mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
[PR #8057/c13bede0 backport][stable-7] pam_limits: do not create file in check mode when it does not exist (#8070)
pam_limits: do not create file in check mode when it does not exist (#8057)
Do not create file in check mode when it does not exist.
(cherry picked from commit c13bede0c5
)
Co-authored-by: Felix Fontein <felix@fontein.de>
This commit is contained in:
parent
0c676df7cf
commit
ddf566a729
2 changed files with 17 additions and 10 deletions
2
changelogs/fragments/8057-pam_limits-check-mode.yml
Normal file
2
changelogs/fragments/8057-pam_limits-check-mode.yml
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
bugfixes:
|
||||||
|
- "pam_limits - when the file does not exist, do not create it in check mode (https://github.com/ansible-collections/community.general/issues/8050, https://github.com/ansible-collections/community.general/pull/8057)."
|
|
@ -175,7 +175,6 @@ def main():
|
||||||
limits_conf = '/etc/security/limits.conf'
|
limits_conf = '/etc/security/limits.conf'
|
||||||
|
|
||||||
module = AnsibleModule(
|
module = AnsibleModule(
|
||||||
# not checking because of daisy chain to file module
|
|
||||||
argument_spec=dict(
|
argument_spec=dict(
|
||||||
domain=dict(required=True, type='str'),
|
domain=dict(required=True, type='str'),
|
||||||
limit_type=dict(required=True, type='str', choices=pam_types),
|
limit_type=dict(required=True, type='str', choices=pam_types),
|
||||||
|
@ -201,6 +200,7 @@ def main():
|
||||||
new_comment = module.params['comment']
|
new_comment = module.params['comment']
|
||||||
|
|
||||||
changed = False
|
changed = False
|
||||||
|
does_not_exist = False
|
||||||
|
|
||||||
if os.path.isfile(limits_conf):
|
if os.path.isfile(limits_conf):
|
||||||
if not os.access(limits_conf, os.W_OK):
|
if not os.access(limits_conf, os.W_OK):
|
||||||
|
@ -208,7 +208,7 @@ def main():
|
||||||
else:
|
else:
|
||||||
limits_conf_dir = os.path.dirname(limits_conf)
|
limits_conf_dir = os.path.dirname(limits_conf)
|
||||||
if os.path.isdir(limits_conf_dir) and os.access(limits_conf_dir, os.W_OK):
|
if os.path.isdir(limits_conf_dir) and os.access(limits_conf_dir, os.W_OK):
|
||||||
open(limits_conf, 'a').close()
|
does_not_exist = True
|
||||||
changed = True
|
changed = True
|
||||||
else:
|
else:
|
||||||
module.fail_json(msg="directory %s is not writable (check presence, access rights, use sudo)" % limits_conf_dir)
|
module.fail_json(msg="directory %s is not writable (check presence, access rights, use sudo)" % limits_conf_dir)
|
||||||
|
@ -224,15 +224,20 @@ def main():
|
||||||
|
|
||||||
space_pattern = re.compile(r'\s+')
|
space_pattern = re.compile(r'\s+')
|
||||||
|
|
||||||
|
if does_not_exist:
|
||||||
|
lines = []
|
||||||
|
else:
|
||||||
|
with open(limits_conf, 'rb') as f:
|
||||||
|
lines = list(f)
|
||||||
|
|
||||||
message = ''
|
message = ''
|
||||||
f = open(limits_conf, 'rb')
|
|
||||||
# Tempfile
|
# Tempfile
|
||||||
nf = tempfile.NamedTemporaryFile(mode='w+')
|
nf = tempfile.NamedTemporaryFile(mode='w+')
|
||||||
|
|
||||||
found = False
|
found = False
|
||||||
new_value = value
|
new_value = value
|
||||||
|
|
||||||
for line in f:
|
for line in lines:
|
||||||
line = to_native(line, errors='surrogate_or_strict')
|
line = to_native(line, errors='surrogate_or_strict')
|
||||||
if line.startswith('#'):
|
if line.startswith('#'):
|
||||||
nf.write(line)
|
nf.write(line)
|
||||||
|
@ -323,17 +328,17 @@ def main():
|
||||||
message = new_limit
|
message = new_limit
|
||||||
nf.write(new_limit)
|
nf.write(new_limit)
|
||||||
|
|
||||||
f.close()
|
|
||||||
nf.flush()
|
nf.flush()
|
||||||
|
|
||||||
with open(limits_conf, 'r') as content:
|
|
||||||
content_current = content.read()
|
|
||||||
|
|
||||||
with open(nf.name, 'r') as content:
|
with open(nf.name, 'r') as content:
|
||||||
content_new = content.read()
|
content_new = content.read()
|
||||||
|
|
||||||
if not module.check_mode:
|
if not module.check_mode:
|
||||||
# Copy tempfile to newfile
|
if does_not_exist:
|
||||||
|
with open(limits_conf, 'a'):
|
||||||
|
pass
|
||||||
|
|
||||||
|
# Move tempfile to newfile
|
||||||
module.atomic_move(nf.name, limits_conf)
|
module.atomic_move(nf.name, limits_conf)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
|
@ -344,7 +349,7 @@ def main():
|
||||||
res_args = dict(
|
res_args = dict(
|
||||||
changed=changed,
|
changed=changed,
|
||||||
msg=message,
|
msg=message,
|
||||||
diff=dict(before=content_current, after=content_new),
|
diff=dict(before=b''.join(lines), after=content_new),
|
||||||
)
|
)
|
||||||
|
|
||||||
if backup:
|
if backup:
|
||||||
|
|
Loading…
Reference in a new issue