From cb9059b250b0df71f95bbbbc8a5912fe805e7731 Mon Sep 17 00:00:00 2001 From: Michael DeHaan Date: Wed, 12 Mar 2014 16:44:03 -0400 Subject: [PATCH] Various commits to enable no-shell or safe-shell usage, more to come. --- packaging/apt_repository | 5 ++++- packaging/cpanm | 29 +++++++++++++++-------------- packaging/gem | 2 +- packaging/macports | 6 ++++-- packaging/opkg | 3 ++- packaging/pacman | 6 +++--- 6 files changed, 29 insertions(+), 22 deletions(-) diff --git a/packaging/apt_repository b/packaging/apt_repository index 4587d90ba78..7a19dabc167 100644 --- a/packaging/apt_repository +++ b/packaging/apt_repository @@ -352,7 +352,10 @@ def get_add_ppa_signing_key_callback(module): def _run_command(command): module.run_command(command, check_rc=True) - return _run_command if not module.check_mode else None + if module.check_mode: + return _run_command + else: + return None def main(): diff --git a/packaging/cpanm b/packaging/cpanm index 5f5ae98022f..1c73d2727c8 100644 --- a/packaging/cpanm +++ b/packaging/cpanm @@ -72,14 +72,17 @@ author: Franck Cuny def _is_package_installed(module, name, locallib, cpanm): cmd = "" if locallib: - cmd = "PERL5LIB={locallib}/lib/perl5".format(locallib=locallib) - cmd = "{cmd} perl -M{name} -e '1'".format(cmd=cmd, name=name) + os.environ["PERL5LIB"] = "%s/lib/perl5" % locallib + cmd = "%s perl -M%s -e '1'" % (cmd, name) res, stdout, stderr = module.run_command(cmd, check_rc=False) - installed = True if res == 0 else False - return installed - + if res == 0 + return True + else + return False def _build_cmd_line(name, from_path, notest, locallib, mirror, cpanm): + # this code should use "%s" like everything else and just return early but not fixing all of it now. + # don't copy stuff like this if from_path: cmd = "{cpanm} {path}".format(cpanm=cpanm, path=from_path) else: @@ -111,21 +114,20 @@ def main(): required_one_of=[['name', 'from_path']], ) - cpanm = module.get_bin_path('cpanm', True) - - name = module.params['name'] + cpanm = module.get_bin_path('cpanm', True) + name = module.params['name'] from_path = module.params['from_path'] - notest = module.boolean(module.params.get('notest', False)) - locallib = module.params['locallib'] - mirror = module.params['mirror'] + notest = module.boolean(module.params.get('notest', False)) + locallib = module.params['locallib'] + mirror = module.params['mirror'] - changed = False + changed = False installed = _is_package_installed(module, name, locallib, cpanm) if not installed: out_cpanm = err_cpanm = '' - cmd = _build_cmd_line(name, from_path, notest, locallib, mirror, cpanm) + cmd = _build_cmd_line(name, from_path, notest, locallib, mirror, cpanm) rc_cpanm, out_cpanm, err_cpanm = module.run_command(cmd, check_rc=False) @@ -137,7 +139,6 @@ def main(): module.exit_json(changed=changed, binary=cpanm, name=name) - # import module snippets from ansible.module_utils.basic import * diff --git a/packaging/gem b/packaging/gem index 25fc337e14e..079711fecfe 100644 --- a/packaging/gem +++ b/packaging/gem @@ -89,7 +89,7 @@ def get_rubygems_path(module): return module.get_bin_path('gem', True) def get_rubygems_version(module): - cmd = [get_rubygems_path(module), '--version'] + cmd = [ get_rubygems_path(module), '--version' ] (rc, out, err) = module.run_command(cmd, check_rc=True) match = re.match(r'^(\d+)\.(\d+)\.(\d+)', out) diff --git a/packaging/macports b/packaging/macports index b58224b63fe..ae7010b1cbd 100644 --- a/packaging/macports +++ b/packaging/macports @@ -53,6 +53,7 @@ EXAMPLES = ''' - macports: name=foo state=inactive ''' +import pipes def update_package_db(module, port_path): """ Updates packages list. """ @@ -68,7 +69,7 @@ def query_package(module, port_path, name, state="present"): if state == "present": - rc, out, err = module.run_command("%s installed | grep -q ^.*%s" % (port_path, name)) + rc, out, err = module.run_command("%s installed | grep -q ^.*%s" % (pipes.quote(port_path), pipes.quote(name)), use_unsafe_shell=True) if rc == 0: return True @@ -76,7 +77,8 @@ def query_package(module, port_path, name, state="present"): elif state == "active": - rc, out, err = module.run_command("%s installed %s | grep -q active" % (port_path, name)) + rc, out, err = module.run_command("%s installed %s | grep -q active" % (pipes.quote(port_path), pipes.quote(name)), use_unsafe_shell=True) + if rc == 0: return True diff --git a/packaging/opkg b/packaging/opkg index 4a834cf1a39..0187abe56a8 100644 --- a/packaging/opkg +++ b/packaging/opkg @@ -51,6 +51,7 @@ EXAMPLES = ''' - opkg: name=foo,bar state=absent ''' +import pipes def update_package_db(module, opkg_path): """ Updates packages list. """ @@ -66,7 +67,7 @@ def query_package(module, opkg_path, name, state="present"): if state == "present": - rc, out, err = module.run_command("%s list-installed | grep -q ^%s" % (opkg_path, name)) + rc, out, err = module.run_command("%s list-installed | grep -q ^%s" % (pipes.quote(opkg_path), pipes.quote(name)), use_unsafe_shell=True) if rc == 0: return True diff --git a/packaging/pacman b/packaging/pacman index a4a24ca5fd1..46b7f4c755f 100644 --- a/packaging/pacman +++ b/packaging/pacman @@ -100,7 +100,7 @@ def query_package(module, name, state="installed"): def update_package_db(module): - cmd = "pacman -Syy > /dev/null" + cmd = "pacman -Syy" rc, stdout, stderr = module.run_command(cmd, check_rc=False) if rc != 0: @@ -120,7 +120,7 @@ def remove_packages(module, packages): if not query_package(module, package): continue - cmd = "pacman -%s %s --noconfirm > /dev/null" % (args, package) + cmd = "pacman -%s %s --noconfirm" % (args, package) rc, stdout, stderr = module.run_command(cmd, check_rc=False) if rc != 0: @@ -148,7 +148,7 @@ def install_packages(module, packages, package_files): else: params = '-S %s' % package - cmd = "pacman %s --noconfirm > /dev/null" % (params) + cmd = "pacman %s --noconfirm" % (params) rc, stdout, stderr = module.run_command(cmd, check_rc=False) if rc != 0: