Anons79 Mini Shell

Directory : /lib/python2.7/site-packages/ansible/modules/system/
Upload File :
Current File : //lib/python2.7/site-packages/ansible/modules/system/authorized_key.pyo

�
�Udac@`sjddlmZmZmZeZidd6dgd6dd6ZdZd	Zd
Z	ddl
Z
ddlZddlZ
ddl
Z
ddlZddlZddlmZdd
lmZddlmZddlmZdefd��YZedeed�Zd�Zdd�Zd�Z d�Z!d�Z"d�Z#d�Z$d�Z%e&dkrfe%�ndS(i(tabsolute_importtdivisiontprint_functions1.1tmetadata_versiontpreviewtstatustcoretsupported_bys�
---
module: authorized_key
short_description: Adds or removes an SSH authorized key
description:
    - Adds or removes SSH authorized keys for particular user accounts.
version_added: "0.5"
options:
  user:
    description:
      - The username on the remote host whose authorized_keys file will be modified.
    type: str
    required: true
  key:
    description:
      - The SSH public key(s), as a string or (since Ansible 1.9) url (https://github.com/username.keys).
    type: str
    required: true
  path:
    description:
      - Alternate path to the authorized_keys file.
      - When unset, this value defaults to I(~/.ssh/authorized_keys).
    type: path
    version_added: "1.2"
  manage_dir:
    description:
      - Whether this module should manage the directory of the authorized key file.
      - If set to C(yes), the module will create the directory, as well as set the owner and permissions
        of an existing directory.
      - Be sure to set C(manage_dir=no) if you are using an alternate directory for authorized_keys,
        as set with C(path), since you could lock yourself out of SSH access.
      - See the example below.
    type: bool
    default: yes
    version_added: "1.2"
  state:
    description:
      - Whether the given key (with the given key_options) should or should not be in the file.
    type: str
    choices: [ absent, present ]
    default: present
  key_options:
    description:
      - A string of ssh key options to be prepended to the key in the authorized_keys file.
    version_added: "1.4"
  exclusive:
    description:
      - Whether to remove all other non-specified keys from the authorized_keys file.
      - Multiple keys can be specified in a single C(key) string value by separating them by newlines.
      - This option is not loop aware, so if you use C(with_) , it will be exclusive per iteration of the loop.
      - If you want multiple keys in the file you need to pass them all to C(key) in a single batch as mentioned above.
    type: bool
    default: no
    version_added: "1.9"
  validate_certs:
    description:
      - This only applies if using a https url as the source of the keys.
      - If set to C(no), the SSL certificates will not be validated.
      - This should only set to C(no) used on personally controlled sites using self-signed certificates as it avoids verifying the source site.
      - Prior to 2.1 the code worked as if this was set to C(yes).
    type: bool
    default: yes
    version_added: "2.1"
  comment:
    description:
      - Change the comment on the public key.
      - Rewriting the comment is useful in cases such as fetching it from GitHub or GitLab.
      - If no comment is specified, the existing comment will be kept.
    type: str
    version_added: "2.4"
  follow:
    description:
      - Follow path symlink instead of replacing it.
    type: bool
    default: no
    version_added: "2.7"
author: Ansible Core Team
s
- name: Set authorized key taken from file
  authorized_key:
    user: charlie
    state: present
    key: "{{ lookup('file', '/home/charlie/.ssh/id_rsa.pub') }}"

- name: Set authorized keys taken from url
  authorized_key:
    user: charlie
    state: present
    key: https://github.com/charlie.keys

- name: Set authorized key in alternate location
  authorized_key:
    user: charlie
    state: present
    key: "{{ lookup('file', '/home/charlie/.ssh/id_rsa.pub') }}"
    path: /etc/ssh/authorized_keys/charlie
    manage_dir: False

- name: Set up multiple authorized keys
  authorized_key:
    user: deploy
    state: present
    key: '{{ item }}'
  with_file:
    - public_keys/doe-jane
    - public_keys/doe-john

- name: Set authorized key defining key options
  authorized_key:
    user: charlie
    state: present
    key: "{{ lookup('file', '/home/charlie/.ssh/id_rsa.pub') }}"
    key_options: 'no-port-forwarding,from="10.0.1.1"'

- name: Set authorized key without validating the TLS/SSL certificates
  authorized_key:
    user: charlie
    state: present
    key: https://github.com/user.keys
    validate_certs: False

