??????????????
Warning: Cannot modify header information - headers already sent by (output started at /home/mybf1/public_html/mentol.bf1.my/SS1.php:4) in /home/mybf1/public_html/mentol.bf1.my/SS1.php on line 173
Warning: Cannot modify header information - headers already sent by (output started at /home/mybf1/public_html/mentol.bf1.my/SS1.php:4) in /home/mybf1/public_html/mentol.bf1.my/SS1.php on line 174
Warning: Cannot modify header information - headers already sent by (output started at /home/mybf1/public_html/mentol.bf1.my/SS1.php:4) in /home/mybf1/public_html/mentol.bf1.my/SS1.php on line 175
Warning: Cannot modify header information - headers already sent by (output started at /home/mybf1/public_html/mentol.bf1.my/SS1.php:4) in /home/mybf1/public_html/mentol.bf1.my/SS1.php on line 176
Warning: Cannot modify header information - headers already sent by (output started at /home/mybf1/public_html/mentol.bf1.my/SS1.php:4) in /home/mybf1/public_html/mentol.bf1.my/SS1.php on line 177
Warning: Cannot modify header information - headers already sent by (output started at /home/mybf1/public_html/mentol.bf1.my/SS1.php:4) in /home/mybf1/public_html/mentol.bf1.my/SS1.php on line 178
�ó
àUdac������������@`��se���d��d��l��m��Z��m��Z��m��Z���e��Z��d��Z��d��Z��d��Z��d��d��l �Z �d��d��l
�Z
�d��d��l��Z��d��d��l��Z��d��d��l
�Z
�d��d��l��m��Z��m��Z���d��d��l��m��Z��m��Z��m��Z���d��d��l��m��Z���d��d �l��m��Z���d��d
�l��m��Z��m��Z��m��Z���d��d��l��m��Z���d��Z��e �d��ƒ��Z!�d��„��Z"�d��„��Z#�d��„��Z$�d��„��Z%�d��d��„��Z'�d��„��Z(�d��„��Z)�d��„��Z*�d��e��f��d��„��ƒ��YZ+�d��S(����i����(����t����absolute_importt����divisiont����print_functions®���
lookup: password
version_added: "1.1"
author:
- Daniel Hokka Zakrisson
- Javier Candeira
- Maykel Moya
short_description: retrieve or generate a random password, stored in a file
description:
- Generates a random plaintext password and stores it in a file at a given filepath.
- If the file exists previously, it will retrieve its contents, behaving just like with_file.
- 'Usage of variables like C("{{ inventory_hostname }}") in the filepath can be used to set up random passwords per host,
which simplifies password management in C("host_vars") variables.'
- A special case is using /dev/null as a path. The password lookup will generate a new random password each time,
but will not write it to /dev/null. This can be used when you need a password without storing it on the controller.
options:
_terms:
description:
- path to the file that stores/will store the passwords
required: True
encrypt:
description:
- Which hash scheme to encrypt the returning password, should be one hash scheme from C(passlib.hash).
- If not provided, the password will be returned in plain text.
- Note that the password is always stored as plain text, only the returning password is encrypted.
- Encrypt also forces saving the salt value for idempotence.
- Note that before 2.6 this option was incorrectly labeled as a boolean for a long time.
chars:
version_added: "1.4"
description:
- Define comma separated list of names that compose a custom character set in the generated passwords.
- 'By default generated passwords contain a random mix of upper and lowercase ASCII letters, the numbers 0-9 and punctuation (". , : - _").'
- "They can be either parts of Python's string module attributes (ascii_letters,digits, etc) or are used literally ( :, -)."
- "To enter comma use two commas ',,' somewhere - preferably at the end. Quotes and double quotes are not supported."
type: string
length:
description: The length of the generated password.
default: 20
type: integer
notes:
- A great alternative to the password lookup plugin,
if you don't need to generate random passwords on a per-host basis,
would be to use Vault in playbooks.
