1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
community.general/changelogs/fragments
David Hummel 7f96b7df60
nmcli: writing secrets to command line is a security hole (#3160)
* nmcli: use `stdin` for setting private `wifi_sec` options

I.E.:
* `802-11-wireless-security.leap-password`
* `802-11-wireless-security.psk`
* `802-11-wireless-security.wep-key0`
* `802-11-wireless-security.wep-key1`
* `802-11-wireless-security.wep-key2`
* `802-11-wireless-security.wep-key3`

* Changelog fragement formatting.

* Update changelogs/fragments/3160-pass-wifi-secrets-via-stdin-to-nmcli-module.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

* Make `wifi_sec_secret_options()` into a constant

* Minor cleanup

`'set ' + key + ' ' + value`
=>
`'set %s %s' % (key, value)`

* Change `casing`

* Change `WIFI_SEC_SECRET_OPTIONS` from `list` to `tuple`

* Update `edit_connection()` to not reset `edit_commands`

It will just re`set` them if `edit_connection()` is called more than 
once.

* Do not call `edit_connection()` if `connection_update(*)` fails

* Fixed `pep8` issue `E713` in tests

`test for membership should be 'not in'`

* Simplify `create_connection()`/`modify_connection()` logic

* `WIFI_SEC_SECRET_OPTIONS`=>`SECRET_OPTIONS`, options are prefixed

* Moved `if key in self.SECRET_OPTIONS` into `if value is not None` check

We don't need to do anything is the value is None

Co-authored-by: Felix Fontein <felix@fontein.de>
2021-08-08 18:35:52 +02:00
..
.keep Rename changelogs/fragments/.empty -> changelogs/fragments/.keep 2020-08-07 08:17:57 +02:00
1085-consul-acl-hcl-whitelist-update.yml 1085 updating the hcl whitelist to include all supported options (#2495) 2021-05-17 07:32:51 +02:00
1334-jenkins-plugin-fallback-urls.yaml Add fallback url for jenkins plugin (#1334) 2021-06-29 10:26:59 +04:30
1942_timezone.yml timezone: change warning to debug (#2789) 2021-06-14 18:22:01 +02:00
2126-consul_kv-pass-token.yml Wire token param into consul_api #2124 (#2126) 2021-06-05 22:38:42 +02:00
2284-influxdb_retention_policy-fix_duration_parsing.yml influxdb_retention_policy: fix duration parsing to support INF values (#2396) 2021-05-01 14:19:05 +02:00
2323-groupby_as_dict-filter.yml Add groupby_as_dict filter (#2323) 2021-05-13 21:49:57 +02:00
2334-redfish_config-skip-incorrect-attributes.yml modified redfish_config and idrac_redfish_config to skip incorrect attributes (#2334) 2021-05-11 19:30:09 +02:00
2337-mark-inventory-scripts-executable.yml Make inventory scripts executable (#2337) 2021-04-26 21:24:26 +02:00
2348-composer-no-interaction-option-discovery-to-avoid-hang.yaml composer: --no-interaction when discovering available options (#2348) 2021-05-01 18:23:14 +02:00
2355-spotinst_aws_elastigroup-list-elements.yml spotinst_aws_elastigroup - fixed elements for many lists (#2355) 2021-04-27 13:18:29 +02:00
2364-influxdb_user-first_user.yml influxdb_user: allow creation of first user with auth enabled (#2364) (#2368) 2021-05-17 21:00:35 +02:00
2369-lvol_size_bug_fixes.yml lvol - bug fix - Convert units to lowercase when using LVS or VGS command (#2369) 2021-05-03 21:25:52 +02:00
2373-svr4pkg-fix-typeerror.yml Fix #2373 - TypeError: a bytes-like object is required, not 'str' (#2375) 2021-05-03 07:25:08 +02:00
2383-influxdb_retention_policy-add-state-option.yml influxdb_retention_policy - add state argument to module spec (#2383) (#2385) 2021-05-12 17:33:27 +02:00
