Commit Graph

610 Commits (464203f71eb9156de7d5c25441c10608b9fcb987)

Author SHA1 Message Date
Veaceslav Mindru 430e3eeebd add vlidate_certs option for unarchive module (#2635) 9 years ago
Toshio Kuratomi 4a8a292793 bytearray isn't available in python2.4 (#3583)
* Detection of handler depends on the wrong handler failing to list the contents of the tarfile.

Use explicit compression types with the python tarfile library to
achieve that.

* bytearray isn't available in python2.4
9 years ago
Toshio Kuratomi 0ec3b06208 Detection of handler depends on the wrong handler failing to list the contents of the tarfile. (#3584)
Use explicit compression types with the python tarfile library to
achieve that.
9 years ago
Virgil Dupras 82aeaed45d unarchive: use Python's tarfile module for tar listing (#3575)
* unarchive: use Python's tarfile module for tar listing

fixes https://github.com/ansible/ansible/issues/11348

Depending on the current active locale, `tar`'s file listing can end up
spitting backslash-escaped characters. Unfortunately, when that happens,
we end up with double-escaped backslashes, giving us a wrong path,
making our action fail.

We could try un-double-escaping our paths, but that would be complicated
and, I think, error-prone. The easiest way forward seemed to simply use
the `tarfile` module.

Why use it only for listing? Because the `unarchive` option also
supports the `extra_opts` option, and that supporting this would require
us to mimick `tar`'s interface.

For listing files, however, I don't think that the loss of `extra_opts`
support causes problems (well, I hope so).

* unarchive: re-add xz decompression support

Following previous change to use Python's `tarfile` module for tar file
listing, we lost `xz` decompression support. This commits re-add it by
adding a special case in `TarXzArchive` that pre-decompresses the source
file.
9 years ago
Dag Wieers b11f4a51d1 Replace ansible_hostname with inventory_hostname (#3559)
This way these examples can be re-used using the ansible command (and don't require facts gathering).
9 years ago
Michael Scherer 0300b2add1 Remove old test on SELinux (#3510)
since all is done in modules_utils/basic.py, no need to make
the same test here, especially since that's unused later
9 years ago
Dag Wieers 983cdd00bc Making unarchive idempotent (#3307)
* WIP: Making unarchive idempotent

Currently unarchive is not idempotent and has many rough edges and bugs.
The current release is a workable improvement on many fronts:

- zip support is now idempotent (but gtar lacks check-mode)
- New option `exclude` to exclude specific paths/files
- New option `keep_newer` to exclude newer files on target
- New option `extra_opts` to influence unzip/gtar (like synchronize module)

The following items are still ongoing:

- Implement CRC32 support for .zip files
- Re-implement the zip support using native zipfile module
- Re-implement the gtar support using native tarfile/gzip/bz2 modules (lzma external)
- Implement check-mode (works in gzip, but fails using gtar)
- Implement diff-mode (discuss an appropriate output model, like synchronize module)

The re-implementation of unzip/gtar support using native python modules will not only simplify the codebase, additional functionality can be implemented correctly and identically, which is currently not possible. (Other archives could be implemented using native modules equally, incl. options)

* Assorted fixes to zip support (during quality checks)

- Support both rw---- and rwx--- permstr
- Better file type support (more qa needed)
- Symlink support
- Include fix from #3229

* Implement zip diff-mode (itemized change) and avoid changes permissions every time (!)

This commit implements:
- rsync-compatible itemized-change output in diff-mode (using zip)
- no longer changing permissions unconditionally (when idempotent)

* Small fixes to itemized change output

* Fixes to user/group ownership changes

- The implementation of user/group ownership is a bit more complex for idempotency
- We report when a ZIP file incorrectly tags a directory as a file/link
- We only offer diff output when there is a change

* Fix the handling of includes and excludes for unzip

* Remove test output from output (confuses easily)

* Logic and performance improvements to ownership handling, and umask fix

* Handle special files (type '?')

* Make exceptions compatible with python 2.4

* Implement CRC32 support

* Revert some unintended/unknown changes ?

