2.7 need to check + # errno + if e.errno in (errno.EACCES, errno.EPERM, errno.ENOENT): + return None, '', '' + raise min_needs_change &= self.password_expire_min != shadow_info.sp_min max_needs_change &= self.password_expire_max != shadow_info.sp_max |