ansible/test/integration/targets/user/tasks
Sam Doran 264e08f21a
user - properly handle password and password lock when used together (#73016)
Do the right thing on Linux when password lock and a password hash are provided by writing
out the password hash prepended by the appropriate lock string rather than using -U and -L.
This is the correct way to set and lock the account in one command.

On BSD, run separate commands as appropriate since locking and setting the password cannot 
be done in a single action.

FreeBSD requires running several commands to get the account in the desired state. As a result,
the rc, output, and error from all commands need to be combined and evaluated so an accurate
and complete summary can be given at the end of module execution.

* Improve integration tests to cover this scenario.
* Break up user integration tests into smaller files
* Properly lock account when creating a new account and password is supplied

* Simplify rc collection in FreeBSD class
  Since the _handle_lock() method was added, the rc would be set to None, which could make
  task change reporting incorrect. My first attempt to solve this used a set and was a bit too
  complicated. Simplify it my comparing the rc from _handle_lock() and the current value of rc.

* Improve the Linux password hash and locking behavior
  If password lock and hash are provided, set the hash and lock the account by using a password
  hash since -L cannot be used with -p.

* Ensure -U and -L are not combined with -p since they are mutually exclusive to usermod.

* Clarify password_lock behavior.
2021-01-11 11:42:35 -05:00
..
main.yml
test_create_system_user.yml
test_create_user.yml
test_create_user_home.yml
test_create_user_password.yml
test_create_user_uid.yml
test_expires.yml
test_expires_new_account.yml
test_expires_new_account_epoch_negative.yml
test_local.yml
test_local_expires.yml
test_no_home_fallback.yml
test_password_lock.yml
test_password_lock_new_user.yml
test_remove_user.yml
test_shadow_backup.yml
test_ssh_key_passphrase.yml