[stable-2.9] user - fix shadow file parsing on AIX (#62547)

Initialize variables in case the shadow file is not found. Handle IndexErrors if something goes wrong with file parsing. (cherry picked from commit e9d10f94b7) Co-authored-by: Sam Doran <sdoran@redhat.com>
author: Sam Doran <sdoran@redhat.com> 2019-10-14 15:44:22 -0400
committer: Toshio Kuratomi <a.badger@gmail.com> 2019-10-14 17:00:50 -0700
commit: 2762eb64ac5369e8202b96cab415aad1bb302327 (patch)
tree: 9176389a0296427c0c77f31db4e8dd8c8ac7d21c
parent: 715ff9d2c1d96426a3db84b8b369e75f39cf0057 (diff)
download: ansible-2762eb64ac5369e8202b96cab415aad1bb302327.tar.gz
2 files changed, 20 insertions, 16 deletions
diff --git a/changelogs/fragments/user-aix-shadow-unbound-local.yaml b/changelogs/fragments/user-aix-shadow-unbound-local.yaml
new file mode 100644
index 0000000000..f1283dc6ea
--- /dev/null
+++ b/changelogs/fragments/user-aix-shadow-unbound-local.yaml
@@ -0,0 +1,2 @@
+bugfixes:
+  - user - fix stack trace on AIX when attempting to parse shadow file that does not exist (https://github.com/ansible/ansible/issues/62510)
diff --git a/lib/ansible/modules/system/user.py b/lib/ansible/modules/system/user.py
index 9cf9947281..00dec5f897 100644
--- a/lib/ansible/modules/system/user.py
+++ b/lib/ansible/modules/system/user.py
@@ -2501,29 +2501,31 @@ class AIX(User):
         """
 
         b_name = to_bytes(self.name)
+        b_passwd = b''
+        b_expires = b''
         if os.path.exists(self.SHADOWFILE) and os.access(self.SHADOWFILE, os.R_OK):
             with open(self.SHADOWFILE, 'rb') as bf:
                 b_lines = bf.readlines()
 
             b_passwd_line = b''
             b_expires_line = b''
-            for index, b_line in enumerate(b_lines):
-                # Get password and lastupdate lines which come after the username
-                if b_line.startswith(b'%s:' % b_name):
-                    b_passwd_line = b_lines[index + 1]
-                    b_expires_line = b_lines[index + 2]
-                    break
-
-            # Sanity check the lines because sometimes both are not present
-            if b' = ' in b_passwd_line:
-                b_passwd = b_passwd_line.split(b' = ', 1)[-1].strip()
-            else:
-                b_passwd = b''
+            try:
+                for index, b_line in enumerate(b_lines):
+                    # Get password and lastupdate lines which come after the username
+                    if b_line.startswith(b'%s:' % b_name):
+                        b_passwd_line = b_lines[index + 1]
+                        b_expires_line = b_lines[index + 2]
+                        break
 
-            if b' = ' in b_expires_line:
-                b_expires = b_expires_line.split(b' = ', 1)[-1].strip()
-            else:
-                b_expires = b''
+                # Sanity check the lines because sometimes both are not present
+                if b' = ' in b_passwd_line:
+                    b_passwd = b_passwd_line.split(b' = ', 1)[-1].strip()
+
+                if b' = ' in b_expires_line:
+                    b_expires = b_expires_line.split(b' = ', 1)[-1].strip()
+
+            except IndexError:
+                self.module.fail_json(msg='Failed to parse shadow file %s' % self.SHADOWFILE)
 
         passwd = to_native(b_passwd)
         expires = to_native(b_expires) or -1
author	Sam Doran <sdoran@redhat.com>	2019-10-14 15:44:22 -0400
committer	Toshio Kuratomi <a.badger@gmail.com>	2019-10-14 17:00:50 -0700
commit	2762eb64ac5369e8202b96cab415aad1bb302327 (patch)
tree	9176389a0296427c0c77f31db4e8dd8c8ac7d21c
parent	715ff9d2c1d96426a3db84b8b369e75f39cf0057 (diff)
download	ansible-2762eb64ac5369e8202b96cab415aad1bb302327.tar.gz