2393-module_helper-breakdown.yml module_helper.py Breakdown (#2393) 2021-05-11 19:31:10 +02:00
2407-puppet-change_stdout_to_console.yaml puppet - replace stdout with console in logdest option (#2407) 2021-05-03 07:26:47 +02:00
2409-nmcli_add_slave-type_bridge_to_nmcli_command_if_type_is_bridge-slave.yml nmcli: Add 'slave-type bridge' to nmcli command if type is bridge-slave (#2409) 2021-05-03 07:27:56 +02:00
2410-linode-improvements.yml linode - docs/validation changes + minor refactorings (#2410) 2021-05-12 17:37:31 +02:00
2411-snap-revamp-enabled-disabled-states.yml snap - revamp + implementing enabled/disabled states (#2411) 2021-05-17 14:03:15 +02:00
2416-nmcli_compare_mac_addresses_case_insensitively.yml nmcli: Compare MAC addresses case insensitively (#2416) 2021-05-03 07:28:53 +02:00
2417-nmcli_remove_dead_code.yml nmcli: Remove dead code, 'options' never contains keys from 'param_alias' (#2417) 2021-05-11 19:35:30 +02:00
2430-linodev4-error-message.yml linode_v4 - fixed error message (#2430) 2021-05-03 13:27:16 +02:00
2435-one_vm-fix_missing_keys.yml OpenNebula one_vm.py: Fix missing keys (#2435) 2021-05-04 12:21:55 +02:00
2448-stackpath_compute-fix.yml fix stackpath_compute validate_config (#2448) 2021-05-09 22:25:00 +02:00
2450-gitlab_user-add_expires_at_option.yaml gitlab_user: add expires_at option (#2450) 2021-05-14 10:00:59 +02:00
2454-detect_zfs_changed.yml Avoid incorrectly marking zfs tasks as changed (#2454) 2021-05-10 17:55:19 +02:00
2461-ovirt4-fix-configparser.yml ovir4 inventory script (#2461) 2021-05-22 13:34:19 +02:00
2472_filesystem_module_revamp.yml filesystem: revamp module (#2472) 2021-05-18 06:46:45 +02:00
2485-java_keystore-ssl_backend-parameter.yml java_keystore: New ssl_backend option for cryptography (#2485) 2021-05-14 22:31:44 +02:00
2499-influxdb_user-fix-multiple-no-privileges.yml Update influxdb_user.py Fixed Multiple No Privileges (#2499) 2021-05-17 07:33:40 +02:00
2500-passwordstore-add_option_ignore_missing.yml Add option missing to passwordstore lookup (#2500) 2021-05-17 13:50:40 +02:00
2510-jenkins_plugin_use_post_method.yml jenkins_plugin: HTTP Error 405: Method Not Allowed on disable/enable plugin #2510 (#2511) 2021-05-26 07:00:53 +02:00
2514-mh-improved-changed.yml ModuleHelper - better mechanism for customizing "changed" behaviour (#2514) 2021-05-17 20:28:21 +02:00
2516_fix_2515_keystore_type_jks.yml java_keystore: fix keystore type (#2516) 2021-06-27 14:56:43 +02:00
2517-cmd-params-from-vars.yml ModuleHelper - cmd params now taken from self.vars instead of self.module.params (#2517) 2021-05-17 22:44:00 +02:00
2518-nmap-fix-cache-disabled.yml fix error when cache is disabled (#2518) 2021-05-17 07:35:15 +02:00
2520-connection-refactors.yml Cleanup connections plugins (#2520) 2021-05-16 13:24:37 +02:00
2521-flatpak-list.yml flatpak - allow to add/remove multiple flatpaks at once (#2521) 2021-06-17 08:00:49 +02:00
2524-pacman_add_bin_option.yml pacman: add 'executable' option to use an alternative pacman binary (#2524) 2021-05-18 12:59:11 +02:00
2525-iptables_state-fix-initialization-command.yml iptables_state: fix per-table initialization command (#2525) 2021-05-18 11:51:37 +02:00
2526-java_keystore-password-via-stdin.yml java_keystore: pass in secret to keytool via stdin (#2526) 2021-05-17 20:05:24 +02:00
2540-zfs-delegate-choices.yml zfs_delegate_admin: drop choices from permissions (#2540) 2021-05-17 18:55:00 +02:00
2556-add-comment_visibility-parameter-for-comment-operation-of-jira-module.yml Add comment_visibility parameter for comment operation for jira module (#2556) 2021-05-20 22:06:00 +02:00
2557-cloud-misc-refactor.yml minor refactors on plugins/modules/cloud/misc (#2557) 2021-05-27 19:13:21 +02:00
2560-java_cert-pkcs12-alias-bugfix.yml java_cert - fix incorrect certificate alias on pkcs12 import (#2560) 2021-05-22 13:33:27 +02:00
2564-mh-cmd-process-output.yml ModuleHelper: CmdMixin custom function for processing cmd results (#2564) 2021-05-20 19:43:16 +02:00
2568-ssh_config-reduce-stormssh-searches-based-on-host.yml Reduce stormssh searches based on host (#2568) 2021-06-05 14:53:02 +02:00
2571-rhsm_release-fix-release_matcher.yaml rhsm_release: Fix the issue that rhsm_release module considers 8, 7Client and 7Workstation as invalid releases (#2571) 2021-05-24 21:59:52 +02:00
2573-terraform-overwrite-init.yml Terraform overwrite init (#2573) 2021-05-27 19:03:39 +02:00
2578-ini-file-utf8-bom.yml ini_file - opening file as utf-8-sig (#2578) 2021-05-22 22:20:37 +02:00
2579-redis-cache-ipv6.yml redis cache - better parsing of connection uri (#2579) 2021-05-26 07:07:09 +02:00
2590-netcup_dns-exception-no-message-attr.yml Use str() to get exception message (#2590) 2021-05-25 12:58:20 +02:00
2614-influxdb_user-fix-issue-introduced-in-PR#2499.yml influxdb_user: Fix bug introduced by PR 2499 (#2614) 2021-05-27 08:01:28 +02:00
2616-archive-exclusion_patterns-option.yml archive - Adding exclusion_patterns option (#2616) 2021-05-31 07:51:29 +02:00
2632-cleanup.yml meta/runtime.yml and __init__.py cleanup (#2632) 2021-05-27 18:49:26 +02:00
2634-terraform-switch-workspace.yml Terraform: ensure workspace is reset to current value (#2634) 2021-06-04 19:12:29 +02:00
2635-nmcli-add-ignore-auto-arguments.yml nmcli: new arguments to ignore automatic dns servers and gateways (#2635) 2021-06-01 22:04:09 +02:00
2648-proxmox_kvm-fix-vmid-return-value.yml proxmox_kvm - Fixed vmid result when VM with name exists (#2648) 2021-05-29 09:00:12 +02:00
2650-composer-add_composer_executable.yml composer: add composer_executable (#2650) 2021-05-28 12:49:29 +02:00
2661-maven_artifact-add-sha1-option.yml Added SHA1 option to maven_artifact (#2662) 2021-06-01 22:06:26 +02:00
2671-fix-broken-query-of-async_status-result.yml iptables_state: fix broken query of async_status result (#2671) 2021-05-29 10:50:24 +02:00
2681-stacki-host-bugfix.yml Bugfix + sanity checks for stacki_host (#2681) 2021-06-07 07:58:26 +02:00
2684-open_iscsi-single-target-multiple-portal-overrides.yml open_iscsi: allow same target selected portals login and override (#2684) 2021-06-05 22:40:49 +02:00
2691-gitlab_user-support-identity-provider.yml gitlab_user: add support for identity provider (#2691) 2021-06-21 21:32:07 +02:00
2711-fix-iptables_state-2700-async_status-call.yml iptables_state: fix async status call (-> action plugin) (#2711) 2021-06-06 08:20:52 +02:00
2722-zypper_repository-fix_idempotency_on_adding_repo_with_releasever.yml zypper_repository: fix idempotency on adding repo with releasever and basearch variables (#2722) 2021-06-08 08:23:32 +02:00
2731-mh-cmd-locale.yml ModuleHelper - also uses LC_ALL to force language (#2731) 2021-06-07 13:06:23 +02:00
