File: //opt/saltstack/salt/lib/python3.10/site-packages/salt/states/__pycache__/nxos.cpython-310.pyc
o
�����N�gm)�����������������������@���sN���d�Z�d�d�l�Z�d�d���Z� � � � � �d�d�d���Z�d d
��Z�d�d���Z�d
d���Z�d�d�d���Z�d�S�)�z�
State module for Cisco NX-OS Switch Proxy and Native minions
.. versionadded:: 2016.11.0
For documentation on setting up the nxos proxy minion look in the documentation
for :mod:`salt.proxy.nxos<salt.proxy.nxos>`.
�����Nc��������������������C���s����d�t�v�r�d�S�d�S�)�N�
nxos.get_userT)�Fz�nxos module could not be loaded)���__salt__��r����r�����D/opt/saltstack/salt/lib/python3.10/site-packages/salt/states/nxos.py��__virtual__
���s����������r����F��sha256c��������������������C���sZ���|�d�i�d�d���}�d�}�|�d�u�r�t�d���|�|�|�d�����}�d�}�|�d�u�r+t�d���|���} t�|���t�| ��k�}�t�d���|���}
t�|�|�|
��g���sCd |�d
<�d�|�d�<�|�S�|�d u�rWt�| ��t�|�����}�t�|���t�| ����}�t�d
��d u�r�d�|�d
<�|
s�d�|�d�<�|�d�u�rqd |�d���d�<�|�d�u�r~|�g�d���|�d���d�<�|�S�|�d u�r�d�|�d�<�d |�d���d�<�|�d u�r�d�|�d�<�t�|���t�|���d���|�d���d�<�|�S�|�d u�r�t�d���|�|�|�|�r�|�d���n�d�|�|�d���}
|
|
d���|�d���d�<�|�d u�r�|�D�] }�t�d���|�|�����q�|�D�] }�t�d���|�|�����q�t�d���|���| d���|�d���d�<�d }�|�d�u�r�t�d���|�|�|�d���}�d }�|�d�u���r�t�d���|���} t�|���t�| ��k�}�|���s�d�|�d�<�|�S�|���s#d�|�d�<�|�S�d�|�d�<�d |�d
<�|�S�)�a����
Ensure a user is present with the specified groups
name
Name of user
password
Encrypted or Plain Text password for user
roles
List of roles the user should be assigned. Any roles not in this list will be removed
encrypted
Whether the password is encrypted already or not. Defaults to False
crypt_salt
Salt to use when encrypting the password. Default is None (salt is
randomly generated for unhashed passwords)
algorithm
Algorithm to use for hashing password. Defaults to sha256.
Accepts md5, blowfish, sha256, sha512
.. note: sha512 may make the hash too long to save in NX OS which limits the has to 64 characters
Examples:
.. code-block:: yaml
create:
nxos.user_present:
- name: daniel
- roles:
- vdc-admin
set_password:
nxos.user_present:
- name: daniel
- password: admin
- roles:
- network-admin
update:
nxos.user_present:
- name: daniel
- password: AiN9jaoP
- roles:
- network-admin
- vdc-admin
F������name��result��changes��commentNz�nxos.check_password)�� encryptedz�nxos.get_rolesr����Tr����z�User already existsr
�����testz�User will be createdr������password)���add��remove��rolez�User will be updated��rolesz�nxos.set_passwordr����)�r����r�����
crypt_salt� algorithm)���new��oldz
nxos.set_rolez�nxos.unset_rolez�Failed to set correct rolesz�Failed to set correct passwordz�User set correctly)�r������set��any��__opts__��list)�r
���r����r����r����r����r������retZ�change_passwordZ�change_rolesZ cur_roles��old_userZ�remove_rolesZ add_rolesZ�new_userr����Z�correct_passwordZ
correct_rolesr����r����r������user_present����s�����;��������������������������������������������������������������������������������������������� ��������������
�����������������
�����������������������r����c��������������������C���s����|�d�i�d�d���}�t�d���|���}�|�s�d�|�d�<�d�|�d�<�|�S�t�d ��d�u�r7|�r7d
|�d�<�d�|�d�<�|�|�d���d
<�d�|�d���d�<�|�S�t�d���|�����t�d���|���rId�|�d�<�|�S�d�|�d�<�d�|�d�<�|�|�d���d
<�d�|�d���d�<�|�S�)�z�
Ensure a user is not present
name
username to remove if it exists
Examples:
.. code-block:: yaml
delete:
nxos.user_absent:
- name: daniel
Fr����r ���r����Tr����z�User does not existr
���r����Nz�User will be removedr����r����r����z�nxos.remove_userz�Failed to remove userz�User removed��r����r����)�r
���r����r����r����r����r������user_absent����s*���������������������������������������������r!���c��������������������C���s����|�d�i�d�d���}�t�d���|���}�|�r�d�|�d�<�d�|�d�<�|�S�t�d ��d�u�r/d
