Ansible 'user' module won't set expected password
106 views
Skip to first unread message
Ansible Project
Sep 18, 2023, 3:43:23 PM9/18/23
to Ansible Project
Hi - I'm trying to use the ansible.builtin.user module to set the user's password as it creates a new user account. My task contains:
- name: Create oracle user
ansible.builtin.user:
name: oracle
state: present
uid: 54321
group: oinstall
groups: dba,asmdba,backupdba,dgdba,kmdba,racdba
password: "{{ 'ansible_password' | password_hash('sha512'), 'mysecretsalt' }}"
ansible.builtin.user:
name: oracle
state: present
uid: 54321
group: oinstall
groups: dba,asmdba,backupdba,dgdba,kmdba,racdba
password: "{{ 'ansible_password' | password_hash('sha512'), 'mysecretsalt' }}"
The value of 'ansible_password' is set in the inventory file; the password contains letters, numbers and special characters.
The Ansible play containing this code executes successfully. The 'oracle' account is created. But I'm not able to log into the account, using the value provided in the 'ansible_password' value. I've read the Ansible documentation and Google'd around, but don't see why this isn't working as expected.
Thoughts, please!
Thanks
tl
"Kosala Atapattu (කෝසල අතපත්තු)"
Sep 18, 2023, 3:52:17 PM9/18/23
to ansible...@googlegroups.com
Have you tried a simpler password to see whether it works?
Ko
Sent from my iPhone
On 19/09/2023, at 7:43 AM, 'Ansible Project' via Ansible Project <ansible...@googlegroups.com> wrote:
Hi - I'm trying to use the ansible.builtin.user module to set the user's password as it creates a new user account. My task contains:
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/561e1dbe-8df4-4819-a2f8-934751417205n%40googlegroups.com.
Dick Visser
Sep 18, 2023, 4:15:04 PM9/18/23
to ansible...@googlegroups.com
On Mon, 18 Sept 2023 at 21:43, 'Ansible Project' via Ansible Project <ansible...@googlegroups.com> wrote:
Hi - I'm trying to use the ansible.builtin.user module to set the user's password as it creates a new user account. My task contains:- name: Create oracle user
ansible.builtin.user:
name: oracle
state: present
uid: 54321
group: oinstall
groups: dba,asmdba,backupdba,dgdba,kmdba,racdba
password: "{{ 'ansible_password' | password_hash('sha512'), 'mysecretsalt' }}"The value of 'ansible_password' is set in the inventory file; the password contains letters, numbers and special characters.
The code you posted uses the quoted literal string 'ansible_password' as the password.
If you want the use the variable, then don't use quotes:
password: "{{ ansible_password | password_hash('sha512'), 'mysecretsalt' }}"
Another problem could be that the variable name you picked is reserved: https://docs.ansible.com/ansible/latest/inventory_guide/intro_inventory.html#connecting-to-hosts-behavioral-inventory-parameters
So pick something else, for example oracle_user_password.
Terry Lemons
Sep 18, 2023, 4:55:59 PM9/18/23
to Ansible Project
Hi Dick
- name: Create oracle user
ansible.builtin.user:
name: oracle
state: present
uid: 54321
group: oinstall
groups: dba,asmdba,backupdba,dgdba,kmdba,racdba
password: "{{ ansible_password | password_hash('sha512') }}"
Exactly! argh, I didn't see that problem. This worked fine:
- name: Create oracle user
ansible.builtin.user:
name: oracle
state: present
uid: 54321
group: oinstall
groups: dba,asmdba,backupdba,dgdba,kmdba,racdba
password: "{{ ansible_password | password_hash('sha512') }}"
Thanks very much for the help!
tl
Reply all
Reply to author
Forward
0 new messages