2732-nmcli_add_options.yml Nmcli add options (#2732) 2021-06-19 14:42:05 +02:00
2735-onepassword-add_domain_option.yml Add domain option to onepassword lookup (#2735) 2021-06-08 11:41:21 +02:00
2751-flatpak-no_dependencies.yml flatpak: add tests in CI, add no_dependencies parameter (#2751) 2021-06-08 08:46:20 +02:00
2771-scaleway_inventory_json_accept_byte_array.yml [scaleway inventory] Fix JSON object must be str, not 'bytes' (#2771) 2021-06-11 13:05:29 +02:00
2774-datadog_event_api_parameter.yml datadog_event : Adding api_host as an optional parameter (#2775) 2021-06-17 19:05:35 +02:00
2779_redhat_subscription-add_server_prefix_and_server_port.yml redhat_subscription: Add server_prefix and server_port as supported arguments (#2779) 2021-06-16 11:31:54 +04:30
2787-yum_versionlock-fix_idempotency_when_using_wildcard.yml yum_versionlock: fix idempotency when using wildcard (asterisk) (#2787) 2021-06-27 16:40:49 +02:00
2790-callback_splunk-batch-option.yml callback_splunk - Add user-configurable event correlation id (#2790) 2021-06-16 22:28:09 +04:30
2816-archive-refactor.yml archive - refactor and bugfix (#2816) 2021-06-24 13:33:10 +02:00
2821-ipa_sudorule.yml fix sudorule_add_allow_command_group (#2821) 2021-06-17 19:08:42 +02:00
2824-gitlab_project-project-under-user.yml gitlab_project - Add ability to create project under a user (#2824) 2021-06-27 18:39:41 +04:30
2827-nmcli_fix_team_slave.yml [nmcli] add connection.slave-type for teamed devices (#2827) 2021-06-28 20:46:44 +02:00
2830-npm-version-update.yml npm - fix updating version specific modules (#2830) 2021-06-18 22:08:46 +02:00
2841-proxmox_kvm_zfs_devstr.yml proxmox_kvm: Fix ZFS device string parsing (#2841) 2021-06-20 12:42:19 +02:00
2843-modprobe-failure-conditions.yml modprobe - fix task status when module cannot be loaded (#2843) 2021-06-26 23:27:41 +12:00
2844-ali_instance_info-deprecate-params.yml ali_instance_info - marked parameters for deprecation in c.g. 5.0.0 (#2844) 2021-06-20 13:17:58 +02:00
2845-serverless-deprecate-functions-param.yml serverless - deprecating unused param (#2845) 2021-06-20 13:07:45 +02:00
2850-jenkins_build-support-stop-jenkins-build.yml jenkins_build: Support stop a running Jenkins build (#2850) 2021-06-23 23:29:50 +02:00
2867-redis-terminology.yml Redis: slave -> replica (#2867) 2021-06-24 22:33:29 +02:00
2874-terraform-check-destroy.yml terraform - added check_destroy (#2874) 2021-06-27 12:38:04 +02:00
2875-ini_file-unicode.yml ini_file: fix regression reported in #2578 (#2875) 2021-06-27 10:00:01 +02:00
2878-validate-certs-bool.yml Add option type validation. (#2878) 2021-06-27 09:57:51 +02:00
2881-gitlab_project-fix_workspace_user.yaml Fix/gitlab project user workspace (#2881) 2021-06-27 16:31:06 +04:30
2883-_mount-fixed-sanity-checks.yml _mount module utils - fixed sanity checks (#2883) 2021-06-27 09:39:08 +02:00
2901-nmcli_teaming.yml [nmcli] add runner and runner-hwaddr-policy for network teaming (#2901) 2021-07-14 08:24:27 +02:00
2902-filesystem_extend_freebsd_support.yml filesystem: extend support for FreeBSD (#2902) 2021-07-10 16:37:31 +02:00
2904-fix-bug-when-2-identical-executions-in-same-auth-flow.yml Fix bug when 2 identical executions in same auth flow (#2904) 2021-06-30 15:01:17 +02:00
2912-snap-module-helper.yml Fix snap module, and module helper behavior on rc != 0 in output (#2912) 2021-07-01 18:53:48 +02:00