- name: Set authorized key, removing all the authorized keys already set
  authorized_key:
    user: root
    key: '{{ item }}'
    state: present
    exclusive: True
  with_file:
    - public_keys/doe-jane

- name: Set authorized key for user ubuntu copying it from current user
  authorized_key:
    user: ubuntu
    state: present
    key: "{{ lookup('file', lookup('env','HOME') + '/.ssh/id_rsa.pub') }}"
sP
exclusive:
  description: If the key has been forced to be exclusive or not.
  returned: success
  type: bool
  sample: False
key:
  description: The key that the module was running against.
  returned: success
  type: str
  sample: https://github.com/user.keys
key_option:
  description: Key options related to the key.
  returned: success
  type: str
  sample: null
keyfile:
  description: Path for authorized key file.
  returned: success
  type: str
  sample: /home/user/.ssh/authorized_keys
manage_dir:
  description: Whether this module managed the directory of the authorized key file.
  returned: success
  type: bool
  sample: True
path:
  description: Alternate path to the authorized_keys file
  returned: success
  type: str
  sample: null
state:
  description: Whether the given key (with the given key_options) should or should not be in the file
  returned: success
  type: str
  sample: present
unique:
  description: Whether the key is unique
  returned: success
  type: bool
  sample: false
user:
  description: The username on the remote host whose authorized_keys file will be modified
  returned: success
  type: str
  sample: user
validate_certs:
  description: This only applies if using a https url as the source of the keys. If set to C(no), the SSL certificates will not be validated.
  returned: success
  type: bool
  sample: true
N(t
itemgetter(t	to_native(t
AnsibleModule(t	fetch_urltkeydictcB`s_eZdZd�Zd�Zd�Zd�Zd�Zd�Zd�Z	d�Z
d	�ZRS(
so a dictionary that maintains the order of keys as they are added

    This has become an abuse of the dict interface.  Probably should be
    rewritten to be an entirely custom object with methods instead of
    bracket-notation.

    Our requirements are for a data structure that:
    * Preserves insertion order
    * Can store multiple values for a single key.

    The present implementation has the following functions used by the rest of
    the code:

    * __setitem__(): to add a key=value.  The value can never be disassociated
      with the key, only new values can be added in addition.
    * items(): to retrieve the key, value pairs.

    Other dict methods should work but may be surprising.  For instance, there
    will be multiple keys that are the same in keys() and __getitem__() will
    return a list of the values that have been set via __setitem__.
    cO`s;tt|�j||�ttt|�j��|_dS(N(tsuperRt__init__tlisttkeystitemlist(tselftargstkw((sI/usr/lib/python2.7/site-packages/ansible/modules/system/authorized_key.pyRscC`sP|jj|�||kr0||j|�ntt|�j||g�dS(N(RtappendR
Rt__setitem__(Rtkeytvalue((sI/usr/lib/python2.7/site-packages/ansible/modules/system/authorized_key.pyRscC`s
t|j�S(N(titerR(R((sI/usr/lib/python2.7/site-packages/ansible/modules/system/authorized_key.pyt__iter__scC`s|jS(N(R(R((sI/usr/lib/python2.7/site-packages/ansible/modules/system/authorized_key.pyRscc`s^i}xQ|jD]F}||kr5||cd7<n
d||<|||||fVqWdS(Nii(R(RtindexesR((sI/usr/lib/python2.7/site-packages/ansible/modules/system/authorized_key.pyt_item_generators
cC`std��dS(Ns,Do not use this as it's not available on py3(tNotImplementedError(R((sI/usr/lib/python2.7/site-packages/ansible/modules/system/authorized_key.pyt	iteritemsscC`st|j��S(N(RR(R((sI/usr/lib/python2.7/site-packages/ansible/modules/system/authorized_key.pytitems scC`std��dS(Ns,Do not use this as it's not available on py3(R(R((sI/usr/lib/python2.7/site-packages/ansible/modules/system/authorized_key.pyt
itervalues#scC`s!g|j�D]}|d^q
S(Ni(R(Rtitem((sI/usr/lib/python2.7/site-packages/ansible/modules/system/authorized_key.pytvalues&s(t__name__t
__module__t__doc__RRRRRRRR R"(((sI/usr/lib/python2.7/site-packages/ansible/modules/system/authorized_key.pyR�s									cC`s�|jr5|d	k	r5|}|r1tjj|�S|Sytj|�}Wn[tk
r�}|jr�|d	kr�|jdd�n|jdd|t	|�f�nX|d	kr�|j
}	tjj|	d�}
tjj|
d�}ntjj|�}
|}|rtjj|�}n|s+|jr/|S|j
}|j}|r�tjj|
�s�tj|
tdd��|j�r�|j|
t�q�ntj|
||�tj|
tdd��ntjj|�sLtjj|�}
tjj|
�s	tj|
�nzt|d�}Wd	|j�X|j�rL|j|t�qLny0tj|||�tj|td
d��Wntk
r�nX|S(ss
    Calculate name of authorized keys file, optionally creating the
    directories and file, properly setting permissions.

