Added note about password being returned as plaintext in the returned job info

2024-11-06 16:45:27 +00:00 · 2016-02-01 09:00:52 +01:00 · 2016-02-01 09:00:52 +01:00 · 205d7eceb4
commit 205d7eceb4
parent 3aeafd7f54
1 changed files with 17 additions and 2 deletions
--- a/salt/modules/mac_keychain.py
+++ b/salt/modules/mac_keychain.py
@ -39,7 +39,10 @@ def install(cert, password, keychain="/Library/Keychains/System.keychain", allow

    password
        The password for the certificate being installed formatted in the way
-        described for openssl command in the PASS PHRASE ARGUMENTS section
+        described for openssl command in the PASS PHRASE ARGUMENTS section.
+
+        Note: The password given here will show up as plaintext in the job returned
+        info.

    keychain
        The keychain to install the certificate to, this defaults to
@ -52,6 +55,9 @@ def install(cert, password, keychain="/Library/Keychains/System.keychain", allow
        If your keychain is likely to be locked pass the password and it will be unlocked
        before running the import

+        Note: The password given here will show up as plaintext in the returned job
+        info.
+

    '''
    if keychain_password is not None:
@ -84,6 +90,9 @@ def uninstall(cert_name, keychain="/Library/Keychains/System.keychain", keychain
        If your keychain is likely to be locked pass the password and it will be unlocked
        before running the import

+        Note: The password given here will show up as plaintext in the returned job
+        info.
+

    '''
    if keychain_password is not None:
@ -131,6 +140,9 @@ def get_friendly_name(cert, password):
        The password for the certificate being installed formatted in the way
        described for openssl command in the PASS PHRASE ARGUMENTS section

+        Note: The password given here will show up as plaintext in the returned job
+        info.
+
    '''
    cmd = 'openssl pkcs12 -in {0} -passin pass:{1} -info -nodes -nokeys 2> /dev/null | grep friendlyName:'.format(cert,
                                                                                                                  password)
@ -185,7 +197,10 @@ def unlock_keychain(keychain, password):
        The keychain to unlock

    password
-        The password to use
+        The password to use to unlock the keychain.
+
+        Note: The password given here will show up as plaintext in the returned job
+        info.                

    '''
    cmd = 'security unlock-keychain -p {0} {1}'.format(password, keychain)