Compatibility with el5
Closed this issue · 8 comments
Hi,
I'm just wondering if your module is compatible with rhel/centos5 which have python2.4.
Sadly, it seems that the spwd module isn't included in version 2.4
Are the any solution you can suggest to make your module compatible with those older systems?
Thanks for your response.
Hi @angystardust , thanks for taking an interest in my module.
You are correct, spwd is not available in Python 2.4 (it was introduced in 2.5).
Options...
- The Python
spwdmodule is just a C code extension which provides access to thegetsp*()functions in the C library. These C library routines are available in Centos 5 (I just verified in a Docker container) so the Python extension could probably be back-ported to Python 2.4. But this would require customisation of the Python installation on your managed nodes. - Look at the possibility of updating to at least Python 2.5 on your managed nodes.
- I could modify the module to read the
/etc/shadowfile directly if thespwdPython module is not available. Modification would still be via thechagecommand.
I'm guessing you'd prefer option 3 ?
:-)
You guessed: option number 3! 😄
@angystardust that's fixed.
I'd be grateful if you could give it a quick test and let me know if it works.
Wow! It looks great! I'll test it as soon as I can and i'll be back to you for my comments.
Thanks a lot
Hi @lqueryvg and sorry for the late reply but I was on vacation 🌴
I can confirm that your module works both on el5 and el6 (still haven't tested with el7) but it doesn't seem to respect the idempotency features of ansible.
In other words, every time I run an ad-hoc command using your module, it produces a change even if the configuration of the user is already applied:
[root@server ansible]# ansible -vvv as2-pre -M /srv/ansible/library/ -m chage -a 'user=user01 sp_expire=2016-07-01'
<10.220.20.134> ESTABLISH CONNECTION FOR USER: root on PORT 22 TO 10.220.20.134
<10.220.20.134> REMOTE_MODULE chage user=user01 sp_expire=2016-07-01
<10.220.20.134> EXEC /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1465391877.86-60425506293546 && echo $HOME/.ansible/tmp/ansible-tmp-1465391877.86-60425506293546'
<10.220.20.134> PUT /tmp/tmpYHCt2s TO /root/.ansible/tmp/ansible-tmp-1465391877.86-60425506293546/chage
<10.220.20.134> EXEC /bin/sh -c 'LANG=C LC_CTYPE=C /usr/bin/env python /root/.ansible/tmp/ansible-tmp-1465391877.86-60425506293546/chage; rm -rf /root/.ansible/tmp/ansible-tmp-1465391877.86-60425506293546/ >/dev/null 2>&1'
as2-pre | success >> {
"changed": true,
"shadow": {
"sp_expire": "2016-07-01",
"sp_flag": "",
"sp_inact": "",
"sp_lstchg": "",
"sp_max": "99999",
"sp_min": "0",
"sp_nam": "user01",
"sp_pwd": "$1$Asnipsnipsnip97Lpf.HtIv/",
"sp_warn": "7"
}
}
[root@server ansible]# ansible -vvv as2-pre -M /srv/ansible/library/ -m chage -a 'user=user01 sp_expire=2016-07-01'
<10.220.20.134> ESTABLISH CONNECTION FOR USER: root on PORT 22 TO 10.220.20.134
<10.220.20.134> REMOTE_MODULE chage user=user01 sp_expire=2016-07-01
<10.220.20.134> EXEC /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1465392323.15-105644358053577 && echo $HOME/.ansible/tmp/ansible-tmp-1465392323.15-105644358053577'
<10.220.20.134> PUT /tmp/tmpJJAOZT TO /root/.ansible/tmp/ansible-tmp-1465392323.15-105644358053577/chage
<10.220.20.134> EXEC /bin/sh -c 'LANG=C LC_CTYPE=C /usr/bin/env python /root/.ansible/tmp/ansible-tmp-1465392323.15-105644358053577/chage; rm -rf /root/.ansible/tmp/ansible-tmp-1465392323.15-105644358053577/ >/dev/null 2>&1'
as2-pre | success >> {
"changed": true,
"shadow": {
"sp_expire": "2016-07-01",
"sp_flag": "",
"sp_inact": "",
"sp_lstchg": "",
"sp_max": "99999",
"sp_min": "0",
"sp_nam": "user01",
"sp_pwd": "$1$Asnipsnipsnip97Lpf.HtIv/",
"sp_warn": "7"
}
}
Do you want me to open a new issue about that?
Hi @angystardust, thanks for pointing out this bug.
It must be a regression because I'm sure this worked before.
Yes, please put the above in a new issue and I'll hopefully fix it tonight.
FYI, I can see what's causing the problem...
The sp_expire is stored as number of days since epoch, whereas the change command (and module) accepts a string of the form YYYY-MM-DD.
My module simply compares the two to see if a change is needed.
I'll need to convert the string to a number of days beforehand.
@angystardust, this is now fixed in the latest commit.
I created issue #2 for it.