* Share the implementation of hashing for both vars_prompt and password_hash.
* vars_prompt with encrypt does not require passlib for the algorithms
supported by crypt.
* Additional checks ensure that there is always a result.
This works around issues in the crypt.crypt python function that returns
None for algorithms it does not know.
Some modules (like user module) interprets None as no password at all,
which is misleading.
* The password_hash filter supports all parameters of passlib.
This allows users to provide a rounds parameter, fixing #15326.
* password_hash is not restricted to the subset provided by crypt.crypt,
fixing one half of #17266.
* Updated documentation fixes other half of #17266.
* password_hash does not hard-code the salt-length, which fixes bcrypt
in connection with passlib.
bcrypt requires a salt with length 22, which fixes#25347
* Salts are only generated by ansible when using crypt.crypt.
Otherwise passlib generates them.
* Avoids deprecated functionality of passlib with newer library versions.
* When no rounds are specified for sha256/sha256_crypt and sha512/sha512_crypt
always uses the default values used by crypt, i.e. 5000 rounds.
Before when installed passlibs' defaults were used.
passlib changes its defaults with newer library versions, leading to non
idempotent behavior.
NOTE: This will lead to the recalculation of existing hashes generated
with passlib and without a rounds parameter.
Yet henceforth the hashes will remain the same.
No matter the installed passlib version.
Making these hashes idempotent.
Fixes#15326Fixes#17266Fixes#25347 except bcrypt still uses 2a, instead of the suggested 2b.
* random_salt is solely handled by encrypt.py.
There is no _random_salt function there anymore.
Also the test moved to test_encrypt.py.
* Uses pytest.skip when passlib is not available, instead of a silent return.
* More checks are executed when passlib is not available.
* Moves tests that require passlib into their own test-function.
* Uses the six library to reraise the exception.
* Fixes integration test.
When no rounds are provided the defaults of crypt are used.
In that case the rounds are not part of the resulting MCF output.
* Resolve issues in NetApp E-Series Host module
The E-Series host module had some bugs relating to the update/creation
of host definitions when iSCSI initiators when included in the
configuration. This patch resolves this and other minor issues with
correctly detecting updates.
There were also several minor issues found that were causing issues with
truly idepotent updates/changes to the host definition.
This patch also provides some unit tests and integration tests to help
catch future issues in these areas.
fixes#28272
* Improve NetApp E-Series Host module testing
The NetApp E-Series Host module integration test lacked feature test
verification to verify the changes made to the storage array.
The NetApp E-Series rest api was used to verify host create, update, and
remove changes made to the NetApp E-Series storage arrays.
* issue:43021 add support for onyx version 3.6.6000
Signed-off-by: Samer Deeb <samerd@mellanox.com>
* issue:43021 add support for onyx version 3.6.6000
Signed-off-by: Samer Deeb <samerd@mellanox.com>
when using only an activation key without any channels.
As already suggested by mattclay in
https://github.com/ansible/ansible/pull/25079
and also patch unit test for rhn_register and
add test case for activationkey only
Portions of the f5-sdk were removed as well as the netaddr library
and were replaced with libraries that are part of ansible. Additionally,
deprecated code has been removed.
* Don't use copy.deepcopy in high workload areas, use deepishcopy. ci_complete
* Add tests
* Add changelog fragment
* rename to naive_deepcopy and add extra docs
* Rename to module_response_deepcopy and move to vars/clean
* Refactor yum and dnf, add feature parity
Signed-off-by: Adam Miller <admiller@redhat.com>
* remove unnecessary module_utils, move the classes into the module code
Signed-off-by: Adam Miller <admiller@redhat.com>
* remove yum -> yum4, out of scope
Signed-off-by: Adam Miller <admiller@redhat.com>
* use ABCMeta
Signed-off-by: Adam Miller <admiller@redhat.com>
* re-arrange run() caller vs callee
Signed-off-by: Adam Miller <admiller@redhat.com>
* make sanity checks happy
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix yum unit tests
Signed-off-by: Adam Miller <admiller@redhat.com>
* remove unecessary debug statements, fix typo
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix licensing and attribution in yumdnf module_util
Signed-off-by: Adam Miller <admiller@redhat.com>
* include fix from PR 40737
original commit 5cbda9658a
original Author: Strahinja Kustudic <kustodian@gmail.com>
yum will fail on 'No space left on device', fixes#32791 (#40737)
During the installing of packages if yum runs out of free disk space,
some post install scripts could fail (like e.g. when the kernel
package generates initramfs), but yum would still exit with a status
0. This is bad, especially for the kernel package, because it makes
it unable to boot. Because the yum module is usually used for
automation, which means the users cannot read every message yum
prints, it's better that the yum module fails if it detects that
there is no free space on the disk.
Signed-off-by: Adam Miller <admiller@redhat.com>
* Revert "fix licensing and attribution in yumdnf module_util"
This reverts commit 59e11de5a2a6efa17ac3f0076bb162348c02e1bd.
* move fetch_rpm_from_url out of yumdnf module_util
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix the move of fetch_rpm_from_url
Signed-off-by: Adam Miller <admiller@redhat.com>
- support config operations for EXOS-based platforms
- add regex to detect command failure responses
- add exos action plugin for "backup" operation
- add unit tests for exos_command (currently 94% coverage of
exos_config.py)
NOTE:
1. use os.open() with os.O_CREAT|os.O_EXCL to check existence
and create a lock file if not exists, it's an atomic operation
2. the fastest process will create the lock file and others will
wait until the lock file is removed
3. after the writer finished writing to the password file, all the reading
operations use built-in open so processes can read the file parallel