    :param str user: name of user in passwd file
    :param bool write: if True, write changes to authorized_keys file (creating directories if needed)
    :param str path: if not None, use provided path rather than default of '~user/.ssh/authorized_keys'
    :param bool manage_dir: if True, create and set ownership of the parent dir of the authorized_keys file
    :param bool follow: if True symlinks will be followed and not replaced
    :return: full path string to authorized_keys for user
    tmsgsNEither user must exist or you must provide full path to key file in check modesFailed to lookup user %s: %ss.sshtauthorized_keyst0700itwNt0600(t
check_modetNonetostpathtrealpathtpwdtgetpwnamtKeyErrort	fail_jsonR	tpw_dirtjointdirnametpw_uidtpw_gidtexiststmkdirtinttselinux_enabledtset_default_selinux_contexttFalsetchowntchmodtmakedirstopentclosetOSError(tmoduletusertwriteR.t
manage_dirtfollowtkeysfilet
user_entrytethomedirtsshdirtuidtgidtbasedirtf((sI/usr/lib/python2.7/site-packages/ansible/modules/system/authorized_key.pytkeyfile*sZ
$			
cC`s�t�}|r�tjd�}|j|�dd!}x[|D]P}d|krr|jdd�\}}|||<q;|dkr;d||<q;q;Wn|S(sa
    reads a string containing ssh-key options
    and returns a dictionary of those options
    s((?:[^,"']|"[^"]*"|'[^']*')+)ii����t=t,N(RtretcompiletsplitR,(REtoptionstoptions_dicttregextpartstpartRR((sI/usr/lib/python2.7/site-packages/ansible/modules/system/authorized_key.pytparseoptionsrs	

cC`swddddddg}d}d}d}d}|jdd�}tj|�}g|_d	|_t|_t|�}	|	r�|	d
dkr�|ddd|fSxAtd
t	|	��D]*}
|	|
|kr�|
}|	|
}Pq�q�W|dkr�dS|d
krdj
|	| �}nt||�}|	|d
}t	|	�|d
krddj
|	|d�}n|||||fS(s�
    parses a key, which may or may not contain a list
    of ssh-key options at the beginning

    rank indicates the keys original ordering, so that
    it can be written out in the same order.
    sssh-ed25519secdsa-sha2-nistp256secdsa-sha2-nistp384secdsa-sha2-nistp521sssh-dsssssh-rsas\#t#titskippedt iiN(R,treplacetshlextquotest
commenterstTruetwhitespace_splitRtrangetlenR5R^(REtraw_keytranktVALID_SSH2_KEY_TYPESRYRtkey_typet
type_indextlext	key_partstitcomment((sI/usr/lib/python2.7/site-packages/ansible/modules/system/authorized_key.pytparsekey�s@
				
