mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
Merge pull request #20599 from dagwieers/win_regedit-cleanup
win_regedit: Cleanup, check/diff mode support, HKCC fix
This commit is contained in:
commit
679a3cb1cc
4 changed files with 347 additions and 260 deletions
|
@ -110,57 +110,60 @@ Function Expand-Environment($value)
|
||||||
#Get-AnsibleParam also supports Parameter validation to save you from coding that manually:
|
#Get-AnsibleParam also supports Parameter validation to save you from coding that manually:
|
||||||
#Example: Get-AnsibleParam -obj $params -name "State" -default "Present" -ValidateSet "Present","Absent" -resultobj $resultobj -failifempty $true
|
#Example: Get-AnsibleParam -obj $params -name "State" -default "Present" -ValidateSet "Present","Absent" -resultobj $resultobj -failifempty $true
|
||||||
#Note that if you use the failifempty option, you do need to specify resultobject as well.
|
#Note that if you use the failifempty option, you do need to specify resultobject as well.
|
||||||
Function Get-AnsibleParam($obj, $name, $default = $null, $resultobj, $failifempty=$false, $emptyattributefailmessage, $ValidateSet, $ValidateSetErrorMessage, $type=$null)
|
Function Get-AnsibleParam($obj, $name, $default = $null, $resultobj = @{}, $failifempty = $false, $emptyattributefailmessage, $ValidateSet, $ValidateSetErrorMessage, $type = $null, $aliases = @())
|
||||||
{
|
{
|
||||||
# Check if the provided Member $name exists in $obj and return it or the default.
|
# Check if the provided Member $name or aliases exist in $obj and return it or the default.
|
||||||
Try
|
try {
|
||||||
{
|
|
||||||
If (-not $obj.$name.GetType)
|
$found = $null
|
||||||
{
|
# First try to find preferred parameter $name
|
||||||
throw
|
$aliases = @($name) + $aliases
|
||||||
|
|
||||||
|
# Iterate over aliases to find acceptable Member $name
|
||||||
|
foreach ($alias in $aliases) {
|
||||||
|
if (Get-Member -InputObject $obj -Name $alias) {
|
||||||
|
$found = $alias
|
||||||
|
break
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($ValidateSet)
|
if ($found -eq $null) {
|
||||||
{
|
throw
|
||||||
if ($ValidateSet -contains ($obj.$name))
|
|
||||||
{
|
|
||||||
$value = $obj.$name
|
|
||||||
}
|
}
|
||||||
Else
|
$name = $found
|
||||||
{
|
|
||||||
if ($ValidateSetErrorMessage -eq $null)
|
if ($ValidateSet) {
|
||||||
{
|
|
||||||
|
if ($ValidateSet -contains ($obj.$name)) {
|
||||||
|
$value = $obj.$name
|
||||||
|
} else {
|
||||||
|
if ($ValidateSetErrorMessage -eq $null) {
|
||||||
#Auto-generated error should be sufficient in most use cases
|
#Auto-generated error should be sufficient in most use cases
|
||||||
$ValidateSetErrorMessage = "Argument $name needs to be one of $($ValidateSet -join ",") but was $($obj.$name)."
|
$ValidateSetErrorMessage = "Argument $name needs to be one of $($ValidateSet -join ",") but was $($obj.$name)."
