mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
user: don't generate SSH keys in check mode
Fixes https://github.com/ansible/ansible/issues/11768 Test plan: - (in a Vagrant VM) created a user 'bob' with no ssh key - ran the following playbook in check mode: --- - hosts: trusty tasks: - user: name=bob state=present generate_ssh_key=yes - saw that ansible-playbook reported "changes=1" - saw that /home/bob/.ssh was still absent - ran the playbook for real - saw that /home/bob/.ssh was created - ran the playbook in check mode again - saw that ansible-playbook reported no changes - tried a variation with a different username for a user that didn't exist: ansible-playbook --check worked correctly (no errors, reported "changed")
This commit is contained in:
parent
270c2e8bbd
commit
f97d00fbad
1 changed files with 6 additions and 1 deletions
|
@ -577,11 +577,13 @@ class User(object):
|
||||||
|
|
||||||
def ssh_key_gen(self):
|
def ssh_key_gen(self):
|
||||||
info = self.user_info()
|
info = self.user_info()
|
||||||
if not os.path.exists(info[5]):
|
if not os.path.exists(info[5]) and not self.module.check_mode:
|
||||||
return (1, '', 'User %s home directory does not exist' % self.name)
|
return (1, '', 'User %s home directory does not exist' % self.name)
|
||||||
ssh_key_file = self.get_ssh_key_path()
|
ssh_key_file = self.get_ssh_key_path()
|
||||||
ssh_dir = os.path.dirname(ssh_key_file)
|
ssh_dir = os.path.dirname(ssh_key_file)
|
||||||
if not os.path.exists(ssh_dir):
|
if not os.path.exists(ssh_dir):
|
||||||
|
if self.module.check_mode:
|
||||||
|
return (0, '', '')
|
||||||
try:
|
try:
|
||||||
os.mkdir(ssh_dir, 0700)
|
os.mkdir(ssh_dir, 0700)
|
||||||
os.chown(ssh_dir, info[2], info[3])
|
os.chown(ssh_dir, info[2], info[3])
|
||||||
|
@ -589,6 +591,8 @@ class User(object):
|
||||||
return (1, '', 'Failed to create %s: %s' % (ssh_dir, str(e)))
|
return (1, '', 'Failed to create %s: %s' % (ssh_dir, str(e)))
|
||||||
if os.path.exists(ssh_key_file):
|
if os.path.exists(ssh_key_file):
|
||||||
return (None, 'Key already exists', '')
|
return (None, 'Key already exists', '')
|
||||||
|
if self.module.check_mode:
|
||||||
|
return (0, '', '')
|
||||||
cmd = [self.module.get_bin_path('ssh-keygen', True)]
|
cmd = [self.module.get_bin_path('ssh-keygen', True)]
|
||||||
cmd.append('-t')
|
cmd.append('-t')
|
||||||
cmd.append(self.ssh_type)
|
cmd.append(self.ssh_type)
|
||||||
|
@ -2148,6 +2152,7 @@ def main():
|
||||||
|
|
||||||
# deal with ssh key
|
# deal with ssh key
|
||||||
if user.sshkeygen:
|
if user.sshkeygen:
|
||||||
|
# generate ssh key (note: this function is check mode aware)
|
||||||
(rc, out, err) = user.ssh_key_gen()
|
(rc, out, err) = user.ssh_key_gen()
|
||||||
if rc is not None and rc != 0:
|
if rc is not None and rc != 0:
|
||||||
module.fail_json(name=user.name, msg=err, rc=rc)
|
module.fail_json(name=user.name, msg=err, rc=rc)
|
||||||
|
|
Loading…
Reference in a new issue