Toshio Kuratomi
9a7eb57718
Some changes to FIPS compat since SLES implements it differently
2014-11-11 20:23:03 -08:00
Toshio Kuratomi
6a85f3ebc7
Add comments/docstrings not to use md5 unless forced to by forces outside our control.
2014-11-10 12:01:44 -08:00
Toshio Kuratomi
f1267c0b05
Move from md5 to sha1 to work on fips-140 enabled systems
2014-11-06 21:28:04 -08:00
Monty Taylor
61ae3c732f
Add required_if to AnsibleModule
...
There is a common pattern in modules where some parameters are required
only if another parameter is present AND set to a particular value. For
instance, if a cloud server state is "present" it's important to
indicate the image to be used, but if it's "absent", the image that was
used to launch it is not necessary. Provide a check that takes as an
input a list of 3-element tuples containing parameter to depend on, the
value it should be set to, and a list of parameters which are required
if the required parameter is set to the required value.
2014-10-26 10:52:40 -07:00
Toshio Kuratomi
a10d10f647
Workaround more python-2.6 shlex not being able to handle unicode strings
2014-10-08 14:30:36 -04:00
James Cammarata
b376e208c7
Adding "follow" param for file/copy options
...
Also modifies the template action plugin to use this new param
when executing the file/copy modules for templating so that links
are preserved correctly.
Fixes #8998
2014-09-16 12:05:55 -05:00
Toshio Kuratomi
8233522a7a
Reduce commenting as basic.py is copied to the remote host with every module transfer.
...
Move some comments to the unittest as we might look at that if we decide
to refactor the code.
2014-09-05 07:39:17 -07:00
Toshio Kuratomi
1afc8161a1
New password obfuscation in syslog messages that:
...
* makes speed acceptable for some datasets
* obfuscates multiple detected passwords
* obfuscates more characters to account for some corner cases when
trying to detect passwords.
Fixes #8364
2014-09-04 17:57:52 -07:00
Toshio Kuratomi
4f55bcc298
Standardize on bytes internally to _log_invocation
2014-09-04 11:23:32 -07:00
Matt Martz
2b307985bc
Don't use ternary if statements. Fixes #8784
2014-08-27 19:16:48 -05:00
James Cammarata
c21c66c740
Merge branch 'file_symbolic_mode' of https://github.com/pbitty/ansible into pbitty-file_symbolic_mode
2014-08-25 19:38:44 -05:00
James Cammarata
24c4277479
Remove tabs added from 677de07
2014-08-21 14:07:18 -05:00
James Cammarata
5e240fec71
Merge branch 'devel' of https://github.com/l1k/ansible into l1k-devel
...
Conflicts:
test/integration/roles/test_copy/tasks/main.yml
2014-08-21 13:56:26 -05:00
James Cammarata
3a7aca6066
Fix no_log value for content in common file args settings
...
Also adds a test to ensure the content value is not logged.
Related to #8647
2014-08-19 10:47:18 -05:00
Lukas Wunner
677de07f44
Try optimistic chown, do not error out if not permitted to chown
...
Add unit test
2014-08-17 22:08:45 +02:00
James Cammarata
8dafacd4e9
Make env param a dict type instead of list
...
Also modifies param type checking code to remove whitespace from
around params before splitting them into k=v pairs.
Fixes #8199
2014-08-15 11:04:27 -05:00
James Cammarata
600a4657b4
Catch error in atomic_move when creating temporary file
...
Fixes #8480
2014-08-14 13:26:24 -05:00
Lukas Wunner
f4053fcf3a
Only chown on atomic move if invoked as root
...
Linux and BSD derivatives do not allow unprivileged users to
"give away" files to others for security reasons. (System V
derivatives allow that but they're rare nowadays.)
2014-08-14 16:56:11 +02:00
Michael DeHaan
d0205b2878
Merge pull request #8500 from sivel/rax-de-dupe
...
rax: Move additional shared code into module utils
2014-08-08 12:33:35 -04:00
Michael DeHaan
8c4161d4a1
Merge branch 'retf_py' of git://github.com/berendt/ansible into devel
...