|
||||||
}
|
}
|
||||||
Fail-Json -obj $resultobj -message $ValidateSetErrorMessage
|
Fail-Json -obj $resultobj -message $ValidateSetErrorMessage
|
||||||
}
|
}
|
||||||
}
|
|
||||||
Else
|
} else {
|
||||||
{
|
|
||||||
$value = $obj.$name
|
$value = $obj.$name
|
||||||
}
|
}
|
||||||
}
|
|
||||||
Catch
|
} catch {
|
||||||
{
|
if ($failifempty -eq $false) {
|
||||||
If ($failifempty -eq $false)
|
|
||||||
{
|
|
||||||
$value = $default
|
$value = $default
|
||||||
}
|
} else {
|
||||||
Else
|
if (!$emptyattributefailmessage) {
|
||||||
{
|
|
||||||
If (!$emptyattributefailmessage)
|
|
||||||
{
|
|
||||||
$emptyattributefailmessage = "Missing required argument: $name"
|
$emptyattributefailmessage = "Missing required argument: $name"
|
||||||
}
|
}
|
||||||
Fail-Json -obj $resultobj -message $emptyattributefailmessage
|
Fail-Json -obj $resultobj -message $emptyattributefailmessage
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
If ($value -ne $null -and $type -eq "path") {
|
if ($value -ne $null -and $type -eq "path") {
|
||||||
# Expand environment variables on path-type (Beware: turns $null into "")
|
# Expand environment variables on path-type (Beware: turns $null into "")
|
||||||
$value = Expand-Environment($value)
|
$value = Expand-Environment($value)
|
||||||
} ElseIf ($type -eq "bool") {
|
} elseif ($type -eq "bool") {
|
||||||
# Convert boolean types to real Powershell booleans
|
# Convert boolean types to real Powershell booleans
|
||||||
$value = $value | ConvertTo-Bool
|
$value = $value | ConvertTo-Bool
|
||||||
}
|
}
|
||||||
|
|
|
@ -16,66 +16,70 @@
|
||||||
# You should have received a copy of the GNU General Public License
|
# You should have received a copy of the GNU General Public License
|
||||||
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
$ErrorActionPreference = "Stop"
|
|
||||||
|
|
||||||
# WANT_JSON
|
# WANT_JSON
|
||||||
# POWERSHELL_COMMON
|
# POWERSHELL_COMMON
|
||||||
|
|
||||||
New-PSDrive -PSProvider registry -Root HKEY_CLASSES_ROOT -Name HKCR -ErrorAction SilentlyContinue | Out-Null
|
$ErrorActionPreference = "Stop"
|
||||||
New-PSDrive -PSProvider registry -Root HKEY_USERS -Name HKU -ErrorAction SilentlyContinue | Out-Null
|
|
||||||
New-PSDrive -PSProvider registry -Root HKEY_CURRENT_CONFIG -Name HCCC -ErrorAction SilentlyContinue | Out-Null
|
|
||||||
|
|
||||||
$params = Parse-Args $args;
|
$params = Parse-Args $args -supports_check_mode $true
|
||||||
$result = New-Object PSObject;
|
$check_mode = Get-AnsibleParam -obj $params -name "_ansible_check_mode" -type "bool" -default $false
|
||||||
Set-Attr $result "changed" $false;
|
|
||||||
Set-Attr $result "data_changed" $false;
|
|
||||||
Set-Attr $result "data_type_changed" $false;
|
|
||||||
|
|
||||||
$registryKey = Get-Attr -obj $params -name "key" -failifempty $true
|
$path = Get-AnsibleParam -obj $params -name "path" -type "string" -failifempty $true -aliases "key"
|
||||||
$registryValue = Get-Attr -obj $params -name "value" -default $null
|
$name = Get-AnsibleParam -obj $params -name "name" -type "string" -aliases "entry","value"
|
||||||
$state = Get-Attr -obj $params -name "state" -validateSet "present","absent" -default "present"
|
$data = Get-AnsibleParam -obj $params -name "data"
|
||||||
$registryData = Get-Attr -obj $params -name "data" -default $null
|
$type = Get-AnsibleParam -obj $params -name "type" -type "string" -validateSet "none","binary","dword","expandstring","multistring","string","qword" -aliases "datatype" -default "string"
|
||||||
$registryDataType = Get-Attr -obj $params -name "datatype" -validateSet "binary","dword","expandstring","multistring","string","qword" -default "string"
|
$state = Get-AnsibleParam -obj $params -name "state" -type "string" -validateSet "present","absent" -default "present"
|
||||||
|
|
||||||
If ($state -eq "present" -and $registryData -eq $null -and $registryValue -ne $null)
|
$result = @{
|
||||||
{
|
changed = $false
|
||||||
Fail-Json $result "missing required argument: data"
|
data_changed = $false
|
||||||
|
data_type_changed = $false
|
||||||
|
diff = @{
|
||||||
|
prepared = ""
|
||||||
|
}
|
||||||
|
warnings = @()
|
||||||
}
|
}
|
||||||
|
|
||||||
# check the registry key is in powershell ps-drive format: HKLM, HKCU, HKU, HKCR, HCCC
|
# Fix HCCC:\ PSDrive for pre-2.3 compatibility
|
||||||
If (-not ($registryKey -match "^H[KC][CLU][MURC]{0,1}:\\"))
|
if ($path -match "^HCCC:\\") {
|
||||||
{
|
$result.warnings += "Please use path: HKCC:\... instead of path: $path\n"
|
||||||
Fail-Json $result "key: $registryKey is not a valid powershell path, see module documentation for examples."
