Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow plaintext password to be used #23

Closed
wants to merge 3 commits into from
Closed

Allow plaintext password to be used #23

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
ab1d680
Added shadowhash generation to data_bag recipe. Still need to move it…
patcon Oct 29, 2012
c968ee2
Moved plaintext password flag from data_bag into account LWRP.
patcon Oct 30, 2012
4fa9b20
Allow default password to be stored in user attr hash.
patcon Nov 20, 2012
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
16 changes: 14 additions & 2 deletions providers/account.rb
View file
Open in desktop
Expand Up @@ -23,11 +23,23 @@ def load_current_resource
@my_home = new_resource.home ||
"#{node['user']['home_root']}/#{new_resource.username}"
@my_shell = new_resource.shell || node['user']['default_shell']
@my_password = if bool(new_resource.use_plaintext, node['user']['use_plaintext'])
generate_hash_from_plaintext(new_resource.password || node['user']['password'])
else
new_resource.password || node['user']['password']
end
@manage_home = bool(new_resource.manage_home, node['user']['manage_home'])
@create_group = bool(new_resource.create_group, node['user']['create_group'])
@ssh_keygen = bool(new_resource.ssh_keygen, node['user']['ssh_keygen'])
end

def generate_hash_from_plaintext(plaintext_password)
require 'digest/sha2'
salt = rand(36**8).to_s(36)
shadow_hash = plaintext_password.crypt("$6$" + salt)
return shadow_hash
end

action :create do
user_resource :create
dir_resource :create
Expand Down Expand Up @@ -89,15 +101,15 @@ def normalize_bool(val)

def user_resource(exec_action)
# avoid variable scoping issues in resource block
my_home, my_shell, manage_home = @my_home, @my_shell, @manage_home
my_home, my_shell, manage_home, my_password = @my_home, @my_shell, @manage_home, @my_password

r = user new_resource.username do
comment new_resource.comment if new_resource.comment
uid new_resource.uid if new_resource.uid
gid new_resource.gid if new_resource.gid
home my_home if my_home
shell my_shell if my_shell
password new_resource.password if new_resource.password
password my_password if my_password
system new_resource.system_user
supports :manage_home => manage_home
action :nothing
Expand Down
2 changes: 1 addition & 1 deletion recipes/data_bag.rb
View file
Open in desktop
Expand Up @@ -34,7 +34,7 @@
username = u['username'] || u['id']

user_account username do
%w{comment uid gid home shell password system_user manage_home create_group
%w{comment uid gid home shell password use_plaintext system_user manage_home create_group
ssh_keys ssh_keygen}.each do |attr|
send(attr, u[attr]) if u[attr]
end
Expand Down
1 change: 1 addition & 0 deletions resources/account.rb
View file
Open in desktop
Expand Up @@ -28,6 +28,7 @@
attribute :home, :kind_of => String
attribute :shell, :kind_of => String
attribute :password, :kind_of => String
attribute :use_plaintext, :default => nil
attribute :system_user, :default => false
attribute :manage_home, :default => nil
attribute :create_group, :default => nil
Expand Down