Conflicts:
lib/ansible/inventory/vars_plugins/group_vars.py
plugins/callbacks/mail.py
2014-08-08 12:17:37 -04:00
Bekim Berisha
5272e1099d
Keep docstring up to date with the code in basic module
2014-08-07 13:40:57 +02:00
Matt Martz
88acb48753
Add ANSIBLE_VERSION to module_utils/basic.py and manipulate the pyrax user-agent
2014-08-06 16:28:42 -05:00
James Cammarata
5d0bb33ede
Make run_command process communication smarter
...
The run_command module function will now poll stdout/stderr for
data rather than using the builtin command communicate(), which can
hang under certain circumstances.
Fixes #7452
Fixes #7748
Fixes #8163
2014-08-04 15:32:41 -05:00
Michael DeHaan
645ab7baff
Merge pull request #7950 from mesk41in/devel
...
Fix unsupported regexp parameter in assemble
2014-07-28 12:01:12 -04:00
Michael DeHaan
fb60e767a7
Taking alternate approach.
...
Revert "Fix hostname when get_distribution_version() returns a string."
This reverts commit 08f97c0b9d
.
2014-07-28 11:35:33 -04:00
Michael DeHaan
628d828876
Merge pull request #8087 from neersighted/string_version
...
Fix hostname when get_distribution_version() returns a string.
2014-07-28 11:24:58 -04:00
Michael DeHaan
630f080cf0
Start of unit tests for split_args function, moved split_args to utils since not needed by modules (so far).
2014-07-24 20:15:04 -04:00
Michael DeHaan
b5d64fdb36
Some notes/comment upgrades on split_args.
2014-07-24 16:34:06 -04:00
James Cammarata
43154e5101
Using custom splitting function for module param counting
2014-07-24 14:42:35 -05:00
James Cammarata
84759faa09
Security fixes:
...
* Strip lookup calls out of inventory variables and clean unsafe data
returned from lookup plugins (CVE-2014-4966)
* Make sure vars don't insert extra parameters into module args and prevent
duplicate params from superseding previous params (CVE-2014-4967)
2014-07-21 11:20:49 -05:00
Ruggero Marchei
909955f2e2
fix get_distribution_version() on amazon linux
2014-07-15 18:04:46 +02:00
Bjorn Neergaard
08f97c0b9d
Fix hostname when get_distribution_version() returns a string.
...
The distro version is a string ('jessie/sid') on Debian unstable and testing.
Because load_platform_subclass() evaluations every subclass as it loops,
comparing numbers when get_distribution_version() does not return a number will
break.
This patch fixes that by returning a number (`0`) when we have an invalid
version, instead of returning `None` or a string.
2014-07-10 11:27:03 -07:00
James Cammarata
81f35323e9
Revert "Fix get_distribution() for platforms that may have spaces"
...
This reverts commit 2493020d9f
.
2014-07-02 09:44:44 -05:00
mesk41in
488aec3936
Fix unsupported regexp parameter in assemble
2014-06-27 13:54:59 +04:00
James Cammarata
3c3c710a58
Merge branch 'module_safe_eval' into fix_lineinfile_newlines
2014-06-20 00:16:52 -05:00
James Cammarata
2493020d9f
Fix get_distribution() for platforms that may have spaces
...
The new CentOS 7 beta lists the distribution as "CentOS Linux", which
breaks the distribution detection and class loading. This patch fixes
that by taking just the first entry in the string when a space is
detected.
2014-06-18 13:10:39 -05:00
Ruggero Marchei
e3f5af377f
move get_distribution_version() to basic.py
2014-06-17 10:22:14 +02:00
James Cammarata
b4d130d086
Add a new password pattern to the run_command filter
2014-06-12 07:42:25 -05:00
James Cammarata
849b0f87ce
Fix error when using os.getlogin() without a tty
2014-06-03 09:36:19 -05:00
James Cammarata
e99df21647
Support checking for su user to atomic_move
...
Fixes #7553
2014-05-27 16:04:02 -05:00
James Cammarata
0ac74aaf59
Also set the environment variables when resetting the locale to C
2014-05-19 23:22:46 -05:00
James Cammarata
285d9878ae
Reset locale to 'C' if the specified one is invalid
...
