From 898a38b074f2561d19059315030b2b5da68a4f34 Mon Sep 17 00:00:00 2001 From: Till Maas Date: Thu, 20 Mar 2014 11:12:58 +0100 Subject: [PATCH] module_utils/atomic_move(): Use tempfile module Fix a potential race condition by using the tempfile module. --- lib/ansible/module_utils/basic.py | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/lib/ansible/module_utils/basic.py b/lib/ansible/module_utils/basic.py index c589f92612a..e8e983e3057 100644 --- a/lib/ansible/module_utils/basic.py +++ b/lib/ansible/module_utils/basic.py @@ -55,6 +55,7 @@ import types import time import shutil import stat +import tempfile import traceback import grp import pwd @@ -972,24 +973,25 @@ class AnsibleModule(object): dest_dir = os.path.dirname(dest) dest_file = os.path.basename(dest) - tmp_dest = "%s/.%s.%s.%s" % (dest_dir,dest_file,os.getpid(),time.time()) + tmp_dest = tempfile.NamedTemporaryFile( + prefix=".ansible_tmp", dir=dest_dir, suffix=dest_file) try: # leaves tmp file behind when sudo and not root if os.getenv("SUDO_USER") and os.getuid() != 0: # cleanup will happen by 'rm' of tempdir # copy2 will preserve some metadata - shutil.copy2(src, tmp_dest) + shutil.copy2(src, tmp_dest.name) else: - shutil.move(src, tmp_dest) + shutil.move(src, tmp_dest.name) if self.selinux_enabled(): self.set_context_if_different( - tmp_dest, context, False) + tmp_dest.name, context, False) # Reset owners, they are not preserved by shutil.copy2(), which # is what shutil.move() falls back to. - os.chown(tmp_dest, st.st_uid, st.st_gid) - os.rename(tmp_dest, dest) + os.chown(tmp_dest.name, st.st_uid, st.st_gid) + os.rename(tmp_dest.name, dest) except (shutil.Error, OSError, IOError), e: - self.cleanup(tmp_dest) + self.cleanup(tmp_dest.name) self.fail_json(msg='Could not replace file: %s to %s: %s' % (src, dest, e)) if self.selinux_enabled():