ansible/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
Code Releases Activity

Vault: Remove tmp decrypted file when experiencing error while writing (#14835)

Browse source 
* Vault edit: Erase tmp file if error while writing to it

* Close the FDs returned by mkstemp()
This commit is contained in:
Hugo Chargois 2017-03-27 22:52:18 +02:00 committed by Brian Coca
parent 8e0c11ebc4
commit 1bc5527c69
1 changed files with 6 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
lib/ansible/parsing/vault/__init__.py
View file

@ -372,13 +372,14 @@ class VaultEditor:
def _edit_file_helper(self, filename, existing_data=None, force_save=False): def _edit_file_helper(self, filename, existing_data=None, force_save=False):
# Create a tempfile # Create a tempfile
_, tmp_path = tempfile.mkstemp() fd, tmp_path = tempfile.mkstemp()
os.close(fd)
try:
if existing_data: if existing_data:
self.write_data(existing_data, tmp_path, shred=False) self.write_data(existing_data, tmp_path, shred=False)
# drop the user into an editor on the tmp file # drop the user into an editor on the tmp file
try:
call(self._editor_shell_command(tmp_path)) call(self._editor_shell_command(tmp_path))
except: except:
# whatever happens, destroy the decrypted file # whatever happens, destroy the decrypted file