Update user module to use new shared module code

reviewable/pr18780/r1
Stephen Fromm 13 years ago
parent b279f1aea2
commit 47cd5de2cc

238
user

@ -17,65 +17,26 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>. # along with Ansible. If not, see <http://www.gnu.org/licenses/>.
try:
import json
except ImportError:
import simplejson as json
import os import os
import re
import pwd import pwd
import grp import grp
import shlex
import subprocess import subprocess
import sys
import syslog
try: try:
import spwd import spwd
HAVE_SPWD=True HAVE_SPWD=True
except: except:
HAVE_SPWD=False HAVE_SPWD=False
USERADD = "/usr/sbin/useradd" def get_bin_path(module, arg):
USERMOD = "/usr/sbin/usermod" if os.path.exists('/usr/sbin/%s' % arg):
USERDEL = "/usr/sbin/userdel" return '/usr/sbin/%s' % arg
elif os.path.exists('/sbin/%s' % arg):
def exit_json(rc=0, **kwargs): return '/sbin/%s' % arg
if 'name' in kwargs:
add_user_info(kwargs)
print json.dumps(kwargs)
sys.exit(rc)
def fail_json(**kwargs):
kwargs['failed'] = True
exit_json(rc=1, **kwargs)
def add_user_info(kwargs):
name = kwargs['name']
if user_exists(name):
kwargs['state'] = 'present'
info = user_info(name)
if info == False:
if 'failed' in kwargs:
kwargs['notice'] = "failed to look up user name: %s" % name
else:
kwargs['msg'] = "failed to look up user name: %s" % name
kwargs['failed'] = True
return kwargs
kwargs['uid'] = info[2]
kwargs['group'] = info[3]
kwargs['comment'] = info[4]
kwargs['home'] = info[5]
kwargs['shell'] = info[6]
kwargs['createhome'] = os.path.exists(info[5])
groups = user_group_membership(name)
if len(groups) > 0:
kwargs['groups'] = groups
else: else:
kwargs['state'] = 'absent' module.fail_json(msg="Cannot find %s" % arg)
return kwargs
def user_del(user, **kwargs): def user_del(module, user, **kwargs):
cmd = [USERDEL] cmd = [get_bin_path(module, 'userdel')]
for key in kwargs: for key in kwargs:
if key == 'force' and kwargs[key] == 'yes': if key == 'force' and kwargs[key] == 'yes':
cmd.append('-f') cmd.append('-f')
@ -87,21 +48,21 @@ def user_del(user, **kwargs):
rc = p.returncode rc = p.returncode
return (rc, out, err) return (rc, out, err)
def user_add(user, **kwargs): def user_add(module, user, **kwargs):
cmd = [USERADD] cmd = [get_bin_path(module, 'useradd')]
for key in kwargs: for key in kwargs:
if key == 'uid' and kwargs[key] is not None: if key == 'uid' and kwargs[key] is not None:
cmd.append('-u') cmd.append('-u')
cmd.append(kwargs[key]) cmd.append(kwargs[key])
elif key == 'group' and kwargs[key] is not None: elif key == 'group' and kwargs[key] is not None:
if not group_exists(kwargs[key]): if not group_exists(kwargs[key]):
fail_json(msg="Group %s does not exist" % (kwargs[key])) module.fail_json(msg="Group %s does not exist" % (kwargs[key]))
cmd.append('-g') cmd.append('-g')
cmd.append(kwargs[key]) cmd.append(kwargs[key])
elif key == 'groups' and kwargs[key] is not None: elif key == 'groups' and kwargs[key] is not None:
for g in kwargs[key].split(','): for g in kwargs[key].split(','):
if not group_exists(g): if not group_exists(g):
fail_json(msg="Group %s does not exist" % (g)) module.fail_json(msg="Group %s does not exist" % (g))
cmd.append('-G') cmd.append('-G')
cmd.append(kwargs[key]) cmd.append(kwargs[key])
elif key == 'comment' and kwargs[key] is not None: elif key == 'comment' and kwargs[key] is not None:
@ -134,8 +95,8 @@ def user_add(user, **kwargs):
Without spwd, we would have to resort to reading /etc/shadow Without spwd, we would have to resort to reading /etc/shadow
to get the encrypted string. For now, punt on idempotent password changes. to get the encrypted string. For now, punt on idempotent password changes.
