From eb0c90ab8061315df9b6406e21d6281ce0a5065b Mon Sep 17 00:00:00 2001 From: Brian Coca Date: Tue, 9 Aug 2016 12:39:17 -0400 Subject: [PATCH] added unsafe_writes as common file feature (#17016) --- lib/ansible/module_utils/basic.py | 6 +++++- lib/ansible/utils/module_docs_fragments/files.py | 10 ++++++++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/lib/ansible/module_utils/basic.py b/lib/ansible/module_utils/basic.py index 2650768eb8..7f9c9e74dc 100644 --- a/lib/ansible/module_utils/basic.py +++ b/lib/ansible/module_utils/basic.py @@ -254,6 +254,7 @@ FILE_COMMON_ARGUMENTS=dict( regexp = dict(), # used by assemble delimiter = dict(), # used by assemble directory_mode = dict(), # used by copy + unsafe_writes = dict(type='bool'), # should be available to any module using atomic_move ) PASSWD_ARG_RE = re.compile(r'^[-]{0,2}pass[-]?(word|wd)?') @@ -902,7 +903,10 @@ class AnsibleModule(object): str(':'.join(new_context))) except OSError: e = get_exception() - self.fail_json(path=path, msg='invalid selinux context: %s' % str(e), new_context=new_context, cur_context=cur_context, input_was=context) + if e.errno == 95: # skip certain errors are they are 'ok'. + self.debug("Skipped setting selinux on '%s' as the operation is not suported: %s" % (path, to_str(e)) + else: + self.fail_json(path=path, msg='invalid selinux context: %s' % str(e), new_context=new_context, cur_context=cur_context, input_was=context) if rc != 0: self.fail_json(path=path, msg='set selinux context failed') changed = True diff --git a/lib/ansible/utils/module_docs_fragments/files.py b/lib/ansible/utils/module_docs_fragments/files.py index 4a79e394fd..7318b0df29 100644 --- a/lib/ansible/utils/module_docs_fragments/files.py +++ b/lib/ansible/utils/module_docs_fragments/files.py @@ -60,4 +60,14 @@ options: - level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the C(range). C(_default) feature works as for I(seuser). + unsafe_writes: + description: + - Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, + sometimes systems are configured or just broken in ways that prevent this. One example are docker mounted files, + they cannot be updated atomically and can only be done in an unsafe manner. + - This boolean option allows ansible to fall back to unsafe methods of updating files for those cases in which you do + not have any other choice. Be aware that this is subject to race conditions and can lead to data corruption. + required: false + default: false + version_added: "2.2" """