Allow for changing user passwords #60
Conversation
|
I like this pull request. This also solves the no_log problem in the |
| copy: | ||
| content: | | ||
| {{ user.password }} | ||
| {{ user.password }} |
There was a problem hiding this comment.
Is this intentionally the same thing twice?
There was a problem hiding this comment.
Yes. As you can see from the shell command later, the contents of this file are just catted into smbpasswd. smbpasswd asks for the password and then password confirmation right after, so we need to enter it twice.
There was a problem hiding this comment.
Might be worth adding a comment to that effect to prevent someone "fixing" it in the future :)
| --- | ||
| - block: | ||
| - name: Create tmpfile | ||
| tempfile: |
There was a problem hiding this comment.
Might be cleaner (and arguably more secure) to use tempfile for this.
There was a problem hiding this comment.
I'm not sure I follow? The tempfile module is being used here.
There was a problem hiding this comment.
Apologies, I was looking at something else and got confused - you're right of course.
This PR should allow for both the creation and update of Samba user passwords. In addition, it stores sensitive passwords in temporary files instead of printing them out on the command line where they could be seen in a process listing.