← Back to team overview

cloud-init-dev team mailing list archive

[Merge] ~rjschwei/cloud-init:handleUsrLocked into cloud-init:master

 

Robert Schweikert has proposed merging ~rjschwei/cloud-init:handleUsrLocked into cloud-init:master.

Commit message:
Handle a locked user

At present if the user exists and is already locked, either previous
user creation or user is created locked by default the lock action
exception is propagated. However, if the user is already locked we
have the condition we want to achieve and thus should move on.
Addresses lp#1793193


Requested reviews:
  cloud-init commiters (cloud-init-dev)
Related bugs:
  Bug #1793193 in cloud-init: "A locked user triggers an exception"
  https://bugs.launchpad.net/cloud-init/+bug/1793193

For more details, see:
https://code.launchpad.net/~rjschwei/cloud-init/+git/cloud-init/+merge/355254
-- 
Your team cloud-init commiters is requested to review the proposed merge of ~rjschwei/cloud-init:handleUsrLocked into cloud-init:master.
diff --git a/cloudinit/distros/__init__.py b/cloudinit/distros/__init__.py
index b8a48e8..1c3f1ce 100644
--- a/cloudinit/distros/__init__.py
+++ b/cloudinit/distros/__init__.py
@@ -580,8 +580,15 @@ class Distro(object):
             # about long names.
             util.subp(['passwd', '-l', name])
         except Exception as e:
-            util.logexc(LOG, 'Failed to disable password for user %s', name)
-            raise e
+            if e.exit_code != 3:
+                util.logexc(
+                    LOG, 'Failed to disable password for user %s', name
+                )
+                raise e
+            else:
+                util.logexc(
+                    LOG, 'Password access already locked for user %s', name
+                )
 
     def set_passwd(self, user, passwd, hashed=False):
         pass_string = '%s:%s' % (user, passwd)
diff --git a/tests/unittests/test_distros/test_create_users.py b/tests/unittests/test_distros/test_create_users.py
index c3f258d..cf7cff9 100644
--- a/tests/unittests/test_distros/test_create_users.py
+++ b/tests/unittests/test_distros/test_create_users.py
@@ -45,6 +45,10 @@ class MyBaseDistro(distros.Distro):
         raise NotImplementedError()
 
 
+class UserLockedError(Exception):
+    exit_code = 3
+
+
 @mock.patch("cloudinit.distros.util.system_is_snappy", return_value=False)
 @mock.patch("cloudinit.distros.util.subp")
 class TestCreateUser(CiTestCase):
@@ -240,4 +244,13 @@ class TestCreateUser(CiTestCase):
             [mock.call(set(['auth1']), user),  # not disabled
              mock.call(set(['key1']), 'foouser', options=disable_prefix)])
 
+    def test_lock_passwd_already_locked(self, m_subp, m_is_snappy):
+        """Do not propagate the exception when user is already locked"""
+        m_subp.side_effect = UserLockedError()
+        user = 'foouser'
+        self.dist.lock_passwd(user)
+        self.assertIn(
+            'Password access already locked for user foouser',
+            self.logs.getvalue())
+
 # vi: ts=4 expandtab

Follow ups