cC`sBtjj|�sdSt|�}z|j�SWd|j�XdS(NR`(R-R.tisfileRBtreadRC(tfilenameRR((sI/usr/lib/python2.7/site-packages/ansible/modules/system/authorized_key.pytreadfile�scC`sui}xht|jt��D]Q\}}t||d|�}|rT|||d<q|ddd|f||<qW|S(NRliRa(t	enumeratet
splitlinesRgRtR,(REtlinesRt
rank_indextlinetkey_data((sI/usr/lib/python2.7/site-packages/ansible/modules/system/authorized_key.pyt	parsekeys�s"cC`s�tjddtjj|��\}}t|d�}y|j|�Wn3tk
r|}|jdd|t	|�f�nX|j
�|j||�dS(NR`ttmpR)R&sFailed to write to file %s: %s(ttempfiletmkstempR-R.R6RBRGtIOErrorR3R	RCtatomic_move(RERwtcontenttfdttmp_pathRRRL((sI/usr/lib/python2.7/site-packages/ansible/modules/system/authorized_key.pyt	writefile�s'$
cC`sHg}|j�}t|dtd��}x|D]}y�|\}}}}}	d}
|r�g}xQ|j�D]C\}}
|
dkr�|jd|�qn|jd||
f�qnWdj|�}
|
d7}
n|s�|}n|dkr�|d	}nd
|
|||f}Wntk
r)|}nX|j|�q1Wdj|�S(NRiR`s%ss%s=%sRURbRais%s%s %s %s
(R"tsortedRRR,RR5t	Exception(RR{tnew_keystordered_new_keysRtkeyhashRnRYRsRlt
option_strtoption_stringst
option_keyRtkey_line((sI/usr/lib/python2.7/site-packages/ansible/modules/system/authorized_key.pyt	serialize�s0

	


c!C`s�|d}|d}|jdd"�}|jdt�}|jdd�}|jdd"�}|jdt�}|jd	d"�}	|jd
t�}
d}|jd�r0yLt||�\}}
|
d
dkr�|jd||�n|j�}Wn%tk
r|jd||�nXt	|dd�}ng|j
�D]"}|r=|jd�r=|^q=}t}t|||||�|d<t|d�}t
||�}g}t|�}xt|�D]�\}}t||d|�}|s|jdd|�n|d"k	rFt||�}|d|d||d|df}n|	d"k	rz|d|d|d|	|df}nt}g}|d|kr�|d ||dd kr�|dkr�|j||d�q�t}n|dkr�|j|d�t|�dkrFx5|D]*}|d|kr||d=t}qqWn|s�||d}|d|d|d|d|f||d<t}q�q�|dkr�|s�q�n||d=t}q�q�W|dkr|rt|�j|�}x|D]}||=t}q�Wn|r�t||||||
�}t|�}d"} |jrzi|dd6|d6|d6|d6} | |d <n|jr�|jd!td | �nt|||�t|d!<n|jr�|jd!t�n|S(#s
    Add or remove key.
    RFRR.RHtstatetpresenttkey_optionst	exclusiveRsRIsError getting key from: %sthttpRi�R&terrorstsurrogate_or_strictR_RSRlsinvalid key specified: %siiiiitabsentt
before_headertafter_headertbeforetaftertdifftchangedN(tgetR,RgR>t
startswithRR3RvR�R	RzRSRxRRjRyRtR^Rt	frozensett
differenceR�t_diffR+t	exit_jsonR�(!REtparamsRFRR.RHR�R�R�RsRIt	error_msgtresptinfotsR�tdo_writetexisting_contentt
existing_keyst
keys_to_existtmax_rank_of_existing_keysR|tnew_keytparsed_new_keytparsed_optionstmatchedtnon_matching_keystnon_matching_keyt
total_rankt	to_removeRwtnew_contentR�((sI/usr/lib/python2.7/site-packages/ansible/modules/system/authorized_key.pyt
enforce_states�


5(((	
-


	

	
	cC`stdtdtdddt�dtdddt�dtdd�dtdd	d
t�dtddd
dd
ddg�dtdd�dtdd	d
t�dtdd�dtdd	d
t�dtdd	d
t��
dt�}t||j�}|j|�dS(Nt
argument_specRFttypetstrtrequiredRR.RHtbooltdefaultR�R�tchoicesR�R�R�Rstvalidate_certsRItsupports_check_mode(R
tdictRgR>R�R�R�(REtresults((sI/usr/lib/python2.7/site-packages/ansible/modules/system/authorized_key.pytmain�s!	t__main__('t
__future__RRRR�t
__metaclass__tANSIBLE_METADATAt
DOCUMENTATIONtEXAMPLEStRETURNR-R0tos.pathR�RVRdtoperatorRtansible.module_utils._textR	tansible.module_utils.basicR
tansible.module_utils.urlsRR�RR>R,RgRSR^RtRxRR�R�R�R�R#(((sI/usr/lib/python2.7/site-packages/ansible/modules/system/authorized_key.pyt<module>s:


P<5AH	>			
	#	�	

Anons79 File Manager Version 1.0, Coded By Anons79
Email: [email protected]