From 822cdf68423b162d6eaf7c9bcd71e4461b0b9397 Mon Sep 17 00:00:00 2001 From: rohitthakur2590 Date: Mon, 18 Mar 2024 00:26:34 +0530 Subject: [PATCH] Fix root user authentication Signed-off-by: rohitthakur2590 --- changelogs/fragments/fix_root_auth.yaml | 4 ++++ plugins/modules/junos_user.py | 13 ++++++++----- .../targets/junos_user/tests/netconf/basic.yaml | 10 ++++++++++ 3 files changed, 22 insertions(+), 5 deletions(-) create mode 100644 changelogs/fragments/fix_root_auth.yaml diff --git a/changelogs/fragments/fix_root_auth.yaml b/changelogs/fragments/fix_root_auth.yaml new file mode 100644 index 00000000..fd9fb4b3 --- /dev/null +++ b/changelogs/fragments/fix_root_auth.yaml @@ -0,0 +1,4 @@ +--- +bugfixes: + - This fix provide the fucationality to + configure root-authentication->enrypted_password when user is root. diff --git a/plugins/modules/junos_user.py b/plugins/modules/junos_user.py index 018dd88f..acbaf281 100644 --- a/plugins/modules/junos_user.py +++ b/plugins/modules/junos_user.py @@ -258,7 +258,6 @@ def handle_purge(module, want): def map_obj_to_ele(module, want): element = Element("system") - login = SubElement(element, "login") for item in want: if item["state"] != "present": @@ -269,15 +268,15 @@ def map_obj_to_ele(module, want): operation = "merge" if item["name"] != "root": + login = SubElement(element, "login") user = SubElement(login, "user", {"operation": operation}) SubElement(user, "name").text = item["name"] else: - user = auth = SubElement( + user = SubElement( element, "root-authentication", {"operation": operation}, ) - if operation == "merge": if item["name"] == "root" and (not item["active"] or item["role"] or item["full_name"]): module.fail_json( @@ -308,8 +307,12 @@ def map_obj_to_ele(module, want): SubElement(ssh_rsa, "name").text = item["sshkey"] if item.get("encrypted_password"): - auth = SubElement(user, "authentication") - SubElement(auth, "encrypted-password").text = item["encrypted_password"] + if item["name"] == "root": + if "encrypted_password" in item: + SubElement(user, "encrypted-password").text = item["encrypted_password"] + else: + auth = SubElement(user, "authentication") + SubElement(auth, "encrypted-password").text = item["encrypted_password"] return element diff --git a/tests/integration/targets/junos_user/tests/netconf/basic.yaml b/tests/integration/targets/junos_user/tests/netconf/basic.yaml index 119519a6..873e48e0 100644 --- a/tests/integration/targets/junos_user/tests/netconf/basic.yaml +++ b/tests/integration/targets/junos_user/tests/netconf/basic.yaml @@ -199,6 +199,16 @@ - result.diff.prepared is search("\- *user test_user1") - result.diff.prepared is search("\- *user test_user2") +- name: Change Admin user password + register: result + junipernetworks.junos.junos_user: + name: root + encrypted_password: "{{ 'test' | password_hash('sha512')}}" + +- ansible.builtin.assert: + that: + - result.changed == true + - ansible.builtin.debug: msg="END junos_user netconf/basic.yaml on connection={{ ansible_connection }}"