Fixes #7448
2014-05-19 10:26:06 -05:00
James Cammarata
df877f2e79
Check module_path permissions when creating ssh_wrapper for git
...
If the module directory is not writable/executable to the current user
(most likely because of a sudo to a non-root user), the ssh_wrapper
will be created in the default location for mkstemp() calls. To facilitate
the deletion of these new files, a new mechanism for cleaning up files
created by the module was also added.
Fixes #7375
2014-05-14 21:22:22 -05:00
James Cammarata
56515a38d5
Only chown on atomic move if the uid/gid don't match the src/tmp file
...
This is a corner case for remote file systems that don't support
chown() and where the source and destination for the atomic_move
are on that remote file system.
Fixes #7372
2014-05-14 09:59:12 -05:00
Christian Berendt
6676720ce5
fixed typos found by RETF rules in PY files
...
rules are avaialble at https://en.wikipedia.org/wiki/Wikipedia:AutoWikiBrowser/Typos
2014-05-03 18:40:05 +02:00
James Cammarata
54b1f820fb
Modify the way we set the localization environment
...
Previously, we set the LANG (and LC_CTYPE) environment variables
directly in the module code and applied them with os.environ().
Instead, we are now pre-pending those variables to the environment
string used to execute the command which allows the user to
override the localization values by setting the environment values
directly (even on a per-task basis):
- subversion: repo=file:///path/to/repos/svn_über dest=/tmp/svntest
environment:
LANG: "C"
LC_CTYPE: "en_US.UTF-8"
So if a user wishes to default their LANG back to C, they can still
avoid unicode issues by doing the above.
Fixes #7060
2014-05-01 10:34:53 -05:00
Jiri Barton
9da06274a8
Set proper file permisions when a file is created with atomic_move
...
Fixes #7196
2014-04-29 08:41:22 -05:00
Michael DeHaan
9a6998aa17
While this code is unused, this remote module copy of this function should not be carried around in the source code.
2014-04-29 08:12:11 -04:00
James Cammarata
c115c34a1f
Set the default LANG to en_US.UTF-8 and also set LC_CTYPE
...
Fixes #6737
2014-04-22 00:48:32 -05:00
James Cammarata
68c30548e0
Properly catch and decode unicode strings in module _log_invocation()
...
Fixes #7084
2014-04-21 11:33:23 -05:00
James Cammarata
3715482d7c
Determine selinux context for NFS mount points correctly
...
Fixes #7009
2014-04-18 09:39:58 -05:00
James Cammarata
23c5f4524d
Make sure args in run_command are encoded for shlex.split calls on py2.6
2014-04-15 13:04:41 -04:00
James Cammarata
9ca8c3262c
Switch module safe_eval to ast.literal_eval
2014-04-08 09:05:07 -05:00
James Cammarata
82b24c162e
Adding delimiter fixes to action_plugin + fixing local assembling with a delimiter
...
Also added a new integration test for assemble using local assembly
with a delimiter.
2014-04-03 16:32:35 -05:00
Harlan Lieberman-Berg
876b8085aa
Add directory_mode to common file parameters to prevent errors.
2014-04-02 17:41:39 -04:00
Michael DeHaan
a6b25e8657
Allow type=list module arguments to accept integers and floats.
2014-03-28 11:19:49 -04:00
James Tanner
3194fbd365
Fixes #6655 catch unicode encoding errors before sending to syslog
2014-03-25 16:07:12 -04:00
James Cammarata
4ea12c1b86
Make sure stat of dest is available in atomic_move
...
Fixes #6682
2014-03-25 14:03:21 -05:00
Sébastien Gross
ef6b437d0d
Fix TypeError when using old simplejson lib.
...
On some very old simplejson does not support the 'encoding' and give
following exception:
TypeError: __init__() got an unexpected keyword argument 'encoding'
This fix runs json.dump with no encoding key (such as before #a023cb) on
TypeError exception only.
2014-03-25 14:50:29 +01:00
James Cammarata
db345391e3
Fixing ownership when atomic_move is creating a file while sudo'ing
...
