valitydev/salt
14
0
Fork 0
mirror of https://github.com/valitydev/salt.git synced 2024-11-08 09:23:56 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Normalize the 'pwd' field in shadow.info output

Browse Source 
This makes this field match the corresponding field in user.info. This
also updates the docstring for set_password to be more descriptive.
This commit is contained in:
Erik Johnson 2013-06-26 00:30:05 -05:00
parent 62391367df
commit 508d8166a8
1 changed files with 16 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
salt/modules/shadow.py
View File

@ -14,16 +14,7 @@ import salt.utils
def __virtual__(): def __virtual__():
''' return 'shadow' if __grains__.get('kernel', '') == 'Linux' else False
Only work on POSIX-like systems
'''
# Disable on Windows, a specific file module exists:
if salt.utils.is_windows() or __grains__['kernel'] in (
'SunOS', 'NetBSD'
):
return False
return 'shadow'
def info(name): def info(name):
@ -38,7 +29,7 @@ def info(name):
data = spwd.getspnam(name) data = spwd.getspnam(name)
ret = { ret = {
'name': data.sp_nam, 'name': data.sp_nam,
'pwd': data.sp_pwd, 'passwd': data.sp_pwd if data.sp_pwd != '!' else '',
'lstchg': data.sp_lstchg, 'lstchg': data.sp_lstchg,
'min': data.sp_min, 'min': data.sp_min,
'max': data.sp_max, 'max': data.sp_max,
@ -46,9 +37,9 @@ def info(name):
'inact': data.sp_inact, 'inact': data.sp_inact,
'expire': data.sp_expire} 'expire': data.sp_expire}
except KeyError: except KeyError:
ret = { return {
'name': '', 'name': '',
'pwd': '', 'passwd': '',
'lstchg': '', 'lstchg': '',
'min': '', 'min': '',
'max': '', 'max': '',
@ -118,16 +109,22 @@ def set_mindays(name, mindays):
def set_password(name, password, use_usermod=False): def set_password(name, password, use_usermod=False):
''' '''
Set the password for a named user. The password must be a properly defined Set the password for a named user. The password must be a properly defined
hash, the password hash can be generated with this command: hash. The password hash can be generated with this command:
``python -c "import crypt, getpass, pwd; print crypt.crypt('password', '\\$6\\$SALTsalt\\$')"``
``python -c "import crypt; print crypt.crypt('password',
'$6$SALTsalt')"``
``SALTsalt`` is the 8-character crpytographic salt. Valid characters in the
salt are ``.``, ``/``, and any alphanumeric character.
Keep in mind that the $6 represents a sha512 hash, if your OS is using a Keep in mind that the $6 represents a sha512 hash, if your OS is using a
different hashing algorithm this needs to be changed accordingly different hashing algorithm this needs to be changed accordingly
CLI Example:: CLI Example::
salt '*' shadow.set_password root $1$UYCIxa628.9qXjpQCjM4a.. salt '*' shadow.set_password root '$1$UYCIxa628.9qXjpQCjM4a..'
''' '''
if not use_usermod: if not salt.utils.is_true(use_usermod):
# Edit the shadow file directly # Edit the shadow file directly
s_file = '/etc/shadow' s_file = '/etc/shadow'
ret = {} ret = {}
@ -146,13 +143,13 @@ def set_password(name, password, use_usermod=False):
with salt.utils.fopen(s_file, 'w+') as fp_: with salt.utils.fopen(s_file, 'w+') as fp_:
fp_.writelines(lines) fp_.writelines(lines)
uinfo = info(name) uinfo = info(name)
return uinfo['pwd'] == password return uinfo['passwd'] == password
else: else:
# Use usermod -p (less secure, but more feature-complete) # Use usermod -p (less secure, but more feature-complete)
cmd = 'usermod -p {0} {1}'.format(name, password) cmd = 'usermod -p {0} {1}'.format(name, password)
__salt__['cmd.run'](cmd) __salt__['cmd.run'](cmd)
uinfo = info(name) uinfo = info(name)
return uinfo['pwd'] == password return uinfo['passwd'] == password
def set_warndays(name, warndays): def set_warndays(name, warndays):