1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
community.general/plugins
patchback[bot] d0b39271b3
Sudoers validate (#4794) (#4866)
* Use visudo to validate sudoers rules before use

* Replace use of subprocess.Popen with module.run_command

* Switch out apt for package

* Check file mode when verifying file to determine whether something needs to change

* Only install sudo package for debian and redhat environments (when testing)

* Attempt to install sudo on FreeBSD too

* Try just installing sudo for non-darwin machines

* Don't validate file ownership

* Attempt to install sudo on all platforms

* Revert "Attempt to install sudo on all platforms"

This reverts commit b9562a8916.

* Remove file permissions changes from this PR

* Add changelog fragment for 4794 sudoers validation

* Add option to control when sudoers validation is used

* Update changelog fragment

Co-authored-by: Felix Fontein <felix@fontein.de>

* Add version_added to validation property

Co-authored-by: Felix Fontein <felix@fontein.de>

* Also validate failed sudoers validation error message

Co-authored-by: Felix Fontein <felix@fontein.de>

* Make visudo not executable instead of trying to delete it

* Update edge case validation

* Write invalid sudoers file to alternative path to avoid breaking sudo

* Don't try to remove or otherwise modify visudo on Darwin

* Update plugins/modules/system/sudoers.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Remove trailing extra empty line to appease sanity checker

Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 97c72f88b7)

Co-authored-by: Jon Ellis <ellis.jp@gmail.com>
2022-06-21 12:52:21 +02:00
..
action/system Replace symlinks with meta/runtime.yml redirects. (#4562) 2022-04-26 20:33:13 +02:00
become Update BOTMETA, fix some plugin authors, improve BOTMETA extra sanity test (#3069) 2021-07-26 11:44:41 +02:00
cache [5.0.0] Remove Ansible 2.9 / ansible-base 2.10 compatibility code (#4548) 2022-04-26 11:51:01 +02:00
callback Clarify ansible_pre_command_output (#4636) 2022-05-08 08:45:55 +02:00
connection Get rid of distutils.spawn and distutils.util (#3934) 2022-01-04 06:56:28 +01:00
doc_fragments Add simplified_bsd.txt license file (#4759) (#4761) 2022-06-02 08:01:53 +02:00
filter Rename single-filter plugins so that the filename equals the filter name. (#4625) 2022-05-05 08:03:49 +02:00
inventory Added conditional to only collect qmpstatus on qemu VMs (#4816) (#4817) 2022-06-11 13:55:15 +02:00
lookup passwordstore: Make compatible with shims (#4780) (#4846) 2022-06-15 10:57:52 +02:00
module_utils redfish_command: VirtualMediaInsert does not work with Supermicro (#4839) (#4863) 2022-06-20 19:29:52 +02:00
modules Sudoers validate (#4794) (#4866) 2022-06-21 12:52:21 +02:00
test Document all filter and test plugins (#4597) 2022-05-02 07:25:45 +02:00