Fixes #6647
2014-03-24 15:10:43 -05:00
James Cammarata
bb723bedee
Merge branch 'atomic_move_restore_owner_group_rebase' of https://github.com/tyll/ansible into tyll-atomic_move_restore_owner_group_rebase
2014-03-24 09:34:51 -05:00
Till Maas
898a38b074
module_utils/atomic_move(): Use tempfile module
...
Fix a potential race condition by using the tempfile module.
2014-03-20 12:34:19 +01:00
Till Maas
8f778a83df
module_utils/atomic_move(): Restore owner/group
...
Manually restore owner and group if both src and dest are on a separate
file system.
2014-03-20 12:34:19 +01:00
James Tanner
67517e96d3
Fixes #6567 put the git wrapper script in the module temp dir
2014-03-19 10:30:10 -04:00
James Cammarata
3f5440f7df
Make modules set a valid working directory
...
Fixes #6546
2014-03-18 10:37:52 -05:00
Brian Coca
2d25577e11
Fixes and cleanup to file functions and module
...
- unified set attribute functions ... not sure why 2 identical functions
exist with diff names, now there are 3 while i repoint all modules to 1
- fixed issue with symlinks being created w/o existing src when force=no
- refactored conditionals, simplified where possible
- added tests for symlink to nonexistant source, with both force options
- made symlink on existing attomic (force)
2014-03-15 13:54:24 -04:00
James Cammarata
a0cb974575
Be sure to return to the old directory if cwd is set in run_command
2014-03-13 16:24:29 -05:00
James Tanner
a348f67238
Reset the current directory after running subprocess.Popen
2014-03-13 17:15:23 -04:00
James Cammarata
677008bef7
Rejoin args list into a string for run_command when using an unsafe shell
...
This allows the use of an args list with leading environment variables,
which otherwise would fail due to the way Popen works.
2014-03-13 14:31:32 -05:00
James Cammarata
5233d4bc31
Fix typo in run_command when sending data that is not binary
2014-03-13 14:28:51 -05:00
James Cammarata
b1a37dcc08
Revert "Rejoin args list into a string for run_command when using an unsafe shell"
...
This reverts commit 4273cb2d8e
.
2014-03-13 14:04:51 -05:00
James Cammarata
4273cb2d8e
Rejoin args list into a string for run_command when using an unsafe shell
...
This allows the use of an args list with leading environment variables,
which otherwise would fail due to the way Popen works.
2014-03-13 13:51:59 -05:00
James Cammarata
303e085f8b
Only use cwd in run_command kwargs if the directory exists
2014-03-12 15:59:55 -05:00
James Cammarata
60a7f57300
Make sure the cwd exists in run_command before trying to use it
2014-03-12 14:33:31 -05:00
Dan Koch
bbf320fd22
Work around for cwd stat problems with run_command and sudo
...
This fixes issue #6443
2014-03-12 14:59:50 -04:00
Michael DeHaan
6d841d120e
Don't process shell commands as arrays.
2014-03-12 11:57:28 -04:00
Michael DeHaan
cfabc2e28a
module.run_command is intended to bypass the shell here, so can't do ">>"
2014-03-12 10:57:49 -04:00
Michael DeHaan
0b0ca95731
Expand environment variables and tildes passed to commands generically across the board.
2014-03-12 10:11:09 -04:00
James Tanner
ba0fec4f42
Force command action to not be executed by the shell unless specifically enabled
2014-03-10 16:13:30 -05:00
James Cammarata
9730157525
Validate SSL certs accessed through urllib*
...
* Adds another module utility file which generalizes the
access of urls via the urllib* libraries.
* Adds a new spec generator for common arguments.
* Makes the user-agent string configurable.
Fixes #6211
2014-03-10 16:06:52 -05:00
James Cammarata
2a0028e687
Sanitize run_command argument output
...
Fixes #6316
2014-03-06 13:34:22 -06:00
James Cammarata
3b2d409906
Fixing several bugs in assemble and updating tests
...