|
$path = $path -replace "HCCC:\\","HKCC:\\"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Check that the registry path is in PSDrive format: HKCC, HKCR, HKCU, HKLM, HKU
|
||||||
|
if (-not ($path -match "^HK(CC|CR|CU|LM|U):\\")) {
|
||||||
|
Fail-Json $result "path: $path is not a valid powershell path, see module documentation for examples."
|
||||||
|
}
|
||||||
|
|
||||||
Function Test-RegistryValueData {
|
Function Test-ValueData {
|
||||||
Param (
|
Param (
|
||||||
[parameter(Mandatory=$true)]
|
[parameter(Mandatory=$true)] [ValidateNotNullOrEmpty()] $Path,
|
||||||
[ValidateNotNullOrEmpty()]$Path,
|
[parameter(Mandatory=$true)] [ValidateNotNullOrEmpty()] $Name
|
||||||
[parameter(Mandatory=$true)]
|
|
||||||
[ValidateNotNullOrEmpty()]$Value
|
|
||||||
)
|
)
|
||||||
Try {
|
|
||||||
Get-ItemProperty -Path $Path -Name $Value
|
try {
|
||||||
Return $true
|
Get-ItemProperty -Path $Path -Name $Name
|
||||||
}
|
return $true
|
||||||
Catch {
|
} catch {
|
||||||
Return $false
|
return $false
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
# Returns true if registry data matches.
|
# Returns true if registry data matches.
|
||||||
# Handles binary, integer(dword) and string registry data
|
# Handles binary, integer(dword) and string registry data
|
||||||
Function Compare-RegistryData {
|
Function Compare-Data {
|
||||||
Param (
|
Param (
|
||||||
[parameter(Mandatory=$true)]
|
[parameter(Mandatory=$true)] [AllowEmptyString()] [AllowNull()] $ReferenceData,
|
||||||
[AllowEmptyString()]$ReferenceData,
|
[parameter(Mandatory=$true)] [AllowEmptyString()] [AllowNull()] $DifferenceData
|
||||||
[parameter(Mandatory=$true)]
|
|
||||||
[AllowEmptyString()]$DifferenceData
|
|
||||||
)
|
)
|
||||||
|
|
||||||
if ($ReferenceData -is [String] -or $ReferenceData -is [int]) {
|
if ($ReferenceData -eq $null) {
|
||||||
|
if ($DifferenceData -eq $null) {
|
||||||
|
return $true
|
||||||
|
} else {
|
||||||
|
return $false
|
||||||
|
}
|
||||||
|
} elseif ($ReferenceData -is [String] -or $ReferenceData -is [int]) {
|
||||||
if ($ReferenceData -eq $DifferenceData) {
|
if ($ReferenceData -eq $DifferenceData) {
|
||||||
return $true
|
return $true
|
||||||
} else {
|
} else {
|
||||||
|
@ -94,143 +98,214 @@ Function Compare-RegistryData {
|
||||||
# https://cyber-defense.sans.org/blog/2010/02/11/powershell-byte-array-hex-convert
|
# https://cyber-defense.sans.org/blog/2010/02/11/powershell-byte-array-hex-convert
|
||||||
# Expects a hex in the format you get when you run reg.exe export,
|
# Expects a hex in the format you get when you run reg.exe export,
|
||||||
# and converts to a byte array so powershell can modify binary registry entries
|
# and converts to a byte array so powershell can modify binary registry entries
|
||||||
function Convert-RegExportHexStringToByteArray
|
function Convert-RegExportHexStringToByteArray {
|
||||||
{
|
|
||||||
Param (
|
Param (
|
||||||
[parameter(Mandatory=$true)] [String] $String
|
[parameter(Mandatory=$true)] [String] $String
|
||||||
)
|
)
|
||||||
|
|
||||||
# remove 'hex:' from the front of the string if present
|
# Remove 'hex:' from the front of the string if present
|
||||||
$String = $String.ToLower() -replace '^hex\:',''
|
$String = $String.ToLower() -replace '^hex\:',''
|
||||||
|
|
||||||
#remove whitespace and any other non-hex crud.
