diff --git a/library/authorized_key b/library/authorized_key index e6ef384054..eea56c988a 100755 --- a/library/authorized_key +++ b/library/authorized_key @@ -75,8 +75,12 @@ def get_params(): global msg msg = "reading params" - with file(sys.argv[1]) as f: #read the args file + argfile = sys.argv[1] + try: + f = open(argfile,"r") args = f.read() + finally: + f.close() msg = "writing syslog." syslog.openlog('ansible-%s' % os.path.basename(__file__)) @@ -91,22 +95,23 @@ def get_params(): return params -def keyfile(user, create=False): +def keyfile(user, write=False): """Calculate name of authorized keys file, optionally creating the directories and file, properly setting permissions. :param str user: name of user in passwd file - :param bool create: make directories and authorized key file if True + :param bool write: if True, write changes to authorized_keys file (creating directories if needed) :return: full path string to authorized_keys for user """ global msg msg = "Reading system user entry." user_entry = pwd.getpwnam(user) + msg = "Calculating special directories" homedir = user_entry.pw_dir sshdir = join(homedir, ".ssh") keysfile = join(sshdir, "authorized_keys") - if not create: return keysfile + if not write: return keysfile #create directories and files for authorized keys msg = "Reading user and group info." @@ -118,8 +123,10 @@ def keyfile(user, create=False): os.chmod(sshdir, 0700) msg = "Touching authorized keys file." if not exists( keysfile): - with file(keysfile, "w") as f: - f.write("#Authorized Keys File created by Ansible.") + try: + f = open(keysfile, "w") #touches file so we can set ownership and perms + finally: + f.close() os.chown(keysfile, uid, gid) os.chmod(keysfile, 0600) return keysfile @@ -128,15 +135,21 @@ def readkeys( filename): global msg msg = "Reading authorized_keys." if not isfile(filename): return [] - with file(filename) as f: + try: + f = open(filename) keys = [line.rstrip() for line in f.readlines()] + finally: + f.close() return keys def writekeys( filename, keys): global msg msg = "Writing authorized_keys." - with file(filename,"w") as f: + try: + f = open(filename,"w") f.writelines( (key + "\n" for key in keys) ) + finally: + f.close() def enforce_state( params): """Add or remove key. @@ -153,7 +166,7 @@ def enforce_state( params): state = params.get("state", "present") #== check current state - params["keyfile"] = keyfile(user) + params["keyfile"] = keyfile(user, write=False) #just get the filename, don't create file keys = readkeys( params["keyfile"]) present = key in keys @@ -161,11 +174,11 @@ def enforce_state( params): if state=="present": if present: return False #nothing to do keys.append(key) - writekeys(keyfile(user,create=True), keys) + writekeys(keyfile(user,write=True), keys) elif state=="absent": if not present: return False #nothing to do keys.remove(key) - writekeys(keyfile(user,create=True), keys) + writekeys(keyfile(user,write=True), keys) else: msg = "Invalid param: state." raise StandardError(msg)