Bugfixes:
* the remote_src param was not being converted to a boolean correctly,
resulting in it never being used by the module as the default behavior
was remote_src=True (issue #5581 )
* the remote_src param was not listed in the generic file params, leading
to a failure when the above bug regarding remote_src was fixed
* the delimiter should always end with a newline to ensure that the file
fragments do not run together on one line
Fixes #5581
2014-02-24 14:27:23 -06:00
James Cammarata
b6222abee6
Fix unicode decode error in syslog for modules
...
Fixes #6056
2014-02-19 09:42:01 -05:00
Martin Thorsen Ranang
7e23ed345f
Avoid breaking on unicode input when logging to syslog in modules
...
After commit 254f87e
, non-ascii input broke logging to syslog.
2014-02-17 23:56:08 +01:00
James Cammarata
0cfaabf9cb
Make sure unicode params don't break logging in modules
2014-02-17 13:37:48 -06:00
James Cammarata
b8646991db
Filter out messages that match the pattern username:password@host
...
This filtering is done in both the module invocation logging and in
the regular verbose() logging output.
Fixes #4087
2014-02-13 14:23:49 -06:00
James Cammarata
254f87e7dd
Fix log handling of unicode output to syslog in modules
2014-02-12 11:27:52 -06:00
James Cammarata
a023cbce14
When using jsonify in modules, try several unicode encoding for dumps()
...
Fixes #4821
2014-02-11 14:19:40 -06:00
James Tanner
b3ab7e7885
Check mutually_exclusive parameters before applying defaults
2014-02-07 13:42:08 -05:00
James Cammarata
75e3b59bbd
Adding no_log: capability for tasks
...
Fixes #4088
2014-01-31 16:58:46 -06:00
willthames
31f5ecea60
Allow float as an argument type in AnsibleModule
2014-01-13 14:15:23 +10:00
jctanner
301a1189dd
Merge pull request #5122 from willthames/openlog_str
...
Make first argument to syslog.openlog be a string
2013-12-13 08:51:48 -08:00
Paulo Bittencourt
fc3597af5d
files/file: add support for symbolic permission modes
2013-12-09 04:32:36 +00:00
James Tanner
bf78d8cf73
Addresses #5090 setup module was using path.is_file instead of path.isfile
2013-12-05 11:36:54 -05:00
Will Thames
76aca4d547
Make first argument to syslog.openlog be a string
...
syslog.openlog expects its first argument to be a string.
Without this change running under ipython fails.
2013-12-02 19:11:27 +10:00
dragon3
d39e6fda92
hostname module: add support for Amazon Linux
2013-11-28 09:31:25 +09:00
James Tanner
74e7eba528
Fixes #4506 test length of context before checking invalid indexes
2013-11-08 13:17:02 -05:00
James Tanner
898de833b0
Merge pull request #4413 from jerm/ansible
...
Add capability to pass in a PATH prefix to run_command and allow pip module
to utilize that to make virtualenv bin/ available in pip installs
2013-11-07 15:51:27 -05:00
James Tanner
dc4d589ce0
Fixes #4767 detect hard links and set state in add_file_info
2013-11-01 09:41:22 -04:00
Michael DeHaan
b1b5280075
Reapply pep8 changes from previous revert.
2013-10-31 19:47:44 -04:00
Michael DeHaan
465f3b1c91
This allows type=dict in a module to allow passing in a real dict or JSON.
2013-10-31 18:46:13 -04:00
Michael DeHaan
d34a26e307
Undo an inadvertant revert from template changes so we still allow pythonic imports in module land.
2013-10-31 16:53:05 -04:00
James Tanner
d154bf8781
Revert templating enhancements from 73dbab70
e6c28658
d409352c
9858b1f2
4587528b
9b1fe455
214b0b05
8d3db803
7f9504d1
5031104c
35cb9dc2
2bd8cb57
1e85c754
2013-10-30 10:50:16 -04:00
Michael DeHaan
54c902f102
Identation + misc PEP8 fixes.
2013-10-26 11:18:11 -04:00
Michael DeHaan
9858b1f2f3
Enable imports to work on a snippet based system, allowing for instance a library of common EC2 functions
...
to be reused between modules. See library/system/service and library/system/ping for initial examples. Can
work the old way to just import 'basic', or can import the new way to import multiple pieces of code from
module_utils/.
2013-10-26 11:09:30 -04:00