From 0ead4306a8ca74f604283cb91a8864f5e25917cf Mon Sep 17 00:00:00 2001 From: Baptiste Mille-Mathias Date: Tue, 21 Jul 2020 21:50:44 +0200 Subject: [PATCH] user - Create home and parent directories only when requested (#70600) The home user and the parents directories should only be created when create_home == True --- ...-create-home-when-create_home-is-false.yml | 2 + lib/ansible/modules/user.py | 13 ++++--- test/integration/targets/user/tasks/main.yml | 38 ++++++++++++++++++- 3 files changed, 46 insertions(+), 7 deletions(-) create mode 100644 changelogs/fragments/70600-user-module-dont-create-home-when-create_home-is-false.yml diff --git a/changelogs/fragments/70600-user-module-dont-create-home-when-create_home-is-false.yml b/changelogs/fragments/70600-user-module-dont-create-home-when-create_home-is-false.yml new file mode 100644 index 00000000000..bafb6d1adf0 --- /dev/null +++ b/changelogs/fragments/70600-user-module-dont-create-home-when-create_home-is-false.yml @@ -0,0 +1,2 @@ +bugfixes: +- "user - don't create home directory and missing parents when create_home == false (https://github.com/ansible/ansible/pull/70600)." diff --git a/lib/ansible/modules/user.py b/lib/ansible/modules/user.py index 2a59ef0bc58..866f706287b 100644 --- a/lib/ansible/modules/user.py +++ b/lib/ansible/modules/user.py @@ -634,11 +634,12 @@ class User(object): if self.home is not None: # If the specified path to the user home contains parent directories that - # do not exist, first create the home directory since useradd cannot - # create parent directories - parent = os.path.dirname(self.home) - if not os.path.isdir(parent): - self.create_homedir(self.home) + # do not exist and create_home is True first create the parent directory + # since useradd cannot create it. + if self.create_home: + parent = os.path.dirname(self.home) + if not os.path.isdir(parent): + self.create_homedir(self.home) cmd.append('-d') cmd.append(self.home) @@ -2940,7 +2941,7 @@ def main(): # Check to see if the provided home path contains parent directories # that do not exist. path_needs_parents = False - if user.home: + if user.home and user.create_home: parent = os.path.dirname(user.home) if not os.path.isdir(parent): path_needs_parents = True diff --git a/test/integration/targets/user/tasks/main.yml b/test/integration/targets/user/tasks/main.yml index c084bd42c5f..534dd92547e 100644 --- a/test/integration/targets/user/tasks/main.yml +++ b/test/integration/targets/user/tasks/main.yml @@ -226,7 +226,6 @@ - user_test3_3 is changed when: ansible_facts.system != 'Darwin' - # https://github.com/ansible/ansible/issues/41393 # Create a new user account with a path that has parent directories that do not exist - name: Create user with home path that has parents that do not exist @@ -285,6 +284,43 @@ state: absent remove: yes +# https://github.com/ansible/ansible/issues/70589 +# Create user with create_home: no and parent directory does not exist. +- name: "Check if parent dir for home dir for user exists (before)" + stat: + path: "{{ user_home_prefix[ansible_facts.system] }}/thereisnodir" + register: create_user_no_create_home_with_no_parent_parent_dir_before + +- name: "Create user with create_home == no and home path parent dir does not exist" + user: + name: randomuser + state: present + create_home: false + home: "{{ user_home_prefix[ansible_facts.system] }}/thereisnodir/randomuser" + register: create_user_no_create_home_with_no_parent + +- name: "Check if parent dir for home dir for user exists (after)" + stat: + path: "{{ user_home_prefix[ansible_facts.system] }}/thereisnodir" + register: create_user_no_create_home_with_no_parent_parent_dir_after + +- name: "Check if home for user is created" + stat: + path: "{{ user_home_prefix[ansible_facts.system] }}/thereisnodir/randomuser" + register: create_user_no_create_home_with_no_parent_home_dir + +- name: "Ensure user with non-existing parent paths with create_home: no was created successfully" + assert: + that: + - not create_user_no_create_home_with_no_parent_parent_dir_before.stat.exists + - not create_user_no_create_home_with_no_parent_parent_dir_after.stat.isdir is defined + - not create_user_no_create_home_with_no_parent_home_dir.stat.exists + +- name: Cleanup test account + user: + name: randomuser + state: absent + remove: yes ## user check