* Taking over maintenance as offered by current maintainer

* Fix support for white-spaces in filenames

* Remove/rename incorrect regex

* Ensure that fat executables end up with execute permission

* Remove check_result from output when unchanged

* When unarchiving as a user, or when owner/group/mode is supplied --diff is insufficient

Only way to be sure is to check request with what is on disk (as we do for zip).
Leave this up to set_fs_attributes_if_different() instead of inducing a (false) change

* By default, don't send confusing check_results in verbose output

This fixes #74.
9 years ago
yarick123 bf2f09e37c ini_file: added option 'noextraspaces' to turn off inserting extra spaces around '=' symbol
* ini_file: added option 'noextraspaces' to turn off inserting extra spaces around '=' symbol

* ini_file: noextraspaces, python 2.4 compatibility

* ini_file: noextraspaces - yes/no => true/false

* ini_file: noextraspaces - added 'version_added' option

* ini_file: noextraspaces => no_extra_spaces
9 years ago
Mengdi Gao 4ff5218903 Improve doc accuracy of template module 9 years ago
peter.jang c52f475c64 added rsync protocol support (#1999)
* added rsync protocol support

* correction for example document(add example for push on delegate)

* use startswith method for safety
9 years ago
Brian Coca a268e5a119 Merge pull request #2647 from bertvv/issue_2498
Also show stdout when validation fails. This fixes #2498
9 years ago
Brian Coca c86a0ef84a fixed exit json 9 years ago
Matt Martz 07f29ecd7f Fix synchronize docs to indicate the correct default for use_ssh_args 9 years ago
Toshio Kuratomi 80543ee6f8 Merge pull request #3197 from dagwieers/unarchive-download-error-fix
unarchive: Ensure that download failure is properly raised before read fails
9 years ago
Brian Coca 94e66cb108 fixes to assemble
now uses atomic move to avoid data corruption
correclty cleans up temp files in every case
returns backup_file info if needed
validate validate before temp file gets created
backup AFTER validate
9 years ago
Dag Wieers 7cd47eb73a Ensure that a download failure is properly raised before the read fails
Without this change, a download failure may bail out with the message:

    "Failure downloading http://foo/bar, 'NoneType' object has no attribute 'read'"

whereas with this fix, you'd get a proper error like:

    "Failure downloading http://foo/bar, Request failed: <urlopen error [Errno 113] No route to host>"

or one of the many other possible download errors that can occur.
9 years ago
Toshio Kuratomi 2920658776 Change one param to be of type path 9 years ago
Toshio Kuratomi 832e81e691 Set some module parameters to type=path 9 years ago
Toshio Kuratomi a7cfa1c8cd Correct dest_port to be of type int 9 years ago
Toshio Kuratomi cfbe65f8c8 Set name to type path so that tilde and env vars are expanded 9 years ago
Brian Coca c50ca43d8d fixed typo, now correctly check isdir
fixes #3089
9 years ago
Brian Coca ab4c542b33 added missing checksum alias 9 years ago
Brian Coca cefdb9a494 Merge pull request #2896 from towolf/add_diff_to_lineinfile
Add diff to lineinfile.py for both file contents and file attributes
9 years ago
Brian Coca 81b827f869 fixed option name mismatch, added aliases
also removed empty aliases
9 years ago
Brian Coca 8c2ef29a7a added follow to specific modules that support it
was removed from common file docs
9 years ago
Jose Moreira cb712f2ba8 Fixed module doc typos 9 years ago
Brian Coca 191bf977f7 Merge pull request #3042 from lgp171188/patch-1
Fix typo in the copy module error message
9 years ago
Brian Coca 238c26c7e2 recursive copy is not available(yet) on remote_src 9 years ago
Guruprasad ea6c2573e3 Fix typo in the copy module error message
Fix the typos in the error message shown on trying to use remote_src=yes for copying directories
9 years ago
Brian Coca b89f4c7cab cleaner error on recursive remote copy
TODO: add recursive copy support when remote_src=yes
probably need to make shared the logic in the action plugin.
9 years ago
Brian Coca 6a42e54e57 removed 'overquoting' of example
fixes #3029
9 years ago
Toshio Kuratomi 93d02189f6 Remove duplicate documentation fields 9 years ago
Tobias Wolf 99ba594f0a Add diff for both file contents and file attributes to lineinfile
Using the difflist feature added in ansible/ansible@c337293 we can add
two diffs to the `diff` dict returned as JSON: A `before` and `after` pair of
changed file contents and the diff of the file attributes.

n.b.: the difflist handling from the above commit is logically broken.
PR will follow.

