1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

pamd - fixed bug (#1538)

* Fixed bug

- The module was searching back (and forward, in the ``after`` state) for lines that were not comments, assuming it would be a valid rule or an include.

* remove the line, make yamllint happy

* Update changelogs/fragments/1394-pamd-removing-comments.yaml

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: Felix Fontein <felix@fontein.de>
This commit is contained in:
Alexei Znamensky 2021-01-03 23:38:04 +13:00 committed by GitHub
parent bed1dc479f
commit 325a19d88a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 14 additions and 15 deletions

View file

@ -0,0 +1,2 @@
bugfixes:
- pamd - added logic to retain the comment line (https://github.com/ansible-collections/community.general/issues/1394).

View file

@ -287,7 +287,7 @@ class PamdLine(object):
@property @property
def is_valid(self): def is_valid(self):
if self.line == '': if self.line.strip() == '':
return True return True
return False return False
@ -304,6 +304,10 @@ class PamdLine(object):
return str(self.line) return str(self.line)
class PamdEmptyLine(PamdLine):
pass
class PamdComment(PamdLine): class PamdComment(PamdLine):
def __init__(self, line): def __init__(self, line):
@ -445,8 +449,8 @@ class PamdService(object):
pamd_line = PamdComment(line) pamd_line = PamdComment(line)
elif line.lstrip().startswith('@include'): elif line.lstrip().startswith('@include'):
pamd_line = PamdInclude(line) pamd_line = PamdInclude(line)
elif line == '': elif line.strip() == '':
pamd_line = PamdLine(line) pamd_line = PamdEmptyLine(line)
else: else:
pamd_line = PamdRule.rule_from_string(line) pamd_line = PamdRule.rule_from_string(line)
@ -545,7 +549,7 @@ class PamdService(object):
# Next we may have to loop backwards if the previous line is a comment. If it # Next we may have to loop backwards if the previous line is a comment. If it
# is, we'll get the previous "rule's" previous. # is, we'll get the previous "rule's" previous.
while previous_rule is not None and isinstance(previous_rule, PamdComment): while previous_rule is not None and isinstance(previous_rule, (PamdComment, PamdEmptyLine)):
previous_rule = previous_rule.prev previous_rule = previous_rule.prev
# Next we'll see if the previous rule matches what we are trying to insert. # Next we'll see if the previous rule matches what we are trying to insert.
if previous_rule is not None and not previous_rule.matches(new_type, new_control, new_path): if previous_rule is not None and not previous_rule.matches(new_type, new_control, new_path):
@ -589,7 +593,7 @@ class PamdService(object):
next_rule = current_rule.next next_rule = current_rule.next
# Next we may have to loop forwards if the next line is a comment. If it # Next we may have to loop forwards if the next line is a comment. If it
# is, we'll get the next "rule's" next. # is, we'll get the next "rule's" next.
while next_rule is not None and isinstance(next_rule, PamdComment): while next_rule is not None and isinstance(next_rule, (PamdComment, PamdEmptyLine)):
next_rule = next_rule.next next_rule = next_rule.next
# First we create a new rule # First we create a new rule
@ -780,13 +784,8 @@ def main():
required_if=[ required_if=[
("state", "args_present", ["module_arguments"]), ("state", "args_present", ["module_arguments"]),
("state", "args_absent", ["module_arguments"]), ("state", "args_absent", ["module_arguments"]),
("state", "before", ["new_control"]), ("state", "before", ["new_control", "new_type", "new_module_path"]),
("state", "before", ["new_type"]), ("state", "after", ["new_control", "new_type", "new_module_path"]),
("state", "before", ["new_module_path"]),
("state", "after", ["new_control"]),
("state", "after", ["new_type"]),
("state", "after", ["new_module_path"]),
], ],
) )
content = str() content = str()
@ -798,9 +797,7 @@ def main():
content = service_file_obj.read() content = service_file_obj.read()
except IOError as e: except IOError as e:
# If unable to read the file, fail out # If unable to read the file, fail out
module.fail_json(msg='Unable to open/read PAM module \ module.fail_json(msg='Unable to open/read PAM module file %s with error %s.' % (fname, str(e)))
file %s with error %s.' %
(fname, str(e)))
# Assuming we didn't fail, create the service # Assuming we didn't fail, create the service
service = PamdService(content) service = PamdService(content)