From 9d071bd293ac4ae49eeb1f1a9f11f6f29a46619f Mon Sep 17 00:00:00 2001
From: Nathan Carlson <carl4403@umn.edu>
Date: Fri, 20 Sep 2024 13:32:45 -0500
Subject: [PATCH] Provide password capacity parameter to set password command

---
 manifests/user.pp | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/manifests/user.pp b/manifests/user.pp
index 6d4a868..a65beb0 100644
--- a/manifests/user.pp
+++ b/manifests/user.pp
@@ -70,13 +70,24 @@
       notify  => [Exec["ipmi_user_enable_${title}"], Exec["ipmi_user_enable_sol_${title}"], Exec["ipmi_user_channel_setaccess_${title}"]],
     }
 
+    if $real_password.length > 20 {
+      fail('ipmi v2 restricts passwords to 20 or fewer characters')
+    }
+    # Password capacity parameter defaults to 16 if not provided
+    #  and will result in truncated passwords
+    if $real_password.length <= 16 {
+      $password_capacity = '16'
+    } else {
+      $password_capacity = '20'
+    }
+
     $unless_cmd = @("CMD"/L$)
       /usr/bin/ipmitool user test ${user_id} 16 "\$PASSWORD" || \
       /usr/bin/ipmitool user test ${user_id} 20 "\$PASSWORD"
       |- CMD
     exec { "ipmi_user_setpw_${title}":
       environment => ["PASSWORD=${real_password}"],
-      command     => "/usr/bin/ipmitool user set password ${user_id} \"\$PASSWORD\"",
+      command     => "/usr/bin/ipmitool user set password ${user_id} \"\$PASSWORD\" ${password_capacity}",
       unless      => $unless_cmd,
       notify      => Exec[
         "ipmi_user_enable_${title}",