salt.modules.shadow¶
Manage the shadow file
-
salt.modules.shadow.
default_hash
()¶ Returns the default hash used for unset passwords
CLI Example:
salt '*' shadow.default_hash
-
salt.modules.shadow.
info
(name)¶ Return information for the specified user
CLI Example:
salt '*' shadow.info root
-
salt.modules.shadow.
set_date
(name, date)¶ sets the value for the date the password was last changed to the epoch (January 1, 1970). See man chage.
CLI Example:
salt '*' shadow.set_date username 0
-
salt.modules.shadow.
set_inactdays
(name, inactdays)¶ Set the number of days of inactivity after a password has expired before the account is locked. See man chage.
CLI Example:
salt '*' shadow.set_inactdays username 7
-
salt.modules.shadow.
set_maxdays
(name, maxdays)¶ Set the maximum number of days during which a password is valid. See man chage.
CLI Example:
salt '*' shadow.set_maxdays username 90
-
salt.modules.shadow.
set_mindays
(name, mindays)¶ Set the minimum number of days between password changes. See man chage.
CLI Example:
salt '*' shadow.set_mindays username 7
-
salt.modules.shadow.
set_password
(name, password, use_usermod=False)¶ Set the password for a named user. The password must be a properly defined hash. The password hash can be generated with this command:
python -c "import crypt; print crypt.crypt('password', '\$6\$SALTsalt')"
SALTsalt
is the 8-character crpytographic salt. Valid characters in the salt are.
,/
, and any alphanumeric character.Keep in mind that the $6 represents a sha512 hash, if your OS is using a different hashing algorithm this needs to be changed accordingly
CLI Example:
salt '*' shadow.set_password root '$1$UYCIxa628.9qXjpQCjM4a..'
-
salt.modules.shadow.
set_warndays
(name, warndays)¶ Set the number of days of warning before a password change is required. See man chage.
CLI Example:
salt '*' shadow.set_warndays username 7