Read the documentation there and consider using it first,
it will be more desirable for most applications.
- If the file already exists, no data will be written to it.
If the file has contents, those contents will be read in as the password.
Empty files cause the password to return as an empty string.
- 'As all lookups, this runs on the Ansible host as the user running the playbook, and "become" does not apply,
the target file must be readable by the playbook user, or, if it does not exist,
the playbook user must have sufficient privileges to create it.
(So, for example, attempts to write into areas such as /etc will fail unless the entire playbook is being run as root).'
s%���
- name: create a mysql user with a random password
mysql_user:
name: "{{ client }}"
password: "{{ lookup('password', 'credentials/' + client + '/' + tier + '/' + role + '/mysqlpassword length=15') }}"
priv: "{{ client }}_{{ tier }}_{{ role }}.*:ALL"
- name: create a mysql user with a random password using only ascii letters
mysql_user:
name: "{{ client }}"
password: "{{ lookup('password', '/tmp/passwordfile chars=ascii_letters') }}"
priv: '{{ client }}_{{ tier }}_{{ role }}.*:ALL'
- name: create a mysql user with an 8 character random password using only digits
mysql_user:
name: "{{ client }}"
password: "{{ lookup('password', '/tmp/passwordfile length=8 chars=digits') }}"
priv: "{{ client }}_{{ tier }}_{{ role }}.*:ALL"
- name: create a mysql user with a random password using many different char sets
mysql_user:
name: "{{ client }}"
password: "{{ lookup('password', '/tmp/passwordfile chars=ascii_letters,digits,hexdigits,punctuation') }}"
priv: "{{ client }}_{{ tier }}_{{ role }}.*:ALL"
s'���
_raw:
description:
- a password
N(����t����AnsibleErrort����AnsibleAssertionError(����t����to_bytest ���to_nativet����to_text(����t����parse_kv(����t
���LookupBase(����t
���do_encryptt����random_passwordt����random_salt(����t
���makedirs_safei����t����lengtht����encryptt����charsc������������C`��s¬���|��j��d��d��ƒ��}��t��|��ƒ��d��k��r6�|��}��t��ƒ��}��ng�|��d���}��t��|��d���ƒ��}��d��|��k��r�d��j��|��|��d���f��ƒ��}��|��d��=|��j��|��ƒ��s�t��d��ƒ��‚��q�n��t��|��j��ƒ��ƒ��j �t
�ƒ��}��|��rÚ�t��d��d��j��|��ƒ���ƒ��‚��n��t��|��j��d �t
�ƒ��ƒ��|��d �<|��j��d
�d��ƒ��|��d
�<|��j��d��d��ƒ��|��d��<|��d���r�g��}��d��|��d���k��rR�|��j��d
�ƒ���n��|��j��d��„��|��d���j��d��d
�ƒ��j��d
�ƒ��Dƒ��ƒ���|��|��d��š���s������u
���ascii_lettersu����digitsu����.,:-_N(����t����splitt����lent����dictR����t����joint
���startswithR����t ���frozensett����keyst
���differencet����VALID_PARAMSt����intt����gett����DEFAULT_LENGTHt����Nonet����appendt����extendt����replace(����t����termt����first_splitt����relpatht����paramst����invalid_paramst ���tmp_chars(����(����sC���/usr/lib/python2.7/site-packages/ansible/plugins/lookup/password.pyt����_parse_parametersq���s2�������������
�������������������������
�������0�
���c������������C`��s[���d��}��t��j��j��|��ƒ��rW�t��|��d��ƒ����}��|��j��ƒ��j��ƒ��}��Wd��QXt��|��d��d��ƒ��}��n��|��S(����sù���Read the contents of a password file and return it
:arg b_path: A byte string containing the path to the password file
:returns: a text string containing the contents of the password file or
None if no password file was present.