Example output:

    TASK [change line and mode] ************************************************************
    changed: [localhost]
    --- before: /tmp/sshd_config (content)
    +++ after: /tmp/sshd_config (content)
    @@ -65,21 +65,21 @@
     X11DisplayOffset 10
     PrintMotd no
     PrintLastLog yes
     TCPKeepAlive yes
     #UseLogin no

     #MaxStartups 10:30:60
     #Banner /etc/issue.net

     # Allow client to pass locale environment variables
    -AcceptEnv LANG LC_*
    +AcceptEnv        LANG LC_* GF_ENV_*

     Subsystem sftp /usr/lib/openssh/sftp-server

     # Set this to 'yes' to enable PAM authentication, account processing,
     # and session processing. If this is enabled, PAM authentication will
     # be allowed through the ChallengeResponseAuthentication and
     # PasswordAuthentication.  Depending on your PAM configuration,
     # PAM authentication via ChallengeResponseAuthentication may bypass
     # the setting of "PermitRootLogin without-password".
     # If you just want the PAM account and session checks to run without

    --- before: /tmp/sshd_config (file attributes)
    +++ after: /tmp/sshd_config (file attributes)
    @@ -1,3 +1,3 @@
     {
    -    "mode": "0700"
    +    "mode": "0644"
     }
9 years ago
Toshio Kuratomi c8d5fdaf27 Merge pull request #2891 from ansible/synchronize-better-error-missing-rsync
Better error message when rsync nad ssh aren't present where synchronize is run
9 years ago
Toshio Kuratomi cb1fefdf92 Better error message when rsync nad ssh aren't present where synchronize is run
Fixes https://github.com/ansible/ansible/issues/9305
9 years ago
Brian Coca 3239691e9e Merge pull request #2870 from towolf/add_diff_to_synchronize
Add custom diff field to synchronize module
9 years ago
Tobias Wolf cd3b9366fe Add custom or 'prepared' diff field to synchronize module
This PR depends on pull requeest ansible/ansible#14105

rsync has a custom diff output that cannot easily be expressed as
`/usr/bin/diff before after`
9 years ago
Toshio Kuratomi d9e29752c1 Add an internal param instructing synchronize to replace localhost with the host that's being ssh'd from 9 years ago
Matt Martz 76925ef613 Merge pull request #2858 from sivel/issue/14064
Add note about precautions of using become with fetch
9 years ago
Matt Martz 3f232beb0a Add note about precautions of using become with fetch. Addresses https://github.com/ansible/ansible/issues/14064 9 years ago
Toshio Kuratomi 0b7469fa90 Fix documentation build 9 years ago
Toshio Kuratomi 76a478a226 Document that synchronize in 2.0.0.x has broken sudo behaviour.
Part of the changes for #13825
9 years ago
Toshio Kuratomi 78b4eac6fc Merge pull request #2722 from mscherer/fix_2630
Fix 2630
9 years ago
Brian Coca 48bd80c9cb adds diff info for file info 9 years ago
Michael Scherer 948900f7fb Fix doc inconsistency (#2630) 9 years ago
Brian Coca f500a2ec53 added mime option to stat module
it uses file magic to now return mime_type and charset of a file as
per output of `file -i /path`
9 years ago
Adam Fields 27f561dca2 added a reference to the template module for clarity 9 years ago
quoing 877daf970d Fix: Default ACL parameters are not correctly handled 9 years ago
Brian Coca db66144386 simplified lowercasing 9 years ago
quoing c93de2f930 Add "default" entry option back (removed in e95bcae), update will translate entry to standard parameters so compatibility with BDS is kept 9 years ago
Bert Van Vreckem 9556bcb9c2 Also show stdout when validation fails. This fixes #2498 9 years ago
Brian Coca 8a2459c643 Merge pull request #2590 from noseka1/devel
Fix ini_file module, avoid bracklets in key break idempotence
9 years ago
Ales Nosek 9c74272c9b Fix #2475 ini_file module: bracklets in key break idempotence
Escape the regex special characters in the option name.
9 years ago
krdlab 61a3625ed0 Fix 'stat' module document 9 years ago
Dylan Martin bfa7cdb5c4 improved error message when no handler found 9 years ago
Brian Coca c6fdd3809f fixed typo EEXISTS is actually EEXIST
fixes #2585
9 years ago
Brian Coca 9030ae996c Merge pull request #2569 from gerph/gerph-fix-docs-file
Update documentation for 'file' module to include 'diff_peek'.
9 years ago
Charles Ferguson 176b4103b6 Add documentation to 'file' AnsibleModule definition for internals.
The parameters 'diff_peek' and 'validate' are not expected to be used
by users. They are internal. To make it clear, this change adds the
comments 'Internal use only' to each of those definitions to make
it clear that they are actually used, just not by end-users.
9 years ago
Charles Ferguson 9325c0ae5f Update documentation for 'file' module to include 'diff_peek'.
The 'diff_peek' option isn't documented at all, and provides a
rudimentary check that the content isn't binary. Documentation is
added to explain the option.

