Merge pull request #31857 from sjorge/solarish_shadow

gen_password and del_password missing from solaris_shadow
2025-04-17 10:10:20 +00:00 · 2016-03-14 14:29:50 -06:00 · 2016-03-14 14:29:50 -06:00 · d357e4ea44
commit d357e4ea44
parent 1b0b2d3f1a 38231303f3
1 changed files with 67 additions and 0 deletions
--- a/salt/modules/solaris_shadow.py
+++ b/salt/modules/solaris_shadow.py
@ -19,6 +19,13 @@ except ImportError:

 # Import salt libs
 import salt.utils
+from salt.exceptions import CommandExecutionError
+try:
+    import salt.utils.pycrypto
+    HAS_CRYPT = True
+except ImportError:
+    HAS_CRYPT = False
+

 # Define the module's virtual name
 __virtualname__ = 'shadow'
@ -190,6 +197,66 @@ def set_mindays(name, mindays):
    return False


+def gen_password(password, crypt_salt=None, algorithm='sha512'):
+    '''
+    .. versionadded:: 2015.8.9
+
+    Generate hashed password
+
+    .. note::
+
+        When called this function is called directly via remote-execution,
+        the password argument may be displayed in the system's process list.
+        This may be a security risk on certain systems.
+
+    password
+        Plaintext password to be hashed.
+
+    crypt_salt
+        Crpytographic salt. If not given, a random 8-character salt will be
+        generated.
+
+    algorithm
+        The following hash algorithms are supported:
+
+        * md5
+        * blowfish (not in mainline glibc, only available in distros that add it)
+        * sha256
+        * sha512 (default)
+
+    CLI Example:
+
+    .. code-block:: bash
+
+        salt '*' shadow.gen_password 'I_am_password'
+        salt '*' shadow.gen_password 'I_am_password' crypt_salt='I_am_salt' algorithm=sha256
+    '''
+    if not HAS_CRYPT:
+        raise CommandExecutionError(
+                'gen_password is not available on this operating system '
+                'because the "crypt" python module is not available.'
+                )
+    return salt.utils.pycrypto.gen_hash(crypt_salt, password, algorithm)
+
+
+def del_password(name):
+    '''
+    .. versionadded:: 2015.8.9
+
+    Delete the password from name user
+
+    CLI Example:
+
+    .. code-block:: bash
+
+        salt '*' shadow.del_password username
+    '''
+    cmd = 'passwd -d {0}'.format(name)
+    __salt__['cmd.run'](cmd, python_shell=False, output_loglevel='quiet')
+    uinfo = info(name)
+    return not uinfo['passwd']
+
+
 def set_password(name, password):
    '''
    Set the password for a named user. The password must be a properly defined