Commit Graph

50395 Commits (a43269d3a776fe8eb2a71543613d787f66971fa3)
 

Author SHA1 Message Date
Rick Elrod a43269d3a7 Edit /etc/shadow instead
Signed-off-by: Rick Elrod <rick@elrod.me>
4 years ago
Rick Elrod ad9dcb001a
Update changelogs/fragments/68676_busybox_locked_user.yml
Co-authored-by: Abhijeet Kasurde <akasurde@redhat.com>
4 years ago
Rick Elrod 859726eaab user: Unlock by default with no password, busybox
Change:
- On busybox systems such as Alpine, user accounts which are created
  with no password are locked by default until their password is
  changed. For consistency with other platforms, if not given a
  password, manually unlock the account so that it is accessible by key
  access.

Test Plan:
- Local Alpine VM

Tickets:
- Fixes #68676

Signed-off-by: Rick Elrod <rick@elrod.me>
4 years ago
Rick Elrod 205eda335f
[ansible_builtin_runtime.yml] fix text[fs]m typo (#70893)
Change:
- textsfm -> textfsm

Test Plan:
- Out-of-band ansible_builtin_runtime.yml checker script

Signed-off-by: Rick Elrod <rick@elrod.me>
4 years ago
Brian Coca 1223ce656a
reset logging to INFO (#70878)
- due to CVE-2019-14846
 - also added comments and test to avoid 'oportunistic' reversion
4 years ago
Sviatoslav Sydorenko 9c12f20f27
Update the number of contributors in README: 5000+ (#70880) 4 years ago
Mykola Grygoriev 953aa26286
Get serial number of NVMe device without sg_inq (#70284)
* Get serial number of NVMe device without sg_inq

* Add changlelog for #70284

* Use get_file_content() to get serial number from a file
4 years ago
Matt Clay 8b96caf712
Update ansible-base test container to 1.5.0. (#70856) 4 years ago
Rick Elrod 21ac550828
virtualization facts: check /dev/kvm as a fallback (#70829)
Change:
- On Linux, there are situations where a host might be a KVM host but
  not have the kernel module enabled (it might be compiled in instead).
  In these cases, /dev/kvm will still exist, and rather than reporting
  NA, we should report that the host is a KVM host.

Test Plan:
- Local

Signed-off-by: Rick Elrod <rick@elrod.me>
4 years ago
Jordan Borean 5e1a968983
Do not add connection vars to the output results (#70853)
* Do not add connection vars to the output results

* Also revert the delgated scenario JIC

* Added regression test
4 years ago
Fixmetal 7a42d27462
Proper example for splitext filter in docs (#70494)
* Update playbooks_filters.rst with a clear example of how to extract its 2 tokens. 

Co-authored-by: Sloane Hertel <shertel@redhat.com>
4 years ago
Sviatoslav Sydorenko 20bb915092
Refactor Python API examples and docs
PR #70446: it's a follow-up for #70445.

It includes a merge of `examples/scripts/uptime.py` and a similar
code snippet from `docs/docsite/rst/dev_guide/developing_api.rst`.

This patch also changes the docs RST file to include contents of
the example file instead of holding a copy of a similar code.
4 years ago
Matt Davis 4c0af6c808
fix internal cases of actions calling unqualified module names (#70818)
* fix internal cases of actions calling unqualified module names

* add porting_guide entry
* misc other fixes around action/module resolution broken by redirection

ci_complete

* Update docs/docsite/rst/porting_guides/porting_guide_2.10.rst

Co-authored-by: Rick Elrod <rick@elrod.me>

* Update docs/docsite/rst/porting_guides/porting_guide_2.10.rst

Co-authored-by: Rick Elrod <rick@elrod.me>

* address review feedback

* pep8

* unit test fixes

* win fixes

* gather_facts fix module args ignores

* docs sanity

* pep8

* fix timeout test

* fix win name rewrites

Co-authored-by: Rick Elrod <rick@elrod.me>
4 years ago
Alicia Cozine b28d59124b
WIP: add collections as an intersphinx link (#70826)
* adds collections as a ref for intersphinx

* no need for intersphinx

Co-authored-by: Alicia Cozine <acozine@users.noreply.github.com>
4 years ago
Abhijeet Kasurde e439194c8c
basic: Add name of aliases in error message (#69427)
With this patch, user will be notified with available aliases
of arg parameter.

Fixes: #58752

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
4 years ago
Sam Doran 5260527c4a
Change default file permissions so they are not world readable (#70221)
* Change default file permissions so they are not world readable

CVE-2020-1736

Set the default permissions for files we create with atomic_move() to 0o0660. Track
which files we create that did not exist and warn if the module supports 'mode'
and it was not specified and the module did not call set_mode_if_different(). This allows the user to take action and specify a mode rather than using the defaults.