The 'validate' option has a declaration, but isn't implemented.
Therefore it may as well be removed from the module.
9 years ago
Charles Paul 1bc0b6ee6a create non-existent ini file
fixing fail_json

more verbose fail msg
9 years ago
Maarten Claes e9c548da41 This fixes copy with the remote_src option
It was broken in 6e37f1dcef when the remote_src was added. Need to
pass the absolute path to copy2 instead of a tuple.
9 years ago
Brian Coca 6e37f1dcef fixed remote_src support, now actually copies and does not move 9 years ago
Timothy Appnel ca12ed5d98 Added the checksum_algo alias to the stats module. 9 years ago
Brian Coca e74dc8c1dd minor doc fixes 9 years ago
Ales Nosek 22790d301a Make the syntax work with Python 2.4 9 years ago
Ales Nosek 7f59773460 ini_file should only change what was specified and nothing more #5860
See also:
http://alesnosek.com/blog/2015/08/03/improving-ansibles-ini-file-module/
9 years ago
Brian Coca 45a9f0b453 since find doesn't make changes, support check mode and gather data for other tasks in check mode 9 years ago
Toshio Kuratomi 3993f4e967 Simplify logic to handle options set to empty string
Fixes #2125
9 years ago
Brian Coca 87b8086163 Merge pull request #2327 from ryansydnor/devel
Add capability for stat module to use more hash algorithms
9 years ago
Brian Coca 486d233cbe Merge pull request #2262 from bcoca/find_regex
added regex support to find
9 years ago
Ryan Sydnor fb10161510 Add capability for stat module to use more hash algorithms
Specifically, the stat module now has a checksum_algorithm parameter.
This lets the module utilize one of the hash algorithms available on the host
to return the checksum of the file.

