diff --git a/library/group b/library/group new file mode 100755 index 0000000000..4cfb5266e8 --- /dev/null +++ b/library/group @@ -0,0 +1,225 @@ +#!/usr/bin/env python + +# (c) 2012, Stephen Fromm +# +# This file is part of Ansible +# +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see . + +try: + import json +except ImportError: + import simplejson as json +import os +import grp +import shlex +import subprocess +import sys + +GROUPADD = "/usr/sbin/groupadd" +GROUPDEL = "/usr/sbin/groupdel" +GROUPMOD = "/usr/sbin/groupmod" +GPASSWD = "/usr/bin/gpasswd" + +def debug(msg): + # ansible ignores stderr, so it's safe to use for debug + print >>sys.stderr, msg + #pass + +def exit_json(rc=0, **kwargs): + if 'name' in kwargs: + debug("add group info to exit_json") + add_group_info(kwargs) + print json.dumps(kwargs) + sys.exit(rc) + +def fail_json(**kwargs): + kwargs['failed'] = True + exit_json(rc=1, **kwargs) + +def add_group_info(kwargs): + name = kwargs['name'] + if group_exists(name): + kwargs['state'] = 'present' + info = group_info(name) + kwargs['gid'] = info[2] + kwargs['members'] = info[3] + else: + kwargs['state'] = 'absent' + return kwargs + +def group_del(group): + cmd = [GROUPDEL, group] + debug("Arguments to groupdel: %s" % (" ".join(cmd))) + rc = subprocess.call(cmd, shell=False, stdout=subprocess.PIPE, stderr=subprocess.PIPE) + if rc == 0: + return True + else: + return False + +def group_add(group, **kwargs): + cmd = [GROUPADD] + for key in kwargs: + if key == 'gid' and kwargs[key] is not None: + cmd.append('-g') + cmd.append(kwargs[key]) + cmd.append(group) + debug("Arguments to groupadd: %s" % (" ".join(cmd))) + rc = subprocess.call(cmd, shell=False, stdout=subprocess.PIPE, stderr=subprocess.PIPE) + if rc == 0: + return True + else: + return False + +def group_mod(group, **kwargs): + cmd = [GROUPMOD] + info = group_info(group) + for key in kwargs: + if key == 'gid': + if kwargs[key] is not None and info[2] != int(kwargs[key]): + cmd.append('-g') + cmd.append(kwargs[key]) + if len(cmd) == 1: + return False + cmd.append(group) + debug("Arguments to groupmod: %s" % (" ".join(cmd))) + rc = subprocess.call(cmd, shell=False, stdout=subprocess.PIPE, stderr=subprocess.PIPE) + if rc == 0: + return True + else: + return False + +def group_has_member(group, member): + if not group_exists(group): + return False + info = group_info(group) + if member in info[3]: + return True + else: + return False + +def group_add_member(group, member): + cmd = [GPASSWD, '-a', member, group] + debug("Arguments to gpasswd: %s" % (" ".join(cmd))) + rc = subprocess.call(cmd, shell=False, stdout=subprocess.PIPE, stderr=subprocess.PIPE) + if rc == 0: + return True + else: + return False + +def group_del_member(group, member): + cmd = [GPASSWD, '-d', member, group] + debug("Arguments to gpasswd: %s" % (" ".join(cmd))) + rc = subprocess.call(cmd, shell=False, stdout=subprocess.PIPE, stderr=subprocess.PIPE) + if rc == 0: + return True + else: + return False + +def group_exists(group): + try: + if grp.getgrnam(group): + return True + except KeyError: + return False + +def group_info(group): + if not group_exists(group): + return False + try: + info = list(grp.getgrnam(group)) + except KeyError: + return False + return info + +# =========================================== + +if not os.path.exists(GROUPADD): + if os.path.exists("/sbin/groupadd"): + GROUPADD = "/sbin/groupadd" + else: + fail_json(msg="Cannot find groupadd") +if not os.path.exists(GROUPDEL): + if os.path.exists("/sbin/groupdel"): + GROUPDEL = "/sbin/groupdel" + else: + fail_json(msg="Cannot find groupdel") +if not os.path.exists(GROUPMOD): + if os.path.exists("/sbin/groupmod"): + GROUPDEL = "/sbin/groupmod" + else: + fail_json(msg="Cannot find groupmod") +if not os.path.exists(GPASSWD): + if os.path.exists("/bin/gpasswd"): + GROUPDEL = "/bin/gpasswd" + else: + fail_json(msg="Cannot find gpasswd") + +if len(sys.argv) == 2 and os.path.exists(sys.argv[1]): + argfile = sys.argv[1] + args = open(argfile, 'r').read() +else: + args = ' '.join(sys.argv[1:]) +items = shlex.split(args) + +if not len(items): + fail_json(msg='the module requires arguments -a') + sys.exit(1) + +params = {} +for x in items: + (k, v) = x.split("=") + params[k] = v + +state = params.get('state','present') +name = params.get('name', None) +gid = params.get('gid', None) + +# =========================================== +# the following controls group membership +member = params.get('member', None) +memberstate = params.get('memberstate', 'present') + +if state not in [ 'present', 'absent' ]: + fail_json(msg='invalid state') +if memberstate not in [ 'present', 'absent' ]: + fail_json(msg='invalid memberstate') +if name is None: + fail_json(msg='name is required') + +changed = False +rc = 0 +if state == 'absent': + if group_exists(name): + changed = group_del(name) + exit_json(name=name, changed=changed) +elif state == 'present': + if not group_exists(name): + changed = group_add(name, gid=gid) + else: + changed = group_mod(name, gid=gid) + + if member is not None: + if memberstate == 'present': + if not group_has_member(name, member): + changed = group_add_member(name, member) + elif memberstate == 'absent': + if group_has_member(name, member): + changed = group_del_member(name, member) + else: + fail_json(name=name, msg='Unexpected position reached') + + exit_json(name=name, changed=changed) + +fail_json(name=name, msg='Unexpected position reached')