A code audit is needed to find all instances of modules that call atomic_move()
but do not call set_mode_if_different(). The findings need to be documented in
a changelog since we are not warning. Warning in those instances would be frustrating
to the user since they have no way to change the module code.

- use a set for storing list of created files
- just check the argument spac and params rather than using another property
- improve the warning message to include the default permissions
4 years ago
David Shrewsbury bf98f031f3
Sanitize URI module keys with no_log values (#70762)
* Add sanitize_keys() to module_utils.

* More robust tests

* Revert 69653 change

* Allow list or dict

* fix pep8

* Sanitize lists within dict values

* words

* First pass at uri module

* Fix insane sanity tests

* fix integration tests

* Add changelog

* Remove unit test introduced in 69653

* Add ignore_keys param

* Sanitize all-the-things

* Ignore '_ansible*' keys

* cleanup

* Use module.no_log_values

* Avoid deep recursion issues by using deferred removal structure.

* Nit cleanups

* Add doc blurb

* spelling

* ci_complete
4 years ago
Sayee 1733253297
Modification of 'Adding modules and plugins locally' topic (#70659)
* Remediated the topic to comply with IBM style guide and minimalism practices
Co-authored-by: Alicia Cozine <879121+acozine@users.noreply.github.com>
4 years ago
Rick Elrod 34f18a97f4
Add ansible-releases@redhat.com to announce template (#70812)
Signed-off-by: Rick Elrod <rick@elrod.me>
4 years ago
Brian Coca 84adaba6f5
Allow hostvars delegation (#70331)
* ensure hostvars are available on delegation
* also inventory_hostname must point to current host and not delegated one
* fix get_connection since it was still mixing original host vars and delegated ones
* also return connection vars for delegation and non delegation alike
* add test to ensure we have expected usage when directly assigning for non delegated host
4 years ago
Nathaniel Case 06a4fc2833
Document existing ansi_re sequences and add `ESC[m` (#70683)
* Document existing ansi_re sequences and add `ESC[m`

* Add changelog
4 years ago
Sorin Sbarnea b7ee07215d
Update Molecule support contact (#70797)
As Molecule started to use https://github.com/ansible-community/molecule/discussions we need to update documentation before retiring
the molecule-users mailing list.
4 years ago
John R Barker 481cd30129
runtime: aws_netapp_cvs_filesystems (#70781) 4 years ago
Abhijeet Kasurde 8cccede0d4
basic: use PollSelector implementation (#70352)
Some platform such as ESXi does not implement EpollSelector,
which is selected by DefaultSelector. Use SelectSelector which is
based upon 'select' implementation. This works perfectly with
a platform like VMware ESXi.

Fixes: #70238

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
4 years ago
Matt Martz 96b74d3e0b
Ensure single vaulted values aren't counted as sequences. Fixes #70784 (#70786) 4 years ago
Sandra McCann 2a7df5e07b
add note for write permission on rst files (#70766)
* add note for write permission on rst files
* Update docs/docsite/rst/community/documentation_contributions.rst

Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
4 years ago
Sandra McCann 24e5d3a51c
fix rstcheck problem and gitignore collections dir (#70764) 4 years ago
Rick Elrod 97cd1a4b82
Modernize GitHub pull-request template (#70787)
Change:
- Remove "New Module Pull Request" since we're not taking new modules in
  ansible/ansible
- Add "Tests Pull Request" to use for things like adding coverage that
  aren't bugfixes.

Signed-off-by: Rick Elrod <rick@elrod.me>
4 years ago
Baptiste Mille-Mathias 0ead4306a8
user - Create home and parent directories only when requested (#70600)
The home user and the parents directories should only be created when
create_home == True
4 years ago
psi / Ryo Hirafuji 5ce47646ad
cron - Allow non-ascii (UTF-8) chars in cron file paths and jobs (#70426)
* Encode/Decode files in UTF-8
* Use helper function in ansible
* Add an integration test
* Use emoji in test data.
* add changelog
* Also support non-ascii chars in filepath and add tests about this.
* Also use non-ascii chars in replaced text and ensure not to break cron syntax.
* rename self.existing to self.n_existing
* rename crontab.existing to crontab.n_existing
4 years ago
Abhijeet Kasurde 4f96f9826c
distribution: Add support for DragonFly (#70748)
partially fixes #43739

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
4 years ago
John R Barker 1e0d83524c
runtime os_image_facts is now called os_image_info (#70776) 4 years ago
Felix Fontein 8188bce0ff
Redirect restored modules to community.general. (#70769) 4 years ago
Rick Elrod 69472a5f8d
Refactor _fixup_perms2 to remove way-nested logic (#70701)
Change:
- Refactoring to make it harder to get wrong and easier to read.
- Generalize become_unprivileged tests and fix some that never worked
  but also never failed.

