Wrap getpwnam in try/except in authorized_key module
This also adds module as an argument to keyfile().
This commit is contained in:
parent
75d3b77454
commit
3ec64d19a8
1 changed files with 8 additions and 5 deletions
|
@ -71,7 +71,7 @@ import os.path
|
||||||
import tempfile
|
import tempfile
|
||||||
import shutil
|
import shutil
|
||||||
|
|
||||||
def keyfile(user, write=False):
|
def keyfile(module, user, write=False):
|
||||||
"""
|
"""
|
||||||
Calculate name of authorized keys file, optionally creating the
|
Calculate name of authorized keys file, optionally creating the
|
||||||
directories and file, properly setting permissions.
|
directories and file, properly setting permissions.
|
||||||
|
@ -81,7 +81,10 @@ def keyfile(user, write=False):
|
||||||
:return: full path string to authorized_keys for user
|
:return: full path string to authorized_keys for user
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
try:
|
||||||
user_entry = pwd.getpwnam(user)
|
user_entry = pwd.getpwnam(user)
|
||||||
|
except KeyError, e:
|
||||||
|
module.fail_json(msg="Failed to lookup user %s: %s" % (user, str(e)))
|
||||||
homedir = user_entry.pw_dir
|
homedir = user_entry.pw_dir
|
||||||
sshdir = os.path.join(homedir, ".ssh")
|
sshdir = os.path.join(homedir, ".ssh")
|
||||||
keysfile = os.path.join(sshdir, "authorized_keys")
|
keysfile = os.path.join(sshdir, "authorized_keys")
|
||||||
|
@ -137,7 +140,7 @@ def enforce_state(module, params):
|
||||||
state = params.get("state", "present")
|
state = params.get("state", "present")
|
||||||
|
|
||||||
# check current state -- just get the filename, don't create file
|
# check current state -- just get the filename, don't create file
|
||||||
params["keyfile"] = keyfile(user, write=False)
|
params["keyfile"] = keyfile(module, user, write=False)
|
||||||
keys = readkeys(params["keyfile"])
|
keys = readkeys(params["keyfile"])
|
||||||
present = key in keys
|
present = key in keys
|
||||||
|
|
||||||
|
@ -146,13 +149,13 @@ def enforce_state(module, params):
|
||||||
if present:
|
if present:
|
||||||
module.exit_json(changed=False)
|
module.exit_json(changed=False)
|
||||||
keys.append(key)
|
keys.append(key)
|
||||||
writekeys(module, keyfile(user,write=True), keys)
|
writekeys(module, keyfile(module, user,write=True), keys)
|
||||||
|
|
||||||
elif state=="absent":
|
elif state=="absent":
|
||||||
if not present:
|
if not present:
|
||||||
module.exit_json(changed=False)
|
module.exit_json(changed=False)
|
||||||
keys.remove(key)
|
keys.remove(key)
|
||||||
writekeys(module, keyfile(user,write=True), keys)
|
writekeys(module, keyfile(module, user,write=True), keys)
|
||||||
|
|
||||||
params['changed'] = True
|
params['changed'] = True
|
||||||
return params
|
return params
|
||||||
|
|
Loading…
Reference in a new issue