diff --git a/lib/ansible/runner/lookup_plugins/password.py b/lib/ansible/runner/lookup_plugins/password.py index a494b694f7..3949672de9 100644 --- a/lib/ansible/runner/lookup_plugins/password.py +++ b/lib/ansible/runner/lookup_plugins/password.py @@ -21,6 +21,8 @@ from ansible import utils, errors import os import errno from string import ascii_letters, digits +import string +import random class LookupModule(object): @@ -48,6 +50,7 @@ class LookupModule(object): paramvals = { 'length': LookupModule.LENGTH, 'encrypt': None, + 'chars': ['ascii_letters','digits',".,:-_"], } # get non-default parameters if specified @@ -57,6 +60,11 @@ class LookupModule(object): assert(name in paramvals) if name == 'length': paramvals[name] = int(value) + elif name == 'chars': + use_chars=[] + if ",," in value: use_chars.append(',') + use_chars.extend(value.replace(',,',',').split(',')) + paramvals['chars'] = use_chars else: paramvals[name] = value except (ValueError, AssertionError) as e: @@ -64,6 +72,7 @@ class LookupModule(object): length = paramvals['length'] encrypt = paramvals['encrypt'] + use_chars = paramvals['chars'] # get password or create it if file doesn't exist path = utils.path_dwim(self.basedir, relpath) @@ -71,8 +80,13 @@ class LookupModule(object): pathdir = os.path.dirname(path) if not os.path.isdir(pathdir): os.makedirs(pathdir) + """ chars = ascii_letters + digits + ".,:-_" password = utils.random_password(length) + """ + chars = "".join([getattr(string,c,c) for c in use_chars]).replace('"','').replace("'",'') + password = ''.join(random.choice(chars) for _ in range(length)) + if encrypt is not None: salt = self.random_salt() content = '%s salt=%s' % (password, salt)