""" """
def user_mod(user, **kwargs): def user_mod(module, user, **kwargs):
cmd = [USERMOD] cmd = [get_bin_path(module, 'usermod')]
info = user_info(user) info = user_info(user)
for key in kwargs: for key in kwargs:
if key == 'uid': if key == 'uid':
@ -144,7 +105,7 @@ def user_mod(user, **kwargs):
cmd.append(kwargs[key]) cmd.append(kwargs[key])
elif key == 'group' and kwargs[key] is not None: elif key == 'group' and kwargs[key] is not None:
if not group_exists(kwargs[key]): if not group_exists(kwargs[key]):
fail_json(msg="Group %s does not exist" % (kwargs[key])) module.fail_json(msg="Group %s does not exist" % (kwargs[key]))
ginfo = group_info(group) ginfo = group_info(group)
if info[3] != ginfo[2]: if info[3] != ginfo[2]:
cmd.append('-g') cmd.append('-g')
@ -154,7 +115,7 @@ def user_mod(user, **kwargs):
groups = kwargs[key].split(',') groups = kwargs[key].split(',')
for g in groups: for g in groups:
if not group_exists(g): if not group_exists(g):
fail_json(msg="Group %s does not exist" % (g)) module.fail_json(msg="Group %s does not exist" % (g))
group_diff = set(sorted(current_groups)).symmetric_difference(set(sorted(groups))) group_diff = set(sorted(current_groups)).symmetric_difference(set(sorted(groups)))
groups_need_mod = False groups_need_mod = False
@ -250,111 +211,102 @@ def user_info(user):
# =========================================== # ===========================================
if not os.path.exists(USERADD): def main():
if os.path.exists("/sbin/useradd"): module = AnsibleModule(
USERADD = "/sbin/useradd" argument_spec = dict(
else: state=dict(default='present', choices=['present', 'absent']),
fail_json(msg="Cannot find useradd") name=dict(required=True),
if not os.path.exists(USERMOD): uid=dict(default=None),
if os.path.exists("/sbin/usermod"): group=dict(default=None),
USERMOD = "/sbin/usermod" groups=dict(default=None),
else: comment=dict(default=None),
fail_json(msg="Cannot find usermod") home=dict(default=None),
if not os.path.exists(USERDEL): shell=dict(default=None),
if os.path.exists("/sbin/userdel"): password=dict(default=None),
USERDEL = "/sbin/userdel" # following options are specific to userdel
else: force=dict(default='no', choices=['yes', 'no']),
fail_json(msg="Cannot find userdel") remove=dict(default='no', choices=['yes', 'no']),
# following options are specific to useradd
argfile = sys.argv[1] createhome=dict(default='yes', choices=['yes', 'no']),
args = open(argfile, 'r').read() system=dict(default='no', choices=['yes', 'no']),
items = shlex.split(args) # following options are specific to usermod
syslog.openlog('ansible-%s' % os.path.basename(__file__)) append=dict(default='no', choices=['yes', 'no']),
log_args = re.sub(r'password=.+ (.*)', r"password=NOT_LOGGING_PASSWORD \1", args) )
syslog.syslog(syslog.LOG_NOTICE, 'Invoked with %s' % log_args) )
if not len(items):
fail_json(msg='the module requires arguments -a')
sys.exit(1)
params = {}
for x in items:
(k, v) = x.split("=")
params[k] = v
state = params.get('state','present') state = module.params['state']
name = params.get('name', None) name = module.params['name']
uid = params.get('uid', None) uid = module.params['uid']
group = params.get('group', None) group = module.params['group']
groups = params.get('groups', None) groups = module.params['groups']
comment = params.get('comment', None) comment = module.params['comment']
home = params.get('home', None) home = module.params['home']
shell = params.get('shell', None) shell = module.params['shell']
password = params.get('password', None) password = module.params['password']
force = module.params['force']
remove = module.params['remove']
