From 23f5b3b635aba0998a0625a243a7cb88a74c8a59 Mon Sep 17 00:00:00 2001
From: Sam Doran <sdoran@redhat.com>
Date: Mon, 14 Oct 2019 15:44:22 -0400
Subject: [PATCH] [stable-2.9] user - fix shadow file parsing on AIX (#62547)

Initialize variables in case the shadow file is not found.
Handle IndexErrors if something goes wrong with file parsing.
(cherry picked from commit e9d10f94b7)

Co-authored-by: Sam Doran <sdoran@redhat.com>
---
 .../user-aix-shadow-unbound-local.yaml        |  2 ++
 lib/ansible/modules/system/user.py            | 34 ++++++++++---------
 2 files changed, 20 insertions(+), 16 deletions(-)
 create mode 100644 changelogs/fragments/user-aix-shadow-unbound-local.yaml

diff --git a/changelogs/fragments/user-aix-shadow-unbound-local.yaml b/changelogs/fragments/user-aix-shadow-unbound-local.yaml
new file mode 100644
index 00000000000..f1283dc6ea8
--- /dev/null
+++ b/changelogs/fragments/user-aix-shadow-unbound-local.yaml
@@ -0,0 +1,2 @@
+bugfixes:
+  - user - fix stack trace on AIX when attempting to parse shadow file that does not exist (https://github.com/ansible/ansible/issues/62510)
diff --git a/lib/ansible/modules/system/user.py b/lib/ansible/modules/system/user.py
index 9cf9947281f..00dec5f8978 100644
--- a/lib/ansible/modules/system/user.py
+++ b/lib/ansible/modules/system/user.py
@@ -2501,29 +2501,31 @@ class AIX(User):
         """
 
         b_name = to_bytes(self.name)
+        b_passwd = b''
+        b_expires = b''
         if os.path.exists(self.SHADOWFILE) and os.access(self.SHADOWFILE, os.R_OK):
             with open(self.SHADOWFILE, 'rb') as bf:
                 b_lines = bf.readlines()
 
             b_passwd_line = b''
             b_expires_line = b''
-            for index, b_line in enumerate(b_lines):
-                # Get password and lastupdate lines which come after the username
-                if b_line.startswith(b'%s:' % b_name):
-                    b_passwd_line = b_lines[index + 1]
-                    b_expires_line = b_lines[index + 2]
-                    break
-
-            # Sanity check the lines because sometimes both are not present
-            if b' = ' in b_passwd_line:
-                b_passwd = b_passwd_line.split(b' = ', 1)[-1].strip()
-            else:
-                b_passwd = b''
+            try:
+                for index, b_line in enumerate(b_lines):
+                    # Get password and lastupdate lines which come after the username
+                    if b_line.startswith(b'%s:' % b_name):
+                        b_passwd_line = b_lines[index + 1]
+                        b_expires_line = b_lines[index + 2]
+                        break
 
-            if b' = ' in b_expires_line:
-                b_expires = b_expires_line.split(b' = ', 1)[-1].strip()
-            else:
-                b_expires = b''
+                # Sanity check the lines because sometimes both are not present
+                if b' = ' in b_passwd_line:
+                    b_passwd = b_passwd_line.split(b' = ', 1)[-1].strip()
+
+                if b' = ' in b_expires_line:
+                    b_expires = b_expires_line.split(b' = ', 1)[-1].strip()
+
+            except IndexError:
+                self.module.fail_json(msg='Failed to parse shadow file %s' % self.SHADOWFILE)
 
         passwd = to_native(b_passwd)
         expires = to_native(b_expires) or -1