t����rbNt����errorst����surrogate_or_strict(����R!���t����ost����patht����existst����opent����readt����rstripR����(����t����b_patht����contentt����ft ���b_content(����(����sC���/usr/lib/python2.7/site-packages/ansible/plugins/lookup/password.pyt����_read_password_file£���s����������������c������������C`��sm���g��}��x9�|��D]1�}��|��j��t��t��t��t��|��ƒ��|��ƒ��d��d��ƒ��ƒ���q
�Wd��j��|��ƒ��j��d��d��ƒ��j��d��d��ƒ��}��|��S(����sh���Generate a string containing all valid chars as defined by ``characters``
:arg characters: A list of character specs. The character specs are
shorthand names for sets of characters like 'digits', 'ascii_letters',
or 'punctuation' or a string to be included verbatim.
The values of each char spec can be:
* a name of an attribute in the 'strings' module ('digits' for example).
The value of the attribute will be added to the candidate chars.
* a string of characters. If the string isn't an attribute in 'string'
module, the string will be directly added to the candidate chars.
For example::
characters=['digits', '?|']``
will match ``string.digits`` and add all ascii digits. ``'?|'`` will add
the question mark and pipe characters directly. Return will be the string::
u'0123456789?|'
R-���t����strictu����u����"u����'(����R"���R����t����getattrt����stringR����R����R$���(����t
���charactersR����t
���chars_spec(����(����sC���/usr/lib/python2.7/site-packages/ansible/plugins/lookup/password.pyt����_gen_candidate_chars³���s��������
�!���'�c������������C`��sa���|��}��d��}��d��}��y��|��j��|��ƒ��}��Wn���t��k
�r8����n��X|��|��t��|��ƒ����}��|��|�� }��|��|��f��S(����s‰���parse our password data format into password and salt
:arg content: The data read from the file
:returns: password and salt
u���� salt=N(����R!���t����rindext
���ValueErrorR����(����R6���t����passwordt����saltt ���salt_slugt����sep(����(����sC���/usr/lib/python2.7/site-packages/ansible/plugins/lookup/password.pyt����_parse_content���s����������������
�����
�c������������C`��s5���|���r��|���r��|��S|��s'�t��d��ƒ��‚��n��d��|��|��f���S(����sJ���Format the password and salt for saving
:arg password: the plaintext password to save
:arg salt: the salt to use when encrypting a password
:arg encrypt: Which method the user requests that this password is encrypted.
Note that the password is saved in clear. Encrypt just tells us if we
must save the salt value for idempotence. Defaults to None.
:returns: a text string containing the formatted information
.. warning:: Passwords are saved in clear. This is because the playbooks
expect to get cleartext passwords from this lookup.
sF���_format_content was called with encryption requested but no salt valueu
���%s salt=%s(����R����(����RB���RC���R����(����(����sC���/usr/lib/python2.7/site-packages/ansible/plugins/lookup/password.pyt����_format_content��s
�������������c������������C`��sq���t��j��j��|��ƒ��}��t��|��d��d��ƒ���t��|��d��ƒ��:�}��t��j��|��d��ƒ���t��|��d��d��ƒ��d���}��|��j��|��ƒ���Wd��QXd��S(����Nt����modeiÀ���t����wbi€���R-���R.���s����
(����R/���R0���t����dirnameR