|
# Remove whitespace and any other non-hex crud.
|
||||||
$String = $String.ToLower() -replace '[^a-f0-9\\,x\-\:]',''
|
$String = $String.ToLower() -replace '[^a-f0-9\\,x\-\:]',''
|
||||||
|
|
||||||
# turn commas into colons
|
# Turn commas into colons
|
||||||
$String = $String -replace ',',':'
|
$String = $String -replace ',',':'
|
||||||
|
|
||||||
# Maybe there's nothing left over to convert...
|
# Maybe there's nothing left over to convert...
|
||||||
if ($String.Length -eq 0) { ,@() ; return }
|
if ($String.Length -eq 0) {
|
||||||
|
return ,@()
|
||||||
#Split string with or without colon delimiters.
|
|
||||||
if ($String.Length -eq 1)
|
|
||||||
{ ,@([System.Convert]::ToByte($String,16)) }
|
|
||||||
elseif (($String.Length % 2 -eq 0) -and ($String.IndexOf(":") -eq -1))
|
|
||||||
{ ,@($String -split '([a-f0-9]{2})' | foreach-object { if ($_) {[System.Convert]::ToByte($_,16)}}) }
|
|
||||||
elseif ($String.IndexOf(":") -ne -1)
|
|
||||||
{ ,@($String -split ':+' | foreach-object {[System.Convert]::ToByte($_,16)}) }
|
|
||||||
else
|
|
||||||
{ ,@() }
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if($registryDataType -eq "binary" -and $registryData -ne $null -and $registryData -is [String]) {
|
# Split string with or without colon delimiters.
|
||||||
$registryData = Convert-RegExportHexStringToByteArray($registryData)
|
if ($String.Length -eq 1) {
|
||||||
|
return ,@([System.Convert]::ToByte($String,16))
|
||||||
|
} elseif (($String.Length % 2 -eq 0) -and ($String.IndexOf(":") -eq -1)) {
|
||||||
|
return ,@($String -split '([a-f0-9]{2})' | foreach-object { if ($_) {[System.Convert]::ToByte($_,16)}})
|
||||||
|
} elseif ($String.IndexOf(":") -ne -1) {
|
||||||
|
return ,@($String -split ':+' | foreach-object {[System.Convert]::ToByte($_,16)})
|
||||||
|
} else {
|
||||||
|
return ,@()
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
# Create the required PSDrives if missing
|
||||||
|
if (-not (Test-Path HKCR:\)) {
|
||||||
|
New-PSDrive -Name HKCR -PSProvider Registry -Root HKEY_CLASSES_ROOT
|
||||||
|
}
|
||||||
|
if (-not (Test-Path HKU:\)) {
|
||||||
|
New-PSDrive -Name HKU -PSProvider Registry -Root HKEY_USERS
|
||||||
|
}
|
||||||
|
if (-not (Test-Path HKCC:\)) {
|
||||||
|
New-PSDrive -Name HKCC -PSProvider Registry -Root HKEY_CURRENT_CONFIG
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
# Convert HEX string to binary if type binary
|
||||||
|
if ($type -eq "binary" -and $data -ne $null -and $data -is [String]) {
|
||||||
|
$data = Convert-RegExportHexStringToByteArray($data)
|
||||||
|
}
|
||||||
|
|
||||||
|
# Special case handling for the path's default property.
|
||||||
|
if ($name -eq "" -or ($name -ne $null -and $name.ToLower() -eq "(default)")) {
|
||||||
|
# Apparently, "(default)" cannot be of type expandstring, do it ourselves
|
||||||
|
if ($type -eq "expandstring" -and $data -ne $null -and $data -is [String]) {
|
||||||
|
$data = Expand-Environment($data)
|
||||||
|
}
|
||||||
|
$name = "(default)"
|
||||||
|
$type = "string"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Support REG_NONE with empty value
|
||||||
|
# FIXME: REG_NONE support is not idempotent yet
|
||||||
|
if ($type -eq "none" -or $data -eq $null) {
|
||||||
|
$data = New-Object byte[] 0
|
||||||
|
# $data = ([byte[]] @())
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($state -eq "present") {
|
if ($state -eq "present") {
|
||||||
if ((Test-Path $registryKey) -and $registryValue -ne $null)
|
|
||||||
{
|
|
||||||
if (Test-RegistryValueData -Path $registryKey -Value $registryValue)
|
|
||||||
{
|
|
||||||
# handle binary data
|
|
||||||
$currentRegistryData =(Get-ItemProperty -Path $registryKey | Select-Object -ExpandProperty $registryValue)
|
|
||||||
|
|
||||||
if ($registryValue.ToLower() -eq "(default)") {
|
if ((Test-Path $path) -and $name -ne $null) {
|
||||||
# Special case handling for the key's default property. Because .GetValueKind() doesn't work for the (default) key property
|
|
||||||
$oldRegistryDataType = "String"
|
if (Test-ValueData -Path $path -Name $name) {
|
||||||
}
|
|
||||||
else {
|
# Handle binary data
|
||||||
$oldRegistryDataType = (Get-Item $registryKey).GetValueKind($registryValue)
|
$old_data = (Get-ItemProperty -Path $path | Select-Object -ExpandProperty $name)
