From 756df550f807ba58abd8f7d98c0ff881bfe4bc77 Mon Sep 17 00:00:00 2001 From: Brad Olson Date: Mon, 2 Jul 2012 17:57:38 +0000 Subject: [PATCH 1/2] Fixes ansible/ansible#523. Removed 'with:' blocks so module works with Python 2.4 for CentOS 5 support, courtesy of mcodd/ansible@29af24b73222c97e30f5843b67e321b95fb6c979. --- library/authorized_key | 25 +++++++++++++++++++------ 1 file changed, 19 insertions(+), 6 deletions(-) diff --git a/library/authorized_key b/library/authorized_key index e6ef384054..f519f4b1c2 100755 --- a/library/authorized_key +++ b/library/authorized_key @@ -75,8 +75,12 @@ def get_params(): global msg msg = "reading params" - with file(sys.argv[1]) as f: #read the args file + argfile = sys.argv[1] + try: + f = open(argfile,"r") args = f.read() + finally: + f.close() msg = "writing syslog." syslog.openlog('ansible-%s' % os.path.basename(__file__)) @@ -118,8 +122,11 @@ def keyfile(user, create=False): os.chmod(sshdir, 0700) msg = "Touching authorized keys file." if not exists( keysfile): - with file(keysfile, "w") as f: - f.write("#Authorized Keys File created by Ansible.") + try: + f = open(keysfile, "w") + f.write("#Authorized Keys File created by Ansible.\n") + finally: + f.close() os.chown(keysfile, uid, gid) os.chmod(keysfile, 0600) return keysfile @@ -128,15 +135,21 @@ def readkeys( filename): global msg msg = "Reading authorized_keys." if not isfile(filename): return [] - with file(filename) as f: + try: + f = open(filename) keys = [line.rstrip() for line in f.readlines()] + finally: + f.close() return keys def writekeys( filename, keys): global msg msg = "Writing authorized_keys." - with file(filename,"w") as f: + try: + f = open(filename,"w") f.writelines( (key + "\n" for key in keys) ) + finally: + f.close() def enforce_state( params): """Add or remove key. @@ -153,7 +166,7 @@ def enforce_state( params): state = params.get("state", "present") #== check current state - params["keyfile"] = keyfile(user) + params["keyfile"] = keyfile(user,create=True) keys = readkeys( params["keyfile"]) present = key in keys From be9ff7ff4694098936049943b931450b2cc1ce74 Mon Sep 17 00:00:00 2001 From: Brad Olson Date: Mon, 2 Jul 2012 19:16:57 +0000 Subject: [PATCH 2/2] Fixes ansible/ansible#522, no longer creates comment in ~/.ssh/authorized_keys, does not create directory or file if state==absent. --- library/authorized_key | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/library/authorized_key b/library/authorized_key index f519f4b1c2..eea56c988a 100755 --- a/library/authorized_key +++ b/library/authorized_key @@ -95,22 +95,23 @@ def get_params(): return params -def keyfile(user, create=False): +def keyfile(user, write=False): """Calculate name of authorized keys file, optionally creating the directories and file, properly setting permissions. :param str user: name of user in passwd file - :param bool create: make directories and authorized key file if True + :param bool write: if True, write changes to authorized_keys file (creating directories if needed) :return: full path string to authorized_keys for user """ global msg msg = "Reading system user entry." user_entry = pwd.getpwnam(user) + msg = "Calculating special directories" homedir = user_entry.pw_dir sshdir = join(homedir, ".ssh") keysfile = join(sshdir, "authorized_keys") - if not create: return keysfile + if not write: return keysfile #create directories and files for authorized keys msg = "Reading user and group info." @@ -123,8 +124,7 @@ def keyfile(user, create=False): msg = "Touching authorized keys file." if not exists( keysfile): try: - f = open(keysfile, "w") - f.write("#Authorized Keys File created by Ansible.\n") + f = open(keysfile, "w") #touches file so we can set ownership and perms finally: f.close() os.chown(keysfile, uid, gid) @@ -166,7 +166,7 @@ def enforce_state( params): state = params.get("state", "present") #== check current state - params["keyfile"] = keyfile(user,create=True) + params["keyfile"] = keyfile(user, write=False) #just get the filename, don't create file keys = readkeys( params["keyfile"]) present = key in keys @@ -174,11 +174,11 @@ def enforce_state( params): if state=="present": if present: return False #nothing to do keys.append(key) - writekeys(keyfile(user,create=True), keys) + writekeys(keyfile(user,write=True), keys) elif state=="absent": if not present: return False #nothing to do keys.remove(key) - writekeys(keyfile(user,create=True), keys) + writekeys(keyfile(user,write=True), keys) else: msg = "Invalid param: state." raise StandardError(msg)