1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
Commit graph

729 commits

Author SHA1 Message Date
Stephen Fromm
5be20f8748 Update file module selinux-awareness
This adds selinux_mls_enabled() and selinux_enabled() to detect a)
whether selinux is MLS aware (ie supports selevel) and b) whether
selinux is enabled.  If selinux is not enabled, all selinux operations
are punted on -- same as if python's selinux module were not available.
In set_context_if_different(), I now iterate over the current context
instead of the context argument.  Even if the system supports MLS, it
may not return the selevel from selinux.lgetfilecon().  Lastly, this
drops selinux_has_selevel() in lieu of the current approach.
2012-04-26 07:31:25 -07:00
Michael DeHaan
49c3ee9050 Merge pull request #247 from cocoy/devel
Do not override the value of user and hostname.
2012-04-26 05:20:04 -07:00
cocoy
1220a46e3a Bugfix for issue #245.
Do not override the value of user and hostname.
Get port and identityfile only.
2012-04-26 14:46:32 +08:00
Michael DeHaan
7773a62291 Development branch changelog update 2012-04-25 21:32:08 -04:00
Michael DeHaan
66869c39b0 changelog and readme 2012-04-25 21:32:08 -04:00
Michael DeHaan
acc6c9a9a5 Merge pull request #238 from sfromm/selinux
Fix issue #227
2012-04-25 10:33:04 -07:00
Michael DeHaan
d9ee5db15a Merge pull request #237 from jkleint/devel
Unify normal and sudo remote exeuction.
2012-04-25 10:32:36 -07:00
jkleint
44486223ed Unify normal and sudo remote command execution.
Commit SHA: 87b1cf45 that put temp files in `$HOME/.ansible` instead of `/home/<user>/.ansible` was producing a directory literally called `$HOME` (no expansion) with non-sudo remote execution.  I'll take the blame for this one, as `ParamikoConnection.exec_command()` was not using the shell for non-sudo commands.  This does sudo and non-sudo execution the same way, using the shell, so environment variables should get expanded.
2012-04-25 13:40:21 -03:00
Stephen Fromm
5c74a524b9 Fix for issue #227
Older versions of selinux, such as that deployed on rhel5, only return a
context of user:role:type instead of user:role:type:level.  This detects
whether the tuple has three elements (old-style) or four.  If the
old-style, it keeps the secontext list at three elements.
2012-04-25 09:39:11 -07:00
Michael DeHaan
bb1d72f2b4 Merge pull request #235 from skvidal/devel
fix for issue #230 - handle template taking 3  args
2012-04-25 09:05:55 -07:00
Seth Vidal
fa2aebc8a6 fix for issue #230 - handle template taking 3 args 2012-04-25 11:59:19 -04:00
Michael DeHaan
283b897a1f Merge pull request #233 from cocoy/devel
Bugfix for issue #229
2012-04-25 06:17:51 -07:00
cocoy
7a19a46e24 Bugfix for issue no. 229 2012-04-25 21:02:44 +08:00
Michael DeHaan
87b1cf45a4 Merge pull request #226 from cread/make-osx-tests-pass
Use the $HOME env var instead of hard coding /home/<username>
2012-04-24 15:22:43 -07:00
Michael DeHaan
decc46ad17 Merge pull request #224 from jkleint/devel
Support YAML list of hosts in playbook.
2012-04-24 13:58:18 -07:00
jkleint
4e1bc43645 Support YAML lists of hosts in playbooks.
Reading the docs, I was a bit confused as to how to specify multiple hosts/groups in a playbook.  Being YAML, I assumed a normal YAML list would work:

    ---
    - hosts: [host1, host2]

