mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
97c72f88b7
* Use visudo to validate sudoers rules before use
* Replace use of subprocess.Popen with module.run_command
* Switch out apt for package
* Check file mode when verifying file to determine whether something needs to change
* Only install sudo package for debian and redhat environments (when testing)
* Attempt to install sudo on FreeBSD too
* Try just installing sudo for non-darwin machines
* Don't validate file ownership
* Attempt to install sudo on all platforms
* Revert "Attempt to install sudo on all platforms"
This reverts commit b9562a8916.
* Remove file permissions changes from this PR
* Add changelog fragment for 4794 sudoers validation
* Add option to control when sudoers validation is used
* Update changelog fragment
Co-authored-by: Felix Fontein <felix@fontein.de>
* Add version_added to validation property
Co-authored-by: Felix Fontein <felix@fontein.de>
* Also validate failed sudoers validation error message
Co-authored-by: Felix Fontein <felix@fontein.de>
* Make visudo not executable instead of trying to delete it
* Update edge case validation
* Write invalid sudoers file to alternative path to avoid breaking sudo
* Don't try to remove or otherwise modify visudo on Darwin
* Update plugins/modules/system/sudoers.py
Co-authored-by: Felix Fontein <felix@fontein.de>
* Remove trailing extra empty line to appease sanity checker
Co-authored-by: Felix Fontein <felix@fontein.de>
2 lines
279 B
YAML
2 lines
279 B
YAML
minor_changes:
|
|
- sudoers - will attempt to validate the proposed sudoers rule using visudo if available, optionally skipped, or required (https://github.com/ansible-collections/community.general/pull/4794, https://github.com/ansible-collections/community.general/issues/4745).
|