Wrap getpwnam in try/except in authorized_key module

This also adds module as an argument to keyfile().
This commit is contained in:
Stephen Fromm 2012-11-07 16:43:09 -08:00
parent 75d3b77454
commit 3ec64d19a8

View file

@ -71,7 +71,7 @@ import os.path
import tempfile import tempfile
import shutil import shutil
def keyfile(user, write=False): def keyfile(module, user, write=False):
""" """
Calculate name of authorized keys file, optionally creating the Calculate name of authorized keys file, optionally creating the
directories and file, properly setting permissions. directories and file, properly setting permissions.
@ -81,7 +81,10 @@ def keyfile(user, write=False):
:return: full path string to authorized_keys for user :return: full path string to authorized_keys for user
""" """
try:
user_entry = pwd.getpwnam(user) user_entry = pwd.getpwnam(user)
except KeyError, e:
module.fail_json(msg="Failed to lookup user %s: %s" % (user, str(e)))
homedir = user_entry.pw_dir homedir = user_entry.pw_dir
sshdir = os.path.join(homedir, ".ssh") sshdir = os.path.join(homedir, ".ssh")
keysfile = os.path.join(sshdir, "authorized_keys") keysfile = os.path.join(sshdir, "authorized_keys")
@ -137,7 +140,7 @@ def enforce_state(module, params):
state = params.get("state", "present") state = params.get("state", "present")
# check current state -- just get the filename, don't create file # check current state -- just get the filename, don't create file
params["keyfile"] = keyfile(user, write=False) params["keyfile"] = keyfile(module, user, write=False)
keys = readkeys(params["keyfile"]) keys = readkeys(params["keyfile"])
present = key in keys present = key in keys
@ -146,13 +149,13 @@ def enforce_state(module, params):
if present: if present:
module.exit_json(changed=False) module.exit_json(changed=False)
keys.append(key) keys.append(key)
writekeys(module, keyfile(user,write=True), keys) writekeys(module, keyfile(module, user,write=True), keys)
elif state=="absent": elif state=="absent":
if not present: if not present:
module.exit_json(changed=False) module.exit_json(changed=False)
keys.remove(key) keys.remove(key)
writekeys(module, keyfile(user,write=True), keys) writekeys(module, keyfile(module, user,write=True), keys)
params['changed'] = True params['changed'] = True
return params return params