|�d�<�d�|�d�<�|�|�d���d
<�|�S�t�d���|�����t�d���|���}�|�rMd�|�d�<�d�|�d�<�|�|�d���d
<�|�S�d�|�d�<�d�|�d�<�|�S�)�at���
Ensure a specific configuration line exists in the running config
name
config line to set
Examples:
.. code-block:: yaml
add snmp group:
nxos.config_present:
- names:
- snmp-server community randoSNMPstringHERE group network-operator
- snmp-server community AnotherRandomSNMPSTring group network-admin
add snmp acl:
nxos.config_present:
- names:
- snmp-server community randoSNMPstringHERE use-acl snmp-acl-ro
- snmp-server community AnotherRandomSNMPSTring use-acl snmp-acl-rw
Fr����r ���� nxos.findTr����z�Config is already setr
���r����Nz�Config will be addedr����r����z�nxos.configz�Successfully added configz�Failed to add configr �����r
���r������matchesr����r����r������config_present����s*������������������������
��������������������r%���c��������������������C���s����|�d�i�d�d���}�t�d���|���}�|�s�d�|�d�<�d�|�d�<�|�S�t�d ��d�u�r/d
|�d�<�d�|�d�<�|�|�d���d
<�|�S�t�d���|�����t�d���|���}�|�sMd�|�d�<�d�|�d�<�|�|�d���d
<�|�S�d�|�d�<�d�|�d�<�|�S�)�a����
Ensure a specific configuration line does not exist in the running config
name
config line to remove
Examples:
.. code-block:: yaml
add snmp group:
nxos.config_absent:
- names:
- snmp-server community randoSNMPstringHERE group network-operator
- snmp-server community AnotherRandomSNMPSTring group network-admin
.. note::
For certain cases extra lines could be removed based on dependencies.
In this example, included after the example for config_present, the
ACLs would be removed because they depend on the existence of the
group.
Fr����r ���r"���Tr����z�Config is already absentr
���r����Nz�Config will be removedr����r����z�nxos.delete_configz�Successfully deleted configz�Failed to delete configr ���r#���r����r����r�����
config_absent����s*������������������������
��������������������r&���c������������������������s������d�i�d�d���}�|�d�u�r�d�����d���}�n���}�t�d���|���}�|�s&d�|�d�<�d |�d
<�|�S�t�d���d�u�rJd�|�d�<�d
|�d
<�|�|�d���d�<�����f�d�d���|�D���|�d���d�<�|�S�t�d�������|�d���|�d�<�t�d���|���}�|�rkd�|�d�<�d�����d���|�d
<�|�S�d�|�d�<�d���������|�d
<�|�S�)�aU���
Replace all instances of a string or full line in the running config
name
String to replace
repl
The replacement text
full_match
Whether `name` will match the full line or only a subset of the line.
Defaults to False. When False, .* is added around `name` for matching
in the `show run` config.
Examples:
.. code-block:: yaml
replace snmp string:
nxos.replace:
- name: randoSNMPstringHERE
- repl: NEWrandoSNMPstringHERE
replace full snmp string:
nxos.replace:
- name: ^snmp-server community randoSNMPstringHERE group network-operator$
- repl: snmp-server community NEWrandoSNMPstringHERE group network-operator
- full_match: True
.. note::
The first example will replace the SNMP string on both the group and
the ACL, so you will not lose the ACL setting. Because the second is
an exact match of the line, when the group is removed, the ACL is
removed, but not readded, because it was not matched.
Fr����r ���z�^.*z�.*$r"���Tr����z�Nothing found to replacer
���r����Nz�Configs will be changedr����r����c������������������������s����g�|�] }�t�������|�����q�S�r����)���re��sub)���.0��match��r
�����replr����r�����
<listcomp>r���s������z�replace.<locals>.<listcomp>r����z�nxos.replace)��
full_matchz$Failed to replace all instances of "��"z5Successfully replaced all instances of "{}" with "{}")�r����r������format)�r
���r,���r.���r������searchr$���r����r+���r������replace;���s4����%��������������������������������������������������r2���)�NNFNr����)�F)���__doc__r'���r����r����r!���r%���r&���r2���r����r����r����r������<module>����s������� ������������
�����,�2�3