1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
community.general/changelogs/fragments
Jon Ellis 97c72f88b7
Sudoers validate (#4794)
* Use visudo to validate sudoers rules before use

* Replace use of subprocess.Popen with module.run_command

* Switch out apt for package

* Check file mode when verifying file to determine whether something needs to change

* Only install sudo package for debian and redhat environments (when testing)

* Attempt to install sudo on FreeBSD too

* Try just installing sudo for non-darwin machines

* Don't validate file ownership

* Attempt to install sudo on all platforms

* Revert "Attempt to install sudo on all platforms"

This reverts commit b9562a8916.

* Remove file permissions changes from this PR

* Add changelog fragment for 4794 sudoers validation

* Add option to control when sudoers validation is used

* Update changelog fragment

Co-authored-by: Felix Fontein <felix@fontein.de>

* Add version_added to validation property

Co-authored-by: Felix Fontein <felix@fontein.de>

* Also validate failed sudoers validation error message

Co-authored-by: Felix Fontein <felix@fontein.de>

* Make visudo not executable instead of trying to delete it

* Update edge case validation

* Write invalid sudoers file to alternative path to avoid breaking sudo

* Don't try to remove or otherwise modify visudo on Darwin

* Update plugins/modules/system/sudoers.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Remove trailing extra empty line to appease sanity checker

Co-authored-by: Felix Fontein <felix@fontein.de>
2022-06-21 12:41:24 +02:00
..
.keep Rename changelogs/fragments/.empty -> changelogs/fragments/.keep 2020-08-07 08:17:57 +02:00
4520-xfconf-deprecate-disable-facts.yml [6.0.0] xfconf - deprecate parameter disable_facts (#4520) 2022-05-17 19:26:06 +02:00
4654-alternatives-add-subcommands.yml Add subcommands parameter for module alternatives. (#4654) 2022-06-06 10:33:39 +02:00
4674-use-mh-raise.yaml Multiple modules using ModuleHelper (#4674) 2022-05-23 07:19:24 +02:00
4682-compatibility-virtualmedia-resource-location.yaml Update lenovoxcc module for compatibility with the virtualMedia resource location from Manager to System (#4682) 2022-05-18 07:24:27 +02:00
4700-code-changes.yml Add RHEL 9.0, FreeBSD 13.1, Ubuntu 22.04 and Fedora 36 to CI, fix bug in filesystem module (#4700) 2022-05-22 17:20:30 +02:00
4712-consul-bugfix.yaml consul: applied bugfix from issue (#4712) 2022-05-23 07:22:15 +02:00
4719-fix-keycloak-realm.yaml keycloak_realm: fix default groups and roles (#4241) (#4719) 2022-05-30 12:48:06 +02:00
4724-proxmox-qemu-extend.yaml Proxmox Inventory: added new statuses for qemu (#4723) 2022-06-04 09:15:02 +02:00
4726-zfs.yml Fix quoting bug in zfs. (#4726) 2022-05-28 21:38:30 +02:00
4733-redis-fail.yml fix invalid fail_json call (#4733) 2022-05-30 08:03:25 +02:00
4736-cmd-runner-skip-if-check.yml cmd_runner: added flag check_mode_skip to context (#4736) 2022-06-04 09:13:37 +02:00
4740-puppet-feature.yaml Add puppet confdir option (#4740) 2022-06-06 10:32:20 +02:00
4746-add-vpn-support-nmcli.yaml add support to create L2TP and PPTP VPN connection (#4746) 2022-06-06 21:16:27 +02:00
4752-ansible-galaxy-install-mh-updates.yml ansible_galaxy_install: minor improvements based on MH updates (#4752) 2022-06-04 09:14:17 +02:00
4755-mhexception-improvement.yml ModuleHelperException module utils - improved exception initialization (#4755) 2022-06-06 10:30:55 +02:00
4776-xfconf-cmd-runner.yaml xfconf module utils: providing a cmd_runner object (#4776) 2022-06-06 10:38:46 +02:00
4777-cmd-runner-deprecate-fmt.yaml cmd_runner: deprecate fmt as the name for the format class (#4777) 2022-06-05 18:37:59 +02:00
4780-passwordstore-wrapper-compat.yml passwordstore: Make compatible with shims (#4780) 2022-06-15 08:08:04 +02:00
4791-cmd-runner-callable.yaml cmd_runner: add __call__ method to invoke context (#4791) 2022-06-15 08:06:26 +02:00
4794-sudoers-validation.yml Sudoers validate (#4794) 2022-06-21 12:41:24 +02:00
4809-redhat_subscription-unsubscribe.yaml redhat_subscription: call 'remove' instead of 'unsubscribe' (#4809) 2022-06-14 07:26:38 +02:00
4810-alternatives-bug.yml alternatives: Fix bug with priority default (#4810) 2022-06-13 21:40:02 +02:00
4813-fix-nmcli-convert-list.yaml nmcli: do not convert undefined lists to empty strings (#4813) 2022-06-13 11:56:10 +02:00
4814-sudoers-file-permissions.yml Ensure managed sudoers config files have 0440 permissions (#4814) 2022-06-12 08:17:56 +02:00
4816-proxmox-fix-extended-status.yaml Added conditional to only collect qmpstatus on qemu VMs (#4816) 2022-06-11 13:46:17 +02:00
4836-alternatives.yml Fix alternatives module (#4836) 2022-06-14 16:02:31 +02:00
4839-fix-VirtualMediaInsert-Supermicro.yml redfish_command: VirtualMediaInsert does not work with Supermicro (#4839) 2022-06-20 19:13:31 +02:00
4852-sudoers-state-absent.yml sudoers: fix handling of state: absent (#4852) (#4853) 2022-06-19 15:34:24 +02:00
psf-license.yml Add PSF-license.txt for plugins/module_utils/_mount.py (#4847) 2022-06-17 08:21:34 +02:00
simplified-bsd-license.yml Add simplified_bsd.txt license file (#4759) 2022-06-02 07:30:06 +02:00