|
||||||
|
|
||||||
|
if ($name -eq "(default)") {
|
||||||
|
# Special case handling for the path's default property.
|
||||||
|
# Because .GetValueKind() doesn't work for the (default) path property
|
||||||
|
$old_type = "String".ToLower()
|
||||||
|
} else {
|
||||||
|
$old_type = (Get-Item $path).GetValueKind($name).ToString().ToLower()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ($type -ne $old_type) {
|
||||||
# Changes Data and DataType
|
# Changes Data and DataType
|
||||||
if ($registryDataType -ne $oldRegistryDataType)
|
if (-not $check_mode) {
|
||||||
{
|
try {
|
||||||
Try
|
if ($name.ToLower() -eq "(default)") {
|
||||||
{
|
$null = $(Get-Item -Path $path -ErrorAction 'Stop').OpenSubKey('','ReadWriteSubTree').SetValue($null,$data)
|
||||||
Remove-ItemProperty -Path $registryKey -Name $registryValue
|
} else {
|
||||||
New-ItemProperty -Path $registryKey -Name $registryValue -Value $registryData -PropertyType $registryDataType
|
Remove-ItemProperty -Path $path -Name $name
|
||||||
|
New-ItemProperty -Path $path -Name $name -Value $data -PropertyType $type -Force
|
||||||
|
}
|
||||||
|
} catch {
|
||||||
|
Fail-Json $result $_.Exception.Message
|
||||||
|
}
|
||||||
|
}
|
||||||
$result.changed = $true
|
$result.changed = $true
|
||||||
$result.data_changed = $true
|
$result.data_changed = $true
|
||||||
$result.data_type_changed = $true
|
$result.data_type_changed = $true
|
||||||
|
$result.diff.prepared += @"
|
||||||
|
[$path]
|
||||||
|
-"$name" = "$old_type`:$data"
|
||||||
|
+"$name" = "$type`:$data"
|
||||||
|
"@
|
||||||
|
# FIXME: Compare-Data fails to work for null-length byte arrays
|
||||||
|
} elseif (-not (Compare-Data -ReferenceData $old_data -DifferenceData $data)) {
|
||||||
|
# Changes Only Data
|
||||||
|
if (-not $check_mode) {
|
||||||
|
try {
|
||||||
|
if ($type -eq "none") {
|
||||||
|
Remove-ItemProperty -Path $path -Name $name
|
||||||
|
New-ItemProperty -Path $path -Name $name -Value $data -PropertyType $type -Force
|
||||||
|
} else {
|
||||||
|
Set-ItemProperty -Path $path -Name $name -Value $data
|
||||||
}
|
}
|
||||||
Catch
|
} catch {
|
||||||
{
|
|
||||||
Fail-Json $result $_.Exception.Message
|
Fail-Json $result $_.Exception.Message
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
# Changes Only Data
|
|
||||||
elseif (-Not (Compare-RegistryData -ReferenceData $currentRegistryData -DifferenceData $registryData))
|
|
||||||
{
|
|
||||||
Try {
|
|
||||||
Set-ItemProperty -Path $registryKey -Name $registryValue -Value $registryData
|
|
||||||
$result.changed = $true
|
$result.changed = $true
|
||||||
$result.data_changed = $true
|
$result.data_changed = $true
|
||||||
}
|
$result.diff.prepared += @"
|
||||||
Catch
|
[$path]
|
||||||
{
|
-"$name" = "$type`:$old_data"
|
||||||
Fail-Json $result $_.Exception.Message
|
+"$name" = "$type`:$data"
|
||||||
}
|
"@
|
||||||
}
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
Try
|
|
||||||
{
|
|
||||||
New-ItemProperty -Path $registryKey -Name $registryValue -Value $registryData -PropertyType $registryDataType
|
|
||||||
$result.changed = $true
|
|
||||||
}
|
|
||||||
Catch
|
|
||||||
{
|
|
||||||
Fail-Json $result $_.Exception.Message
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
elseif(-not (Test-Path $registryKey))
|
|
||||||
{
|
|
||||||
Try
|
|
||||||
{
|
|
||||||
$newRegistryKey = New-Item $registryKey -Force
|
|
||||||
$result.changed = $true
|
|
||||||
|
|
||||||
if($registryValue -ne $null) {
|
} else {
|
||||||