But this crashes when inventory._matches() assumes hosts is a string.  This patch just checks if hosts is a list, and turns it into a string joined by ';'.
2012-04-24 17:54:00 -03:00
Michael DeHaan
2999b6b2c4 Merge pull request #223 from jkleint/devel
runner._chain_file_module() calls .get() on error string
2012-04-24 13:52:58 -07:00
Chris Read
dbb4afff50 Use the /Users/cread env var instead of hard coding /home/<username> 2012-04-24 21:45:54 +01:00
jkleint
b50c50748e _chain_file_module() calls .get() on error string
runner._return_from_module() normally returns a list (?) of `[str,bool,dict,str]`, but on error it returns `[str,bool,str,str]`.  runner._chain_file_module() then tries to call .get() on the third item (`data2`), which fails when it's a string.  This patch only accesses `data2` if the return value was `ok`.  It might be better to return consistent types in both cases, but I'm not sure where/how else the return value is used.
2012-04-24 17:21:01 -03:00
Michael DeHaan
90a8893418 Merge pull request #220 from skvidal/devel
handle issues when the hostlist is inadvertently set executable
2012-04-24 08:19:17 -07:00
Seth Vidal
730cc89c5b Merge branch 'devel' of git://github.com/ansible/ansible into devel
* 'devel' of git://github.com/ansible/ansible: (2 commits)
  Fix tests for facter and the ansible_facts API.
  ...
2012-04-24 11:15:24 -04:00
Michael DeHaan
5f1bbb1de2 Merge pull request #219 from jhoekx/revert-facts-modules
Ohai and facter modules should not use the ansible_facts API.
2012-04-24 08:05:32 -07:00
Seth Vidal
41619278e5 handle issues when the hostlist is inadvertently set executable
and/or executing it fails. This produces a nicer error message than
a traceback
2012-04-24 11:03:14 -04:00
Jeroen Hoekx
cc579a8aa2 Fix tests for facter and the ansible_facts API. 2012-04-24 17:01:48 +02:00
Jeroen Hoekx
d3d26d0cd6 Ohai and facter modules should not use the ansible_facts API. 2012-04-24 16:57:04 +02:00
Michael DeHaan
02abb5a83b Merge pull request #217 from jhoekx/connection-fixes
Expand user in ssh identity file
2012-04-24 07:40:33 -07:00
Michael DeHaan
46b3dc744e Merge pull request #218 from jhoekx/ansible-facts-fixes
Fix incorrect merge of custom-facts branch.
2012-04-24 07:38:49 -07:00
Jeroen Hoekx
973b1fe02e Fix incorrect merge of custom-facts branch.
This fixes #216.
2012-04-24 16:11:56 +02:00
Jeroen Hoekx
c2f1aefaf1 Expand user in SSH identity file. 2012-04-24 15:56:46 +02:00
Jeroen Hoekx
1804df0bae Whitespace fixes in connection.py 2012-04-24 15:56:04 +02:00
Michael DeHaan
80e6d83660 Fix bug in library/file 2012-04-24 08:10:50 -04:00
Michael DeHaan
66ba31aeb0 Fix bug in library/file 2012-04-24 08:06:32 -04:00
Michael DeHaan
3311763225 Merge pull request #213 from mcodd/devel
bugfix for ssh_config patch
2012-04-24 04:55:08 -07:00
Matt Coddington
d34160ed26 cast ssh port number as integer 2012-04-24 00:38:24 -04:00
Michael DeHaan
89c013035e Merge branch 'integration' of https://github.com/cocoy/ansible into cocoy-integration 2012-04-23 21:30:44 -04:00
Michael DeHaan
bced4c9db1 Merge branch 'jhoekx-custom-facts' into devel 2012-04-23 21:25:26 -04:00
Michael DeHaan
49cca98f1e Merge branch 'custom-facts' of https://github.com/jhoekx/ansible into jhoekx-custom-facts
Conflicts:
	lib/ansible/runner.py
2012-04-23 21:24:52 -04:00
Michael DeHaan
d60efc235d Merge branch 'jkleint-integration' into devel 2012-04-23 21:22:27 -04:00
Michael DeHaan
346df537b4 Merge branch 'integration' of https://github.com/jkleint/ansible into jkleint-integration 2012-04-23 21:21:43 -04:00
Michael DeHaan
d37a7115a8 Merge branch 'master' into devel 2012-04-23 21:19:10 -04:00
Michael DeHaan
6ba91a715e Update README to indicate new branch name 2012-04-23 21:18:57 -04:00
Michael DeHaan
7de90c4e64 Version bump for integration branch (soon to be renamed 'devel'), didn't update package
changelogs yet since this isn't released yet (but 0.3 is)
2012-04-23 21:14:48 -04:00
Michael DeHaan
4d62510997 Version bump for 0.3 release 2012-04-23 21:11:43 -04:00
Michael DeHaan
a8707e48e8 Fix merge issue 2012-04-23 21:06:47 -04:00
Michael DeHaan
c00699d0ef Merge branch 'integration'
Conflicts:
	lib/ansible/playbook.py
	lib/ansible/runner.py
	library/apt
2012-04-23 21:05:06 -04:00
Michael DeHaan
321ed53e3a Fetch module doesn't set invocation parameter as it invokes nothing, so don't let that be an error. 2012-04-23 21:02:39 -04:00
Michael DeHaan
39f912899f Merge pull request #212 from sideswipewvu/debmake
Debmake
2012-04-23 17:10:13 -07:00
Henry Graham
21269a845f debian packaging 2012-04-23 19:17:01 -04:00
jkleint
e69e078569 More robust remote sudo.
The basic idea is sudo /bin/sh -c 'quoted_command'.  We use Paramiko's low-level API to set a timeout, get a pseudo tty, execute sudo and the (shell quoted) command atomically, wait just until sudo is ready to accept the password before sending it down the pipe, and then return the command's stdout and stderr.

This should be faster, as there are no unneeded sleeps.  There are no permissions issues reading the output.  It will raise socket.timeout if the command takes too long.  However, this is a per-read timeout, not a total execution timeout, so as long as the command is writing output and you are reading it, it will not time out.

Local and non-sudo commands remain unchanged, but should probably adopt a similar approach.

Since this is a significant change, it needs a lot of testing.  Also, someone smarter than I should double-check the quoting and execution, since it is a security issue.
2012-04-23 17:32:08 -03:00
Jeroen Hoekx
2dc9a563ef Allow modules to return facts.
If the module result contains "ansible_facts", that will be added to the setup
cache.
2012-04-23 21:28:12 +02:00