Unsupported parameters for (ansible.builtin.user) module

[MaxPowers1337]

Description

Task "Set password ageing for existing regular (non-system, non-root) accounts" fails on fresh ubuntu 22.04.

ansible-galaxy collection install devsec.hardening

- hosts: localhost
  collections:
    - devsec.hardening
  roles:
    - os_hardening
    - ssh_hardening
  vars:
    sysctl_overwrite:
      # Enable IPv4 traffic forwarding for docker.
      net.ipv4.ip_forward: 1`

Reproduction steps

1. Fresh install of ubuntu 22.04
2. run os and ssh hardening roles in version 8.60

Current Behavior

TASK [devsec.hardening.os_hardening : Set password ageing for existing regular (non-system, non-root) accounts] ********************************************************************************************* failed: [localhost] (item=fallback) => {"ansible_loop_var": "item", "changed": false, "item": "fallback", "msg": "Unsupported parameters for (ansible.builtin.user) module: password_expire_max, password_expire_min Supported parameters include: append, authorization, comment, create_home, expires, force, generate_ssh_key, group, groups, hidden, home, local, login_class, move_home, name, non_unique, password, password_lock, profile, remove, role, seuser, shell, skeleton, ssh_key_bits, ssh_key_comment, ssh_key_file, ssh_key_passphrase, ssh_key_type, state, system, uid, update_password"}

Expected Behavior

no error :)

OS / Environment

$ uname -a
Linux mydomain 5.15.0-67-generic #74-Ubuntu SMP Wed Feb 22 14:14:39 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux

$ cat /etc/os-release 
PRETTY_NAME="Ubuntu 22.04.2 LTS"
NAME="Ubuntu"
VERSION_ID="22.04"
VERSION="22.04.2 LTS (Jammy Jellyfish)"
VERSION_CODENAME=jammy
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=jammy

Ansible Version

$ ansible --version
ansible 2.10.8
  config file = None
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3/dist-packages/ansible
  executable location = /usr/bin/ansible
  python version = 3.10.6 (main, Nov 14 2022, 16:10:14) [GCC 11.3.0]

Collection Version

$ ansible-galaxy collection list | grep dev
devsec.hardening  8.6.0

Additional information

...

[rndmh3ro]

The installed version 2.10.8 is out of support from ansible.
we can check if we could work around this but generally you should install a supported version.

[MaxPowers1337]

Oh my bad. Installed a new os and automatically assumed I got recent Versions. Thank you! Am 8. März 2023 17:44:56 schrieb Sebastian Gumprich ***@***.***>:

…

The installed version 2.10.8 is out of support from ansible. we can check if we could work around this but generally you should install a supported version.— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you authored the thread.Message ID: ***@***.***>

[koolwilly72]

Is this issue resolved now?

[airglow923]

Hi @koolwilly72, ansible from system repositories can be outdated. You can install the latest version from pip.

$ pip3 install ansible