When a user home dir is not created with `useradd`, the home dir will now
be created with umask from /etc/login.defs. Also fixed a bug in which
after a local user is deleted, and the same user exists in the central
user management system, the module would create that user's home.
* Simplify logic and add FreeBSD & NetBSD
* Remove incorrect flag for lock and unlock on FreeBSD
* Add tests and changelog
Co-authored-by: Chris Gadd <gaddman@email.com>
* Allow bang and exclamation without warning
Allow the password field to be ! or * without warning when using this feature to create accounts that are locked.
Add documentation and tests to cover this.
* Use set() rather than braces for Python 2.6
When creating a new account, check to see if the expiration parameter is negative and pass in the appropriate parameter. Since the negative integer passed into expires is converted to time.struct_time which in turn gets converted to a formatted time string when passed to the underlying command, a -1 or large negative number would result in passing a date before 1970-01-01 to the underlying command.
This had the opposite effect of creating an account with no expiration account resulting in a newly created account that was already expired, or just throwing an error on certain systems.
* Add backup option
* Only backup shadow file when the OS has one
* Only backup shadow file for SunOS
* Update docs on backup feature
* Add changelog fragment
* Add tests for shadow backup
* Remove backup option, make it automatic
Remove the option to enable/disable backups and make it automatic. Add note to docs describing this behavior.
Change tests to account for new module behavior.
Change section name in changelog fragment since minor_features is not a valid section.
* strip additional comments from /etc/default/passwd
Strip trailling comments from /etc/default/passwd like
MINWEEKS=1 #MINWEEKS=2
MAXWEEKS=12 # MAXWEEKS=8
Which otherwise cause failures with "failed to read /etc/default/passwd: too many values to unpack"
* fix carriage return typo in commit
* yet another typo in commit
* Fix indent problem
* add changelog fragment for PR 43931
* Check the password format
Check the password format and notify user if they
input unencrypted password.
* Fix sanity error
* Add integration test
* Missed a task name
* Hard code the testing password
Since some testing platfrom has no passlib installed
* Add changelog fragment
* Rework some English sentences
* Fix a grammar mistake
* Only report change when home directory is different
Add tests with home: parameter
Have to skip macOS for now since there is a bug when specifying the home directory path for an existing user that results in a module failure. That needs to be fixed in a separate PR.
* fix a (forgotten?) change in moving createhome -> create_home
Fix for following bug on FreeBSD host whith user module:
```
fatal: [webssp]: FAILED! => {"changed": false, "module_stderr": "X11 forwarding request failed
Traceback (most recent call last):
File \"/tmp/ansible_2rmlBl/ansible_module_user.py\", line 2487, in <module>
main()\n File \"/tmp/ansible_2rmlBl/ansible_module_user.py\", line 2426, in main
(rc, out, err) = user.modify_user()
File \"/tmp/ansible_2rmlBl/ansible_module_user.py\", line 1011, in modify_user
if (info[5] != self.home and self.move_home) or (not os.path.exists(self.home) and self.createhome):
AttributeError: 'FreeBsdUser' object has no attribute 'createhome'
", "module_stdout": "", "msg": "MODULE FAILURE", "rc": 1}
```
It happenned with 'createhome' AND with 'create_home' form, with python 2.7 AND python 3.6
* Add changelog
Co-authored-by: dgeo <dgeo@users.noreply.github.com>
* Allow negative values to expires to unexpire a user
Fixes#20096
(cherry picked from commit 34f8080a19c09cd20ec9c045fca1e37ef74bb1e6)
(cherry picked from commit 54619f70f4b79f121c5062d54e9732d3cbb24377)
(cherry picked from commit 8c2fae27d6e2af810112032bb1dfef5459035b7e)
(cherry picked from commit db1a32f8caa8c8b9f989baa65784d4b2b5cad1f8)
* tweaked and normalized
- also added tests, made checking resilient
* Only change expiration date if it is different
Modify user_info() method to also return the password expiration.
Compare current and desired expiration times and only change if they are different.
* Improve formatting on user tests
* Add integration test for expiration
* Add changelog fragment
* Improve integration test
Skip macOS and use getent module for validating expiration date.
* Fix expiration change for FreeBSD
* Don't use datetime since the total_seconds method isn't available on CentOS 6
* Use better name for expiration index field
Use separate tasks for verifying expiration date on BSD
* Use calendar.timegm() rather than time.mktime()
calendar.timegm() is the inverse of time.gmtime() and returns a timestamp in UTC not localtime
Add tests that change the system timezone away from UTC
* Mark tests as destructive and use test for change status
* Fix account expiration for FreeBSD
Use DATE_FORMAT when setting expiration date on FreeBSD. Previously the argument passed to -e was an integer of days since epoch when the account will expire which was inserted directly into master.passwd. This value is interpreted as seconds since epoch by the system, meaning the account expiration was actually set to a few hours past epoch.
Greatly simply comparing desired and current expiration time by using the first three values of the struct_time tuple rather than doing a whole bunch of manipulations of the seconds since epoch.
* add user password lock option to user module
* fixup! add user password lock option to user module
* add unlock, set no default
* fixup! add unlock, set no default
* fixup! fixup! add unlock, set no default
* add lock password for FreeBSD, netBSD
* fixup! add lock password for FreeBSD, netBSD
* respect skeleton argument in usermod mode for FreeBSD
* use FreeBSD's own (more sophisticated) home creation function rather than ansible's create_home(), which does not handle skeleton files correctly for FreeBSD
* Ansible files module sanity pep8 fixes
* Ansible system module and playbook base.py
* Undo empty lines not required by sanity checks
* Undo empty lines not required by sanity checks
* Undo empty lines not required by sanity checks
* Undo empty lines not required by sanity checks
* Undo empty lines not required by sanity checks
* Undo empty lines not required by sanity checks
* Undo empty lines not required by sanity checks
* Undo empty lines not required by sanity checks
* Undo empty lines not required by sanity checks
* Undo empty lines not required by sanity checks
* Undo empty lines not required by sanity checks
* Various changes
* Various changes
* Various changes
* Various changes
* Undo blank lines not required by sanity checks
* Various changes
* Various changes
* Various changes
* Various changes
* Various changes
* Undo blank line changes not required by sanity checks
* Various changes
* Various changes
* Various changes
* Various changes
* Various changes
* Missing piece after merge
* Blank lines
* Blank line
* Line too long
* Fix typo
* Unnecessary quotes
* Fix example error
Dag Wieers
Christopher Gadd
Strahinja Kustudic
soulofmischief
Toshio Kuratomi
jpdasma
Martin Krizek
Sam Doran
Tom Matthews
Zhikang Zhang
dgeo
Troy Murray
Artem Goncharov
bengerman
Brian Coca
Matt Clay
lazouz
Brian Coca
Adam Furbee
Job Evers‐Meltzer
abelbabel
Lutz Reinhardt
tobald
Jonathan Towne
Abhijeet Kasurde
Ryan Groten
Russell Parks
Yadnyawalkya Tale
Reid Wahl
Mike