|
|
|
|
@ -126,7 +126,8 @@ def enforce_state(module, params):
|
|
|
|
|
# We will change state if found==True & state!="present"
|
|
|
|
|
# or found==False & state=="present"
|
|
|
|
|
# i.e found XOR (state=="present")
|
|
|
|
|
#Alternatively, if replace is true (i.e. key present, and we must change it)
|
|
|
|
|
# Alternatively, if replace is true (i.e. key present, and we must change
|
|
|
|
|
# it)
|
|
|
|
|
if module.check_mode:
|
|
|
|
|
module.exit_json(changed=replace_or_add or (state == "present") != found,
|
|
|
|
|
diff=params['diff'])
|
|
|
|
|
@ -147,8 +148,7 @@ def enforce_state(module, params):
|
|
|
|
|
if e.errno == errno.ENOENT:
|
|
|
|
|
inf = None
|
|
|
|
|
else:
|
|
|
|
|
module.fail_json(msg="Failed to read %s: %s" % \
|
|
|
|
|
(path,str(e)))
|
|
|
|
|
module.fail_json(msg="Failed to read %s: %s" % (path, str(e)))
|
|
|
|
|
try:
|
|
|
|
|
outf = tempfile.NamedTemporaryFile(mode='w+', dir=os.path.dirname(path))
|
|
|
|
|
if inf is not None:
|
|
|
|
|
@ -163,8 +163,7 @@ def enforce_state(module, params):
|
|
|
|
|
module.atomic_move(outf.name, path)
|
|
|
|
|
except (IOError, OSError):
|
|
|
|
|
e = get_exception()
|
|
|
|
|
module.fail_json(msg="Failed to write to file %s: %s" % \
|
|
|
|
|
(path,str(e)))
|
|
|
|
|
module.fail_json(msg="Failed to write to file %s: %s" % (path, str(e)))
|
|
|
|
|
|
|
|
|
|
try:
|
|
|
|
|
outf.close()
|
|
|
|
|
@ -175,6 +174,7 @@ def enforce_state(module, params):
|
|
|
|
|
|
|
|
|
|
return params
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def sanity_check(module, host, key, sshkeygen):
|
|
|
|
|
'''Check supplied key is sensible
|
|
|
|
|
|
|
|
|
|
@ -198,11 +198,11 @@ def sanity_check(module,host,key,sshkeygen):
|
|
|
|
|
outf.flush()
|
|
|
|
|
except IOError:
|
|
|
|
|
e = get_exception()
|
|
|
|
|
module.fail_json(msg="Failed to write to temporary file %s: %s" % \
|
|
|
|
|
module.fail_json(msg="Failed to write to temporary file %s: %s" %
|
|
|
|
|
(outf.name, str(e)))
|
|
|
|
|
rc,stdout,stderr=module.run_command([sshkeygen,'-F',host,
|
|
|
|
|
'-f',outf.name],
|
|
|
|
|
check_rc=True)
|
|
|
|
|
|
|
|
|
|
sshkeygen_command = [sshkeygen, '-F', host, '-f', outf.name]
|
|
|
|
|
rc, stdout, stderr = module.run_command(sshkeygen_command, check_rc=True)
|
|
|
|
|
try:
|
|
|
|
|
outf.close()
|
|
|
|
|
except:
|
|
|
|
|
@ -211,6 +211,7 @@ def sanity_check(module,host,key,sshkeygen):
|
|
|
|
|
if stdout == '': # host not found
|
|
|
|
|
module.fail_json(msg="Host parameter does not match hashed host field in supplied key")
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def search_for_host_key(module, host, key, hash_host, path, sshkeygen):
|
|
|
|
|
'''search_for_host_key(module,host,key,path,sshkeygen) -> (found,replace_or_add,found_line)
|
|
|
|
|
|
|
|
|
|
@ -229,8 +230,7 @@ def search_for_host_key(module, host, key, hash_host, path, sshkeygen):
|
|
|
|
|
|
|
|
|
|
# openssh >=6.4 has changed ssh-keygen behaviour such that it returns
|
|
|
|
|
# 1 if no host is found, whereas previously it returned 0
|
|
|
|
|
rc,stdout,stderr=module.run_command(sshkeygen_command,
|
|
|
|
|
check_rc = False)
|
|
|
|
|
rc, stdout, stderr = module.run_command(sshkeygen_command, check_rc=False)
|
|
|
|
|
if stdout == '' and stderr == '' and (rc == 0 or rc == 1):
|
|
|
|
|
return False, False, None, key # host not found, no other errors
|
|
|
|
|
if rc != 0: # something went wrong
|
|
|
|
|
@ -275,6 +275,7 @@ def search_for_host_key(module, host, key, hash_host, path, sshkeygen):
|
|
|
|
|
# No match found, return found and replace, but no line
|
|
|
|
|
return True, True, None, key
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def normalize_known_hosts_key(key):
|
|
|
|
|
'''
|
|
|
|
|
Transform a key, either taken from a known_host file or provided by the
|
|
|
|
|
@ -299,6 +300,7 @@ def normalize_known_hosts_key(key):
|
|
|
|
|
d['key'] = k[2]
|
|
|
|
|
return d
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def compute_diff(path, found_line, replace_or_add, state, key):
|
|
|
|
|
diff = {
|
|
|
|
|
'before_header': path,
|
|
|
|
|
@ -323,6 +325,7 @@ def compute_diff(path, found_line, replace_or_add, state, key):
|
|
|
|
|
diff['after'] = ''.join(lines)
|
|
|
|
|
return diff
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def main():
|
|
|
|
|
|
|
|
|
|
module = AnsibleModule(
|
|
|
|
|
|
Abhijeet Kasurde
9 years ago
committed by