From 0fd3ece053dc26c4e83cae2ed5866c7f18fbfa38 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=A9bastien=20Gross?=
 <seb•ɑƬ•chezwam•ɖɵʈ•org>
Date: Thu, 26 Feb 2015 15:10:28 +0100
Subject: [PATCH] Allow '*' as empty password.

If `password` is defined as `*` `useradd` or `usermod` returns an error:

    msg: usermod: Invalid password: `*'

This works very well on Linux host to not define any password for a
user (mainly useful if your setup is only based on SSH keys for
auth). On OpenBSD this does not work, so we have to ignore the encrypted
password parameter if it defined as `*`.
---
 lib/ansible/modules/system/user.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/lib/ansible/modules/system/user.py b/lib/ansible/modules/system/user.py
index b5d335a1154..7e3e4c01cd3 100755
--- a/lib/ansible/modules/system/user.py
+++ b/lib/ansible/modules/system/user.py
@@ -933,7 +933,7 @@ class OpenBSDUser(User):
             cmd.append('-L')
             cmd.append(self.login_class)
 
-        if self.password is not None:
+        if self.password is not None and self.password != '*':
             cmd.append('-p')
             cmd.append(self.password)
 
@@ -1031,7 +1031,8 @@ class OpenBSDUser(User):
                 cmd.append('-L')
                 cmd.append(self.login_class)
 
-        if self.update_password == 'always' and self.password is not None and info[1] != self.password:
+        if self.update_password == 'always' and self.password is not None \
+           and self.password != '*' and info[1] != self.password:
             cmd.append('-p')
             cmd.append(self.password)