You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
According to the documentation, icx_user has a field update_password which is either 'always' or 'on_create'.
If set to on_create it should only set the password on creation of the user, but it appears to reset it every time the play is run, generating a new hash and logging that a change has occurred.
From a quick search of the repo, it doesn't look as though there's actually any code that looks at that value, unless it's somewhere outside of the repo itself.
The password not to be reset every time the play is run
ACTUAL RESULTS
Every time the play is run with no changes to the play or variables, it shows a change was made and on checking on the switch, the encoded password has been modified.
SSH@test#sh users
Username Password Encrypt Priv Status Expire Time
======================================================================================================================
foo $1$aopQ......... enabled 0 enabled Never
# Run the play again
SSH@test#sh users
Username Password Encrypt Priv Status Expire Time
======================================================================================================================
foo $1$tYRP........ enabled 0 enabled Never
The text was updated successfully, but these errors were encountered:
sjwk
changed the title
icx_user - update_password not honoured?
icx_user - update_password flag not honoured?
Jan 28, 2023
If anyone else wants to fix it, here's the Quick-start dev guide that can help.
Stuff in this collection needs more maintainers, so if you're interested, feel free to pick things up!
We'd be happy to assist along the way.
SUMMARY
According to the documentation, icx_user has a field update_password which is either 'always' or 'on_create'.
If set to on_create it should only set the password on creation of the user, but it appears to reset it every time the play is run, generating a new hash and logging that a change has occurred.
From a quick search of the repo, it doesn't look as though there's actually any code that looks at that value, unless it's somewhere outside of the repo itself.
ISSUE TYPE
COMPONENT NAME
icx_user
ANSIBLE VERSION
COLLECTION VERSION
CONFIGURATION
OS / ENVIRONMENT
STEPS TO REPRODUCE
EXPECTED RESULTS
The password not to be reset every time the play is run
ACTUAL RESULTS
Every time the play is run with no changes to the play or variables, it shows a change was made and on checking on the switch, the encoded password has been modified.
The text was updated successfully, but these errors were encountered: