docs: Extend password entry of ansible.builtin.user (#79694)

* docs: Extend password entry of ansible.builtin.user Clarify that `password` sets the password hash. Not the actual password. Fixes part of #79684
1 year ago · 6cd1a1404a
parent 2164d5699c
commit 6cd1a1404a
1 changed files with 5 additions and 4 deletions
--- a/lib/ansible/modules/user.py
+++ b/lib/ansible/modules/user.py
@ -86,12 +86,13 @@ options:
        version_added: "2.0"
    password:
        description:
-            - Optionally set the user's password to this encrypted value.
-            - On macOS systems, this value has to be cleartext. Beware of security issues.
+            - If provided, set the user's password to the provided encrypted hash (Linux) or plain text password (macOS).
+            - B(Linux/Unix/POSIX:) Enter the hashed password as the value.
+            - See L(FAQ entry,https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#how-do-i-generate-encrypted-passwords-for-the-user-module)
+              for details on various ways to generate the hash of a password.
            - To create an account with a locked/disabled password on Linux systems, set this to C('!') or C('*').
            - To create an account with a locked/disabled password on OpenBSD, set this to C('*************').
-            - See L(FAQ entry,https://docs.ansible.com/ansible/latest/reference_appendices/faq.html#how-do-i-generate-encrypted-passwords-for-the-user-module)
-              for details on various ways to generate these password values.
+            - B(OS X/macOS:) Enter the cleartext password as the value. Be sure to take relevant security precautions.
        type: str
    state:
        description: