Skip to content

Commit

Permalink
Add password support to user state
Browse files Browse the repository at this point in the history
  • Loading branch information
@thatch45
thatch45 committed Nov 13, 2011
1 parent 7884696 commit a87d6cf
Show file tree
Hide file tree
Showing 2 changed files with 48 additions and 13 deletions.
39 changes: 26 additions & 13 deletions salt/modules/shadow.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,21 +13,33 @@ def info(name):
salt '*' shadow.user root
'''
data = spwd.getspnam(name)
return {
'name': data.sp_nam,
'pwd': data.sp_pwd,
'lstchg': data.sp_lstchg,
'min': data.sp_min,
'max': data.sp_max,
'warn': data.sp_warn,
'inact': data.sp_inact,
'expire': data.sp_expire}
try:
data = spwd.getspnam(name)
ret = {
'name': data.sp_nam,
'pwd': data.sp_pwd,
'lstchg': data.sp_lstchg,
'min': data.sp_min,
'max': data.sp_max,
'warn': data.sp_warn,
'inact': data.sp_inact,
'expire': data.sp_expire}
except KeyError:
ret = {
'name': '',
'pwd': '',
'lstchg': '',
'min': '',
'max': '',
'warn': '',
'inact': '',
'expire': ''}
return ret

def set_password(name, password):
'''
Set the password for a named user. The password must be a properly defined
hash. The password hash can be generated with:
Set the password for a named user, the password must be a properly defined
hash, the password hash can be generated with this command:
``openssl passwd -1 <plaintext password>``
CLI Example::
Expand All @@ -46,8 +58,9 @@ def set_password(name, password):
continue
comps[1] = password
line = ':'.join(comps)
lines.append(line)
lines.append('{0}\n'.format(line))
open(s_file, 'w+').writelines(lines)
print name
uinfo = info(name)
if uinfo['pwd'] == password:
return True
Expand Down
22 changes: 22 additions & 0 deletions salt/states/user.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ def present(
gid=None,
groups=None,
home=False,
password=None,
shell='/bin/bash'
):
'''
Expand All @@ -46,13 +47,18 @@ def present(
home
The location of the home directory to manage
password
A password hash to set for the user
shell
The login shell, defaults to /bin/bash
'''
ret = {'name': name,
'changes': {},
'result': True,
'comment': 'User {0} is present and up to date'.format(name)}
print password
lshad = __salt__['shadow.info'](name)
for lusr in __salt__['user.getent']():
# Scan over the users
if lusr['name'] == name:
Expand All @@ -78,18 +84,34 @@ def present(
if lusr['shell'] != shell:
# Fix the shell
__salt__['user.chshell'](name, shell)
if password:
if lshad['pwd'] != password:
# Set the new password
__salt__['shadow.set_password'](name, password)
post = __salt__['user.info'](name)
spost = __salt__['shadow.info'](name)
# See if anything changed
for key in post:
if post[key] != pre[key]:
ret['changes'][key] = post[key]
for key in spost:
if lshad[key] != spost[key]:
ret['changes'][key] = spost[key]
if ret['changes']:
ret['comment'] = 'Updated user {0}'.format(name)
return ret
# The user is not present, make it!
if __salt__['user.add'](name, uid, gid, groups, home, shell):
ret['comment'] = 'New user {0} created'.format(name)
ret['changes'] = __salt__['user.info'](name)
if password:
__salt__['shadow.set_password'](name, password)
spost = __salt__['shadow.info'](name)
if spost['pwd'] != password:
ret['comment'] = ('User {0} created but failed to set'
' password to {1}').format(name, password)
ret['result'] = False
ret['changes']['password'] = password
else:
ret['comment'] = 'Failed to create new user {0}'.format(name)
ret['result'] = False
Expand Down

0 comments on commit a87d6cf

Please sign in to comment.