changing a password with ansible

Hello,

I am trying to change a password with ansible but it doesn’t work. I don’t see why it is not working. Do you see what is going wrong? see screenshot or cli below


[pipo@install-me ~]$ ansible all -i localhost, -m debug -a “msg={{ ‘Een.voorbeeld.passwoord’ | password_hash(‘sha512’) }}”
localhost | SUCCESS => {
“msg”: “$6$sTmb9Vaxxd9fOGyC$AueAkwgO1M.qnKtKrtAFuPN5iTt0h.Dl1DcLSx9a/fqGTpltbuWAB3ZO.wsQOJTH95l3DIz/blpKFDezAzXhL.”
}
[pipo@install-me ~]$ ansible localhost -m user -a “name=jopy update_password=always password={{ ‘$6$sTmb9Vaxxd9fOGyC$AueAkwgO1M.qnKtKrtAFuPN5iTt0h.Dl1DcLSx9a/fqGTpltbuWAB3ZO.wsQOJTH95l3DIz/blpKFDezAzXhL.’ | password_hash(‘sha512’) }}” -u root
localhost | CHANGED => {
“ansible_facts”: {
“discovered_interpreter_python”: “/usr/bin/python”
},
“append”: false,
“changed”: true,
“comment”: “”,
“group”: 1004,
“home”: “/home/jopy”,
“move_home”: false,
“name”: “jopy”,
“password”: “NOT_LOGGING_PASSWORD”,
“shell”: “/bin/bash”,
“state”: “present”,
“uid”: 1004
}
[pipo@install-me ~]$ su - jopy
Password:
su: Authentication failure
[pipo@install-me ~]$ exit
logout
[root@install-me ~]# passwd jopy
Changing password for user jopy.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
[root@install-me ~]# su - pipo
Last login: Fre Jun 11 20:40:54 CEST 2021 on pts/0
[pipo@install-me ~]$ su - jopy
Password:
Last login: Fri Jun 11 20:42:32 CEST 2021 from localhost on pts/1
Last failed login: Fri Jun 11 20:48:35 CEST 2021 on pts/0
There were 3 failed login attempts since the last successful login.
[jopy@install-me ~]$ ansible --version
ansible 2.9.21
config file = /etc/ansible/ansible.cfg
configured module search path = [u’/home/jopy/.ansible/plugins/modules’, u’/usr/share/ansible/plugins/modules’]
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /bin/ansible
python version = 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)]
[jopy@install-me ~]$ cat /etc/*release
CentOS Linux release 7.9.2009 (Core)
NAME=“CentOS Linux”
VERSION=“7 (Core)”
ID=“centos”
ID_LIKE=“rhel fedora”
VERSION_ID=“7”
PRETTY_NAME=“CentOS Linux 7 (Core)”
ANSI_COLOR=“0;31”
CPE_NAME=“cpe:/o:centos:centos:7”
HOME_URL=“https://www.centos.org/
BUG_REPORT_URL=“https://bugs.centos.org/

CENTOS_MANTISBT_PROJECT=“CentOS-7”
CENTOS_MANTISBT_PROJECT_VERSION=“7”
REDHAT_SUPPORT_PRODUCT=“centos”
REDHAT_SUPPORT_PRODUCT_VERSION=“7”

CentOS Linux release 7.9.2009 (Core)
CentOS Linux release 7.9.2009 (Core)
[jopy@install-me ~]$ uname -a
Linux install-me 3.10.0-1160.6.1.el7.x86_64 #1 SMP Tue Nov 17 13:59:11 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
[jopy@install-me ~]$

Thanks ahead

For the record,
I tried this as well on Debian 10 buster (ansible 2.7) and with the ansible from the backports repository (ansible 2.9)

Maybe I am reading this wrong, but I think that by you putting the password hash inside {{ }}, that ansible may be interpreting it as a variable. I would have to poke and see if that is the actual case or not.

–John

(attachments)