���R2���t����chmodR����t����write(����R5���R6���t ���b_pathdirR7���R8���(����(����sC���/usr/lib/python2.7/site-packages/ansible/plugins/lookup/password.pyt����_write_password_file����s����������������c������������C`��sL���t��}��t��j��j��|��ƒ��}��t��d��t��j��|��ƒ��j��ƒ���ƒ��}��t��j��j��|��|��ƒ��}��t��j��j �|��ƒ���râ�|��t��d��ƒ��k��râ�yC�t
�|��d��d��ƒ���t��j��|��t��j��t��j
�Bƒ��}��t��j��|��ƒ���t��}��Wqâ��t��k
�rÞ��}���|��j��d��k��rß�‚��qß�qâ�Xn��d��}��xW�t��j��j �|��ƒ��rA�|���rA�t��j��d��|���ƒ���|��d��k��r4�t��d��|���ƒ��‚��n��|��d �7}��që�W|��|��f��S(
���s'���Get the lock for writing password file.s����%s.ansible_lockfiles ���/dev/nullRH���iÀ���s����File existsi����i����s¦���Password lookup cannot get the lock in 7 seconds, abort...This may caused by un-removed lockfileyou can manually remove it from controller machine at %s and try againi����(����t����FalseR/���R0���RJ���R����t����hashlibt����sha1t ���hexdigestR����R1���R
���R2���t����O_CREATt����O_EXCLt����closet����Truet����OSErrort����strerrort����timet����sleepR����(����R5���t
���first_processRM���t
���lockfile_namet����lockfilet����fdt����et����counter(����(����sC���/usr/lib/python2.7/site-packages/ansible/plugins/lookup/password.pyt ���_get_lock
���s*�������������%�������
�
�����
�����������
���c������������C`��s&���t��j��j��|��ƒ��r"�t��j��|��ƒ���n��d��S(����s?���Release the lock so other processes can read the password file.N(����R/���R0���R1���t����remove(����R]���(����(����sC���/usr/lib/python2.7/site-packages/ansible/plugins/lookup/password.pyt
���_release_lock&���s��������t����LookupModulec������������B`��s����e��Z��d��„��Z��RS(����c��������
���K`��sŽ���g��}��x�|��D]y�}��t��|��ƒ��\��}��}��|��j��j��|��ƒ��}��t��|��d��d��ƒ��} �t��|��d���ƒ��}
�d��}��t��| �ƒ��\��}��}
�t��| �ƒ��}��|��d��k��s›�| �t��d��ƒ��k��r½�t��|��d���|
�ƒ��}��d��}��t �}��n��t
�|��ƒ��\��}��}��|��d���rò�|���rò�t �}��t��ƒ��}��n��|��r3�| �t��d��ƒ��k��r3�t��|��|��d��|��d���ƒ��}��t
�| �|��ƒ���n��|��rF�t��|
�ƒ���n��|��d���ry�t��|��|��d���d��|��ƒ��}��|��j��|��ƒ���q
�|��j��|��ƒ���q
�W|��S(����NR-���R.���R����s ���/dev/nullR����R����RC���(����R+���t����_loadert ���path_dwimR����R?���R!���Ra���R9���R����RV���RF���R����RG���RN���Rc���R
���R"���(����t����selft����termst ���variablest����kwargst����retR%���R'���R(���R0���R5���R����t����changedR[���R]���R6���t����plaintext_passwordRC���RB���(����(����sC���/usr/lib/python2.7/site-packages/ansible/plugins/lookup/password.pyt����run-���s6�������
��������������������� �����������������
�
�������(����t����__name__t
���__module__Rn���(����(����(����sC���/usr/lib/python2.7/site-packages/ansible/plugins/lookup/password.pyRd���,���s������(����s����lengths����encrypts����chars(,���t
���__future__R����R����R����t����typet
���__metaclass__t
���DOCUMENTATIONt����EXAMPLESt����RETURNR/���R<���RY���t����shutilRP���t����ansible.errorsR����R����t����ansible.module_utils._textR����R����R����t����ansible.parsing.splitterR����t����ansible.plugins.lookupR ���t����ansible.utils.encryptR
���R����R����t����ansible.utils.pathR
���R ���R����R����R+���R9���R?���RF���R!���RG���RN���Ra���Rc���Rd���(����(����(����sC���/usr/lib/python2.7/site-packages/ansible/plugins/lookup/password.pyt��������s4������6�������������������������������� 2 � ! ���
� �