* update ActionBase._low_level_execute_command to honor executable
* adding changelog fragment
* renaming changelog fragment to .yml
* noop change to bump shippable
* adding raw_executable integration test
* copying aliases from raw
* removing blank lines
* skipping aix and freebsd
* noop to bump shippable
* moving tests to raw/
* removing become_method: sudo ; it doesn't work on AIX
* removing trailing blank line
* forcing become_method: su to try to get AIX to work
Co-authored-by: Rob Wagner <rob.wagner@sas.com>
(cherry picked from commit 977b58740b)
* Bugfix of 67377: postgresql_set converts value to uppercase if "mb" or "gb" or "tb" is in the value string
* fix CI
* add changelog
(cherry picked from commit 59bcc9f739)
* native types: literal_eval all the things (#68938)
With https://github.com/pallets/jinja/pull/1190 merged our short-circuit
is no longer valid (has it ever been?) as now data like ' True ' may go
through our ansible_native_concat function as opposed to going through
intermediate call to Jinja2's native_concat before. Now we need to always
send data through literal_eval to ensure native types are returned.
(cherry picked from commit acdc9eb76d)
* Fix tests
* Allow a collection role to call a standalone role by default. Fixes#69101
* tweaked changelog text
* Guard against NoneType
Co-authored-by: Matt Davis <nitzmahone@users.noreply.github.com>.
(cherry picked from commit da98fc267a)
Co-authored-by: Matt Martz <matt@sivel.net>
* Fix fileglob when using 'file*' vs 'stuff/file*'
when not having dir in glob, files/ subdir was being ignored.
* tests for fileglob
(cherry picked from commit d3cab602a5)
Backport of ansible-collections/community.general#189 to stable-2.9
Currently the redfish_config module will convert boolean bios_attribute_value
settings to strings (type str). This will cause BMCs expecting booleans to
error out.
This PR will change the default type of bios_attribute_value to 'raw' in order
to support strings and booleans.
Fixes#68251
With collections migration, inventory scripts are moved from devel (2.10).
Point docs for inventory script to their respective version.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Fixed 'intersect' filter name in constructed inventory plugin example.
(cherry picked from commit 91d02e1c1f)
Co-authored-by: Kenyon Ralph <kenyon@kenyonralph.com>
Change:
We were only testing dnf on RHEL previously.
Test on CentOS 8 as well.
Test Plan:
Ran locally in docker.
Signed-off-by: Rick Elrod <rick@elrod.me>
Change:
Extend the logic for custom error handling in the dnf module, so that on
newer DNF (such as DNF that ships with modern Fedora 31 container
images, and ships with RHEL 8.2) we report errors consistently with
older DNF.
Test Plan:
Ran dnf integration tests against an old Fedora 31 container image and a
brand new Fedora 32 container image; tess passed on both.
Signed-off-by: Rick Elrod <rick@elrod.me>
This reverts commit 5f6427b1fc.
as it breaks netconf connection. This will be a temporary measure
for unlocking CI until a proper fix is shipped.
Fixes#69065
(cherry picked from commit 9217aeeac1)
Signed-off-by: Daniel Mellado <dmellado@redhat.com>
Change:
This corrects an incorrect CVE identifier in the changelog entry for
CVE-2020-1735.
Test Plan:
N/A
Tickets:
Refs #67793, #68720
Signed-off-by: Rick Elrod <rick@elrod.me>
* fixed fetch traversal from slurp
* ignore slurp result for dest
* fixed naming when source is relative
* fixed bug in local connection plugin
* added tests with fake slurp
* moved existing role tests into runme.sh
* normalized on action excepts
* moved dest transform down to when needed
* added is_subpath check
* fixed bug in local connection
fixes#67793
CVE-2019-3828
(cherry picked from commit ba87c225cd)
* when possible, use filedescriptors from mkstemp to avoid race
* when using path strings, ensure we are always creating the file
CVE-2020-1740
Fixes#67798
Co-authored-by: samdoran
(cherry picked from commit 28f9fbdb5e)
* Remove the params module option from ldap_attr and ldap_entry
Module options that circumvent Ansible's option handling were disallowed
in:
https://meetbot.fedoraproject.org/ansible-meeting/2017-09-28/ansible_dev_meeting.2017-09-28-15.00.log.html
Additionally, this particular usage can be insecure if bind_pw is set
this way as the password could end up in a logfile or displayed on
stdout.
Fixes CVE-2020-1746
(cherry picked from commit 0ff609f1bc)
* Fix formatting for option names
Co-Authored-By: Felix Fontein <felix@fontein.de>
* Fix fail_json
* fix indentation error
Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
- also only replace when needed
- switched from replace to index
- added test to verify bogus_facts are not accepted
CVE-2020-10684
(cherry picked from commit a9d2ceafe4)
* fix vault tmpe file handling
* use local temp dir instead of system temp
* ensure each worker clears dataloader temp files
* added test for dangling temp files
* added notes to data loader
CVE-2020-10685
(cherry picked from commit 6452a82452)
* support rabbitmq 3.8.x in version check (#66855)
* support rabbitmq 3.8.x in version check
* Removed extraneous white space
(cherry picked from commit 6b017db05b)
* Add changelog fragment.
Co-authored-by: bitchkat <kjh@flyballdogs.com>
Co-authored-by: Matt Clay <matt@mystile.com>
* subversion module - provide password securely with svn command line option --password-from-stdin when possible, and provide a warning otherwise.
* Update lib/ansible/modules/source_control/subversion.py.
* Add a test.
Co-authored-by: Sam Doran <sdoran@redhat.com>
(cherry picked from commit d91658ec0c)
* ansible-galaxy - Fix tar path traversal issue during install - CVE-2020-10691 (#68596)
(cherry picked from commit a20a527014)
* Remove extra tests missing from rebase
* [stable-2.9] Fix missing persistent connection messages (#68496)
* Be more proactive about returning module messages
* Move message display to a function, and replace handling already in shutdown().
(cherry picked from commit 5f6427b1fc)
Co-authored-by: Nathaniel Case <ncase@redhat.com>
* Add changelog
* Updated nxos_lacp tests to handle platforms not supporting lacp system mac command
* nxos_lacp: addressing comments
* nxos_lacp: Updating image tag search to include more tags
(cherry picked from commit 00193f27eb)
Add changelog for nxos_lacp fix
* Add CentOS 8 to the test matrix (#63649)
(cherry picked from commit 2a7623dd5c)
* Skip PostgreSQL tests on CentOS 8
The tests in devel have diverged significantly from what is in
stable-2.9. It is easiest to skip these test for CentOS 8 in this branch
since they are still being run in devel.
* Fix colorization to not extend across newline boundary
* Fix unit test to look for the newline outside the coloration
* Add changelog fragment
(cherry picked from commit 2068131589)
rwagnergit