$newRegistryKey | New-ItemProperty -Name $registryValue -Value $registryData -Force -PropertyType $registryDataType
|
# Nothing to do, everything is already as requested
|
||||||
$result.changed = $true
|
|
||||||
}
|
}
|
||||||
}
|
|
||||||
Catch
|
} else {
|
||||||
{
|
# Add missing entry
|
||||||
|
if (-not $check_mode) {
|
||||||
|
try {
|
||||||
|
New-ItemProperty -Path $path -Name $name -Value $data -PropertyType $type
|
||||||
|
} Catch {
|
||||||
Fail-Json $result $_.Exception.Message
|
Fail-Json $result $_.Exception.Message
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
if (Test-Path $registryKey)
|
|
||||||
{
|
|
||||||
if ($registryValue -eq $null) {
|
|
||||||
Try
|
|
||||||
{
|
|
||||||
Remove-Item -Path $registryKey -Recurse
|
|
||||||
$result.changed = $true
|
$result.changed = $true
|
||||||
|
$result.diff.prepared += @"
|
||||||
|
[$path]
|
||||||
|
+"$name" = "$type`:$data"
|
||||||
|
"@
|
||||||
}
|
}
|
||||||
Catch
|
|
||||||
{
|
} elseif (-not (Test-Path $path)) {
|
||||||
|
|
||||||
|
if (-not $check_mode) {
|
||||||
|
try {
|
||||||
|
$new_path = New-Item $path -Type directory -Force
|
||||||
|
if ($name -ne $null) {
|
||||||
|
$new_path | New-ItemProperty -Name $name -Value $data -PropertyType $type -Force
|
||||||
|
}
|
||||||
|
} catch {
|
||||||
Fail-Json $result $_.Exception.Message
|
Fail-Json $result $_.Exception.Message
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
elseif (Test-RegistryValueData -Path $registryKey -Value $registryValue) {
|
|
||||||
Try
|
|
||||||
{
|
|
||||||
Remove-ItemProperty -Path $registryKey -Name $registryValue
|
|
||||||
$result.changed = $true
|
$result.changed = $true
|
||||||
|
$result.diff.prepared += @"
|
||||||
|
+[$path"]
|
||||||
|
|
||||||
|
"@
|
||||||
|
if ($name -ne $null) {
|
||||||
|
$result.diff.prepared += @"
|
||||||
|
+"$name" = "$type`:$data"
|
||||||
|
|
||||||
|
"@
|
||||||
}
|
}
|
||||||
Catch
|
|
||||||
{
|
}
|
||||||
|
|
||||||
|
} elseif ($state -eq "absent") {
|
||||||
|
|
||||||
|
if (Test-Path $path) {
|
||||||
|
if ($name -eq $null) {
|
||||||
|
|
||||||
|
if (-not $check_mode) {
|
||||||
|
try {
|
||||||
|
Remove-Item -Path $path -Recurse
|
||||||
|
} catch {
|
||||||
Fail-Json $result $_.Exception.Message
|
Fail-Json $result $_.Exception.Message
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
$result.changed = $true
|
||||||
|
$result.diff.prepared += @"
|
||||||
|
-[$path]
|
||||||
|
-"$name" = "$type`:$data"
|
||||||
|
"@
|
||||||
|
|
||||||
|
} elseif (Test-ValueData -Path $path -Name $name) {
|
||||||
|
|
||||||
|
if (-not $check_mode) {
|
||||||
|
try {
|
||||||
|
Remove-ItemProperty -Path $path -Name $name
|
||||||
|
} catch {
|
||||||
|
Fail-Json $result $_.Exception.Message
|
||||||
|
}
|
||||||
|
}
|
||||||
|
$result.changed = $true
|
||||||
|
$result.diff.prepared += @"
|
||||||
|
[$path]
|
||||||
|
-"$name" = "$type`:$data"
|
||||||
|
"@
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
# Nothing to do, everything is already as requested
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -29,32 +29,30 @@ DOCUMENTATION = r'''
|
||||||
---
|
---
|
||||||
module: win_regedit
|
module: win_regedit
|
||||||
version_added: "2.0"
|
version_added: "2.0"
|
||||||
short_description: Add, Edit, or Remove Registry Keys and Values
|
short_description: Add, change, or remove registry keys and values
|
||||||
description:
|
description:
|
||||||
- Add, Edit, or Remove Registry Keys and Values using ItemProperties Cmdlets
|
- Add, modify or remove registry keys and values.
|
||||||
|
- More information about the windows registry from Wikipedia (https://en.wikipedia.org/wiki/Windows_Registry).
|
||||||
options:
|
options:
|
||||||
key:
|
path:
|
||||||
description:
|
description:
|
||||||
- Name of Registry Key
|
- Name of registry path.
|
||||||
|
- 'Should be in one of the following registry hives: HKCC, HKCR, HKCU, HKLM, HKU.'
|
||||||
required: true
|
required: true
|
||||||
default: null
|
aliases: [ key ]
|
||||||
aliases: []
|
name:
|
||||||
value:
|
|
||||||
description:
|
description:
|
||||||
- Name of Registry Value
|
- Name of registry entry in C(path).
|
||||||
required: true
|
- This is an entry in the above C(key) parameter.
|
||||||
default: null
|
- If not provided, or empty we use the default name '(default)'
|
||||||
aliases: []
|
aliases: [ entry ]
|
||||||
data:
|
data:
|
||||||
description:
|
description:
|
||||||
- Registry Value Data. Binary data should be expressed a yaml byte array or as comma separated hex values. An easy way to generate this is to run C(regedit.exe) and use the I(Export) option to save the registry values to a file. In the exported file binary values will look like C(hex:be,ef,be,ef). The C(hex:) prefix is optional.
|
- Value of the registry entry C(name) in C(path).
|
||||||
required: false
|
- Binary data should be expressed a yaml byte array or as comma separated hex values. An easy way to generate this is to run C(regedit.exe) and use the I(Export) option to save the registry values to a file. In the exported file binary values will look like C(hex:be,ef,be,ef). The C(hex:) prefix is optional.
|
||||||
default: null
|
type:
|
||||||
aliases: []
|
|
||||||
datatype:
|
|
||||||
description:
|
description:
|
||||||
- Registry Value Data Type
|
- Registry value data type.
|
||||||
required: false
|
|
||||||
choices:
|
choices:
|
||||||
- binary
|
- binary
|
||||||
- dword
|
- dword
|
||||||
|
@ -63,65 +61,76 @@ options:
|
||||||
- string
|
- string
|
||||||
- qword
|
- qword
|
||||||
default: string
|
default: string
|
||||||
aliases: []
|
aliases: [ datatype ]
|
||||||
state:
|
state:
|
||||||
description:
|
description:
|
||||||
- State of Registry Value
|
- State of registry entry.
|
||||||
required: false
|
|
||||||
choices:
|
choices:
|
||||||
- present
|
- present
|
||||||
- absent
|
- absent
|
||||||
default: present
|
default: present
|
||||||
aliases: []
|
notes:
|
||||||
|
- Check-mode C(-C/--check) and diff output (-D/--diff) are supported, so that you can test every change against the active configuration before applying changes.
|
||||||
|
- Beware that some registry hives (HKEY_USERS in particular) do not allow to create new registry paths.
|
||||||
author: "Adam Keech (@smadam813), Josh Ludwig (@joshludwig)"
|
author: "Adam Keech (@smadam813), Josh Ludwig (@joshludwig)"
|
||||||
'''
|
'''
|
||||||
|
|
||||||
EXAMPLES = r'''
|
EXAMPLES = r'''
|
||||||
- name: Create Registry Key called MyCompany
|
- name: Create registry path MyCompany
|
||||||
win_regedit:
|
win_regedit:
|
||||||
key: HKCU:\Software\MyCompany
|
path: HKCU:\Software\MyCompany
|
||||||
|
|
||||||
- name: Create Registry Key called MyCompany, a value within MyCompany Key called "hello", and data for the value "hello" containing "world".
|
- name: Add or update registry path MyCompany, with entry 'hello', and containing 'world'
|
||||||
win_regedit:
|
win_regedit:
|
||||||
key: HKCU:\Software\MyCompany
|
path: HKCU:\Software\MyCompany
|
||||||
value: hello
|
name: hello
|
||||||
data: world
|
data: world
|
||||||
|
|
||||||
- name: Create Registry Key called MyCompany, a value within MyCompany Key called "hello", and data for the value "hello" containing "1337" as type "dword".