createhome = module.params['createhome']
system = module.params['system']
append = module.params['append']
# =========================================== rc = None
# following options are specific to userdel out = ''
force = params.get('force', 'no') err = ''
remove = params.get('remove', 'no') result = {}
result['name'] = name
# =========================================== result['state'] = state
# following options are specific to useradd if state == 'absent':
createhome = params.get('createhome', 'yes')
system = params.get('system', 'no')
# ===========================================
# following options are specific to usermod
append = params.get('append', 'no')
if state not in [ 'present', 'absent' ]:
fail_json(msg='invalid state')
if createhome not in [ 'yes', 'no' ]:
fail_json(msg='invalid createhome')
if system not in ['yes', 'no']:
fail_json(msg='invalid system')
if append not in [ 'yes', 'no' ]:
fail_json(msg='invalid append')
if force not in ['yes', 'no']:
fail_json(msg="invalid option for force, requires yes or no (defaults to no)")
if remove not in ['yes', 'no']:
fail_json(msg="invalid option for remove, requires yes or no (defaults to no)")
if name is None:
fail_json(msg='name is required')
rc = None
out = ''
err = ''
result = {}
result['name'] = name
if state == 'absent':
if user_exists(name): if user_exists(name):
(rc, out, err) = user_del(name, force=force, remove=remove) (rc, out, err) = user_del(module, name, force=force, remove=remove)
if rc != 0: if rc != 0:
fail_json(name=name, msg=err) module.fail_json(name=name, msg=err, rc=rc)
result['force'] = force result['force'] = force
result['remove'] = remove result['remove'] = remove
elif state == 'present': elif state == 'present':
if not user_exists(name): if not user_exists(name):
(rc, out, err) = user_add(name, uid=uid, group=group, groups=groups, (rc, out, err) = user_add(module,
name, uid=uid, group=group, groups=groups,
comment=comment, home=home, shell=shell, comment=comment, home=home, shell=shell,
password=password, createhome=createhome, password=password, createhome=createhome,
system=system) system=system)
result['system'] = system
result['createhome'] = createhome
else: else:
(rc, out, err) = user_mod(name, uid=uid, group=group, groups=groups, (rc, out, err) = user_mod(module,
name, uid=uid, group=group, groups=groups,
comment=comment, home=home, shell=shell, comment=comment, home=home, shell=shell,
password=password, append=append) password=password, append=append)
result['append'] = append
if rc is not None and rc != 0: if rc is not None and rc != 0:
fail_json(name=name, msg=err) module.fail_json(name=name, msg=err, rc=rc)
if password is not None: if password is not None:
result['password'] = 'NOTLOGGINGPASSWORD' result['password'] = 'NOT_LOGGING_PASSWORD'
if rc is None: if rc is None:
result['changed'] = False result['changed'] = False
else: else:
result['changed'] = True result['changed'] = True
if out: if out:
result['stdout'] = out result['stdout'] = out
if err: if err:
result['stderr'] = err result['stderr'] = err
exit_json(**result) if user_exists(name):
sys.exit(0) info = user_info(name)
if info == False:
result['msg'] = "failed to look up user name: %s" % name
result['failed'] = True
result['uid'] = info[2]
result['group'] = info[3]
result['comment'] = info[4]
result['home'] = info[5]
result['shell'] = info[6]
groups = user_group_membership(name)
result['uid'] = info[2]
if len(groups) > 0:
result['groups'] = groups
module.exit_json(**result)
# include magic from lib/ansible/module_common.py
#<<INCLUDE_ANSIBLE_MODULE_COMMON>>
main()

Loading…
Cancel
Save