2913-archive-dest_state.yml archive - adding dest_state return value and enhancing integration tests. (#2913) 2021-07-10 12:58:30 +02:00
2918-snap-param-order.yml snap - fixed param order (#2918) 2021-07-03 16:31:30 +02:00
2922-mh-cmd-output-feature-flag.yml module_helper cmd - added feature flag to control whether CmdMixin adds rc, out and err t… (#2922) 2021-07-11 11:43:40 +12:00
2923-archive-remove-bugfix.yml archive - fix removal failures for nested files with tar archives (#2923) 2021-07-02 21:30:40 +02:00
2924-npm-fix-package-json.yml npm - fix installing from package.json (#2924) 2021-07-02 21:42:50 +02:00
2935-lvol-support_check_mode_thinpool.yml lvol: honor check_mode on thinpool (#2935) 2021-07-05 20:46:19 +02:00
2936-pacman-fix_changed_status_when_ignorepkg_has_been_defined.yml pacman: fix changed status when ignorepkg has been defined (#2936) 2021-07-06 22:06:36 +02:00
2946-python-dnsimple-v2-rewrite.yml dnsimple update for python-dnsimple >=2.0.0 (#2946) 2021-08-04 08:36:45 +02:00
2948-jenkins_job_info-remove_necessities_on_password_or_token.yml jenkins_job_info: Remove necessities of password or token. (#2948) 2021-07-09 08:32:46 +02:00
2949-add_authentication-flow-binding_keycloak-client.yml Add option to the keycloak_client module (#2949) 2021-07-09 08:33:35 +02:00
2951-mh-vars-deepcopy.yml MH - dicts and lists change-tracking is fixed (#2951) 2021-07-08 07:20:01 +02:00
2955-rax_mon_notification_plan-added-elements-to-list-params.yaml rax_mon_notification_plan - fixed validation check (#2955) 2021-07-10 13:05:20 +02:00
2958-datadog_monitor_support_composites.yml feat: support datadog_monitor composite type (#2958) 2021-07-10 19:24:09 +02:00
2960-launchd-validation-check.yaml launchd - fixed validation check (#2960) 2021-07-10 13:03:41 +02:00
2963-improve-diff-mode-on-keycloak_authentication.yml Keycloak: Improve diff mode on keycloak_authentication module (#2963) 2021-07-13 06:57:16 +02:00
2967-proxmox_inventory-offline-node-fix.yml proxmox inventory - fix parsing for offline nodes (#2967) 2021-07-10 16:39:51 +02:00
2987-archive-stage-idempotency-fix.yml archive - staging idempotency fix (#2987) 2021-07-19 08:14:23 +02:00
2989-pamd-single-line.yaml pamd - fixed single line issue (#2989) 2021-07-14 13:04:35 +02:00
3001-enhance_gitlab_module.yml Feature/gitlab project configuration (#3002) 2021-07-19 11:52:32 +02:00
3006-redfish_command-bootoverride-argument-check.yaml Redfish Bootoverride Disable behaves incorrectly (#3006) 2021-07-16 19:02:34 +02:00
3028-snap-channel.yml Fix snap's channel option. (#3028) 2021-07-19 13:36:59 +12:00
3034-promox-kvm-return-new-id.yaml Succesful clone from proxmox_kvm should return new vm id, not id from cloned vm. (#3034) 2021-07-26 06:33:01 +02:00
3036-archive-root-path-fix.yml archive - fixing determination of archive root when root is '/' (#3036) 2021-07-24 22:10:56 +02:00
3038-enhance_github_repo_api_url.yml github_repo: support GitHub on premise installations (#3039) 2021-07-22 16:55:09 +02:00
3041-fix_gitlab_group_members_gitlab_project_mambers.yml gitlab_group_members/gitlab_project_members - fix pagination issue (#3054) 2021-07-24 21:13:09 +02:00
3044-proxmox-inventory-snapshots.yml Proxmox inventory: Added snapshots fact (#3044) 2021-07-22 22:55:07 +02:00
3049-xfconf-deprecate-get.yaml xfconf - deprecate get state in favour of the xfconf_info module (#3049) 2021-07-25 11:14:30 +02:00