|
- name: Add or update registry path MyCompany, with entry 'hello', and containing 1337
|
||||||
win_regedit:
|
win_regedit:
|
||||||
key: HKCU:\Software\MyCompany
|
path: HKCU:\Software\MyCompany
|
||||||
value: hello
|
name: hello
|
||||||
data: 1337
|
data: 1337
|
||||||
datatype: dword
|
type: dword
|
||||||
|
|
||||||
- name: Create Registry Key called MyCompany, a value within MyCompany Key called "hello", and binary data for the value "hello" as type "binary" data expressed as comma separated list
|
- name: Add or update registry path MyCompany, with entry 'hello', and containing binary data in hex-string format
|
||||||
win_regedit:
|
win_regedit:
|
||||||
key: HKCU:\Software\MyCompany
|
path: HKCU:\Software\MyCompany
|
||||||
value: hello
|
name: hello
|
||||||
data: hex:be,ef,be,ef,be,ef,be,ef,be,ef
|
data: hex:be,ef,be,ef,be,ef,be,ef,be,ef
|
||||||
datatype: binary
|
type: binary
|
||||||
|
|
||||||
- name: Create Registry Key called MyCompany, a value within MyCompany Key called "hello", and binary data for the value "hello" as type "binary" data expressed as yaml array of bytes
|
- name: Add or update registry path MyCompany, with entry 'hello', and containing binary data in yaml format
|
||||||
win_regedit:
|
win_regedit:
|
||||||
key: HKCU:\Software\MyCompany
|
path: HKCU:\Software\MyCompany
|
||||||
value: hello
|
name: hello
|
||||||
data: [0xbe,0xef,0xbe,0xef,0xbe,0xef,0xbe,0xef,0xbe,0xef]
|
data: [0xbe,0xef,0xbe,0xef,0xbe,0xef,0xbe,0xef,0xbe,0xef]
|
||||||
datatype: binary
|
type: binary
|
||||||
|
|
||||||
- name: Delete Registry Key MyCompany. Not specifying a value will delete the root key which means all values will be deleted
|
- name: Disable keyboard layout hotkey for all users (changes existing)
|
||||||
win_regedit:
|
win_regedit:
|
||||||
key: HKCU:\Software\MyCompany
|
path: HKU:\.DEFAULT\Keyboard Layout\Toggle
|
||||||
|
name: Layout Hotkey
|
||||||
|
data: 3
|
||||||
|
type: dword
|
||||||
|
|
||||||
|
- name: Disable language hotkey for current users (adds new)
|
||||||
|
win_regedit:
|
||||||
|
path: HKCU:\Keyboard Layout\Toggle
|
||||||
|
name: Language Hotkey
|
||||||
|
data: 3
|
||||||
|
type: dword
|
||||||
|
|
||||||
|
- name: Remove registry path MyCompany (including all entries it contains)
|
||||||
|
win_regedit:
|
||||||
|
path: HKCU:\Software\MyCompany
|
||||||
state: absent
|
state: absent
|
||||||
|
|
||||||
- name: Delete Registry Value "hello" from MyCompany Key
|
- name: Remove entry 'hello' from registry path MyCompany
|
||||||
win_regedit:
|
win_regedit:
|
||||||
key: HKCU:\Software\MyCompany
|
path: HKCU:\Software\MyCompany
|
||||||
value: hello
|
name: hello
|
||||||
state: absent
|
state: absent
|
||||||
|
|
||||||
- name: Creates Registry Key called 'My Company'
|
|
||||||
win_regedit:
|
|
||||||
key: HKCU:\Software\My Company
|
|
||||||
'''
|
'''
|
||||||
|
|
||||||
RETURN = r'''
|
RETURN = r'''
|
||||||
|
|
|
@ -32,7 +32,7 @@
|
||||||
- assert:
|
- assert:
|
||||||
that:
|
that:
|
||||||
- "check00_result.failed == true"
|
- "check00_result.failed == true"
|
||||||
- "check00_result.msg == 'key: HKCU\\Software is not a valid powershell path, see module documentation for examples.'"
|
- "check00_result.msg == 'path: HKCU\\Software is not a valid powershell path, see module documentation for examples.'"
|
||||||
|
|
||||||
- name: remove setting
|
- name: remove setting
|
||||||
win_regedit:
|
win_regedit:
|
||||||
|
|
Loading…
Reference in a new issue