This change is backwards compatible. The checksum_algorithm defaults to
sha1 and still returns its result to the stat.checksum property.
9 years ago
Brian Coca 2b33c92e7a corrected docs for stat's lnk_source
fixes #12850
9 years ago
Brian Coca 074aad23e7 final form, use_regex now controls if patterns is glob or regex
- fixed cases in which stat fails (dangling symlink)
- now properly reports name of skipped paths
9 years ago
Brian Coca e603b1bb69 changed so regexes and shell globs work transparently 9 years ago
Brian Coca fdd88863d4 fixed bug in spec 9 years ago
Brian Coca bc4b40d8e7 added regex support to find, also added 'singular' aliasess to patterns and paths 9 years ago
Brian Coca 5893eb51a5 documented new remote_src option 9 years ago
varnav 07c5143a99 Fixed confusion in the docs
As 'path' is actually alias for 'dest', this could be confusing.
9 years ago
Toshio Kuratomi e9139ba4fa Change the example of rsync_opts to use a list instead of a string
Fixes #9889
9 years ago
James Cammarata 22d25de23c Fix syntax error in synchronize docstring 9 years ago
James Cammarata 627bd47fd3 Merge pull request #2055 from skylerbunny/patch-1
Explanation of privilege escalation in notes
9 years ago
Brian Coca f12a2135ca Merge pull request #1525 from mjuenema/devel
Removed check whether destination directory is writable from files/un…
9 years ago
skylerbunny 489f3e67f1 Explanation of privilege escalation in notes
An attempt to make clear how privilege escalation works with respect to the src/source host and dest/destination host. One existing note was incorporated into three new ones, iterating each.
9 years ago
James Cammarata 310cf77edc Merge pull request #1947 from astorije/astorije/fix-acl
Fix the acl module
9 years ago
Brian Coca 68ab025dac minor doc fixes 9 years ago
Jérémie Astori 72fb7a0a17 Fix physical walk on acl module for Linux
`-h` is for BSD [1] while `-P`/`--physical` is for Linux [2].
This commit fixes that option now that acl module is (temporarily)
only supported for Linux.
I will re-add `-h` when fixing BSD support.

[1]: http://www.freebsd.org/cgi/man.cgi?format=html&query=setfacl(1)
[2]: http://linuxcommand.org/man_pages/setfacl1.html
9 years ago
Jérémie Astori 8eefd44aef Make sure entry is not sent when acl state=query 9 years ago
Jérémie Astori 0e659ad872 Make sure permission-less entries are accepted when state=absent
Also, remove that try condition as, at that stage, no permissions with
other than 2 or 3 fields are sent to the function.
9 years ago
Jérémie Astori e95bcaeb8a Remove support for `d[efault]:` in entry permissions
It is not documented in [the Ansible doc page][1] nor
[the BSD setfacl man entry][2] (which means it might not be compatible
with BSD) so removing it does not break the API.

On the other hand, it does not conform with POSIX 1003.1e DRAFT
STANDARD 17 according to the [Linux setfacl man entry][3] so safer to
remove.

Finally, the most important reason: in non POSIX 1003.e mode, only ACL
entries without the permissions field are accepted, so having an
optional field here is very much error-prone.

[1]: http://docs.ansible.com/ansible/acl_module.html
[2]: http://www.freebsd.org/cgi/man.cgi?format=html&query=setfacl(1)
[3]: http://linuxcommand.org/man_pages/setfacl1.html
9 years ago
Brian Coca f925f7e01f Merge pull request #1734 from freym/assemble-file-validation
assemble: add file validation support.
9 years ago
Jérémie Astori 3ac990556d Fix wrong expectation regarding entry format in acl module 9 years ago
Jérémie Astori 421d3f12cf Fix wrong processing of lines returned by setfacl in test mode 9 years ago
Jérémie Astori 50c6425673 Fix minor whitespace issues 9 years ago
Brian Coca d61fde42ef updated encoding comment and expanded authors field 9 years ago
Brian Coca d4a39d23df Merge pull request #150 from astorije/recursive_acl
Add recursive support for ACL module
9 years ago
Jérémie Astori acfc2166b0 Set version number in recursive option description 9 years ago
Jérémie Astori f8027a7f0a Ensure Python 2.4 compatibility and Linux-restricted support
- Make build_entry compatible with Python 2.4
- Re-add missing warning/comment that was forgotten while refactoring
- Replace `all()` with a good ol' for-loop Python 2.4 compatibility
- Make a condition check more explicit (when `state` is `query`)
- Make sure this module can only be run with on a Linux distribution
- Add a note about Linux-only support in the documentation
- Set the version in which recursive support was added, 2.0
9 years ago
Marius Gedminas 9bcf69a155 Fix obvious copy-paste error in module docs 9 years ago
Toshio Kuratomi f39e5ffa1d Modify the default for synchronize's dest_port again 9 years ago
Toshio Kuratomi ed2d8121b3 Update docs to reflect precedence for synchronize's dest_port param 9 years ago