3052_proxmox_inventory_plugin.yml proxmox inventory plugin: Easy fix (#3052) 2021-07-24 20:40:08 +02:00
3067-taiga-bugfix.yaml taiga_issue - bugfix + pythonification (#3067) 2021-07-25 22:03:45 +02:00
3068-supervisorctl-bugfix.yaml supervisorctl - bugfix + using ansible validation + pythonification (#3068) 2021-07-25 22:04:23 +02:00
3074-ini_file-3031-empty-value-inconsistency.yml ini_file: fix empty-value vs. no-value inconsistency (#3074) 2021-08-08 18:34:34 +02:00
3079-report-power-state-hpilo.yaml Feature: implement hpilo_info system power info (#3079) 2021-07-31 17:43:45 +12:00
3080-java_cert-2460-import_private_key.yml java_cert: import certificate+key bundle from pkcs12 (#3080) 2021-07-26 11:42:13 +02:00
3081-add-wifi-option-to-nmcli-module.yml nmcli: Add support for additional Wi-Fi network options (#3081) 2021-08-04 08:16:11 +02:00
3084-info-checkmode.yaml added supports_check_mode=True to info/facts modules (#3084) 2021-07-27 18:24:29 +02:00
3092-gunicorn-refactor.yaml gunicorn - minor refactoring (#3092) 2021-07-28 08:43:09 +02:00
3093-ejabberd_user-refactor.yaml ejabberd_user - refactoring and simplification (#3093) 2021-07-28 07:49:37 +02:00
3098-django_manage-cmd-list.yaml django_manage - using list instead of string in run_command() (#3098) 2021-07-28 08:22:18 +02:00
3104-deploy_helper-required_if.yaml deploy_helper - changed in-code condition to required_if (#3104) 2021-07-29 07:49:52 +02:00
3106-apache2_module-review.yaml apache2_module - multiple improvements (#3106) 2021-07-30 18:07:38 +02:00
3125-hana-query-userstore.yaml Hana query userstore (#3125) 2021-08-05 22:42:43 +02:00
3132-nmcli-dummy.yaml nmcli: manage dummy connections (#3132) 2021-08-05 14:25:42 +02:00
3135-add-redfish_command-bootoverridemode.yaml redfish_command: allow setting the BootSourceOverrideMode property (#3135) 2021-08-04 19:53:43 +02:00
3136-add-wifi-sec-change-detection-to-nmcli-module.yml nmcli: Fix change detection for Wi-Fi security options (#3136) 2021-08-07 15:20:44 +02:00
3139-tss-lookup-plugin-update-to-make-compatible-with-sdk-v1.yml Updated the tss lookup plugin to reflect breaking changes introduced in the underpinning SDK (#3139) 2021-08-05 19:28:32 +02:00
3160-pass-wifi-secrets-via-stdin-to-nmcli-module.yml nmcli: writing secrets to command line is a security hole (#3160) 2021-08-08 18:35:52 +02:00
ansible-core-_text.yml Replace ansible.module_utils._text by ansible.module_utils.common.text.converters (#2877) 2021-06-26 23:59:11 +02:00
gem_module_add_bindir_option.yml gem_module: Add bindir option (#2837) 2021-06-21 19:53:03 +12:00
ipaddress.yml Remove vendored ipaddress module. (#2441) 2021-05-05 12:31:01 +02:00
json_query_more_types.yml json_query, no more 'unknown type' errors (#2607) 2021-05-25 13:04:19 +02:00
keycloak-realm-no-log-password-reset.yml keycloak_realm.py: Mark 'reset_password_allowed' as no_log=False (#2694) 2021-06-03 21:42:05 +02:00
keycloak_realm_ssl_required.yml keycloak_realm.py: Fix the ssl_required parameter according to the API (#2693) 2021-06-03 21:44:54 +02:00
nios-deprecation.yml Deprecate nios content (#2458) 2021-05-13 21:50:40 +02:00
pkgin-output-after-error.yml pkgin: display stdout and stderr in case the error occurs (#3148) 2021-08-06 10:01:05 +02:00
remove-scripts.yml Remove inventory and vault scripts (#2696) 2021-06-19 15:06:58 +02:00