Test Plan:
- CI, new units/integration tests

Signed-off-by: Rick Elrod <rick@elrod.me>
4 years ago
Felix Fontein 707e8b6e0c
ansible_builtin_runtime.yml fixes (#70767)
* Correct name is modules, not mso: https://github.com/CiscoDevNet/ansible-mso/blob/master/plugins/doc_fragments/modules.py

* The port_ went missing.

https://github.com/CiscoDevNet/ansible-aci/blob/master/plugins/modules/aci_interface_policy_port_channel.py
https://github.com/ansible/ansible/blob/stable-2.9/lib/ansible/modules/network/aci/aci_interface_policy_port_channel.py

https://github.com/CiscoDevNet/ansible-aci/blob/master/plugins/modules/aci_interface_policy_port_security.py
https://github.com/ansible/ansible/blob/stable-2.9/lib/ansible/modules/network/aci/aci_interface_policy_port_security.py

* Fix typo.
4 years ago
Matt Martz eb06488e1d
Remove preview status from TOML inventory (#70770) 4 years ago
Toshio Kuratomi 1e3989c9f7
Need to return any error code from running antsibull-docs (#70763)
This way we fail early if there's a problem
4 years ago
Baptiste Mille-Mathias 59513ae673
Fix incorrect statement to set a variable for a playbook (#70712)
Fixes #70638
4 years ago
Baptiste Mille-Mathias 92e16c2838
Few fixes for reference_appendices/faq.html (#70719)
* Format using `` instead of `, add line breaks for long lines, rephrase or remove useless text.
Move some text.

* Add clearer version of OpenSSh is affected by SCP bug

* Review some pages using ansible doc writing guide.
4 years ago
Stef B fb3db170cc
Make Sources, Plugins sections easier to read (#70652)
Re-wrote the Inventory Sources section and also the next section to have shorter, clearer sentences with a more active voice.
4 years ago
Mohamed Javeed f9bb5c9c5a
dellemc related module name changes (#70749)
* dellemc related module name changes

* Addressing review comments
4 years ago
Matt Martz 54b002e1ac
Guard against allowing ansible to ansible-base upgrades (#70529)
* Guard against allowing ansible to ansible-base upgrades

* newline

* use alias

* Add an explicit line detailing this is a 1 time thing

* period

* Read __version__ and __author__ rather than import, update working, and add ability to skip conflict checks

* Remove commented code

* Re introduce removed changes from rebase

* Just use open

* Nuke unused import
4 years ago
Brian Kohles 77d0effcc5
Fix missing quoting for remote_tmp in second mkdir of shell module. Issue #69577 (#69578)
* Fix missing quoting for remote_tmp in second mkdir of shell module. Issue #69577

* adding changelog

* fixing typo in changelog entry

* adding test case

Adding test case written by bmillemayhias.

* using $HOME instead of ~

* fixing commit measage

* Update 69578-shell-remote_tmp-quoting.yaml

Co-authored-by: Brian Kohles <me@briankohles.com>
4 years ago
Abhijeet Kasurde 84b4387702
debconf: add a note about no_log usage (#70738)
debconf module exposes sensitive information to logs, console.
Add a note to user about using no_log=True to hide such
information from console.

Fixes: #32386

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
4 years ago
David Rieger 633c2d0522
Fix misleading documentation for naming blocks (#68458)
From what I have observed it is the block itself that doesn't support the name attribute rather than the tasks inside the block.

* Update docs/docsite/rst/user_guide/playbooks_blocks.rst

Co-authored-by: Alicia Cozine <879121+acozine@users.noreply.github.com>
4 years ago
Sloane Hertel 2811d9486f
Update default from True to False for CONDITIONAL_BARE_VARS (#70709)
ci_complete
4 years ago
Abhijeet Kasurde c1402ddee0
validate_modules: added missing single quote (#70744)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
4 years ago
Felix Fontein cf217178c7
Followup to #70610: fix ansible_builtin_runtime.yml redirects to wrong collections (#70725)
* Followup to #70610: fix redirects to wrong collections

* gcp module_utils is in community.general.

* dellos10_* modules are in dellemc_networking.os10, not dellemc.os10.

* intersight_facts was renamed to intersight_info in cisco.intersight in version 1.0.7.

* Fix more dellos10 redirects.
4 years ago
Abhijeet Kasurde 8915f262b4
misc typo fixes (#70736)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
4 years ago
Matt Martz f90aa5599f
Don't treat empty excludes as a match. Fixes #70640 (#70710) 4 years ago