264e08f21a
Do the right thing on Linux when password lock and a password hash are provided by writing out the password hash prepended by the appropriate lock string rather than using -U and -L. This is the correct way to set and lock the account in one command. On BSD, run separate commands as appropriate since locking and setting the password cannot be done in a single action. FreeBSD requires running several commands to get the account in the desired state. As a result, the rc, output, and error from all commands need to be combined and evaluated so an accurate and complete summary can be given at the end of module execution. * Improve integration tests to cover this scenario. * Break up user integration tests into smaller files * Properly lock account when creating a new account and password is supplied * Simplify rc collection in FreeBSD class Since the _handle_lock() method was added, the rc would be set to None, which could make task change reporting incorrect. My first attempt to solve this used a set and was a bit too complicated. Simplify it my comparing the rc from _handle_lock() and the current value of rc. * Improve the Linux password hash and locking behavior If password lock and hash are provided, set the hash and lock the account by using a password hash since -L cannot be used with -p. * Ensure -U and -L are not combined with -p since they are mutually exclusive to usermod. * Clarify password_lock behavior.
21 lines
567 B
YAML
21 lines
567 B
YAML
- name: Test shadow backup on Solaris
|
|
when: ansible_facts.os_family == 'Solaris'
|
|
block:
|
|
- name: Create a user to test shadow file backup
|
|
user:
|
|
name: ansibulluser
|
|
state: present
|
|
register: result
|
|
|
|
- name: Find shadow backup files
|
|
find:
|
|
path: /etc
|
|
patterns: 'shadow\..*~$'
|
|
use_regex: yes
|
|
register: shadow_backups
|
|
|
|
- name: Assert that a backup file was created
|
|
assert:
|
|
that:
|
|
- result.bakup
|
|
- shadow_backups.files | map(attribute='path') | list | length > 0
|