* user: do not pass ssh_key_passphrase on cmdline
* user: do not pass ssh_key_passphrase on cmdline
CVE-2018-16837
Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
(cherry picked from commit a0aa53d1a1)
* Ignore user module use of subprocess.
(cherry picked from commit 8d00afc013)
* Fix python3 problem in user module cve fix
(cherry picked from commit 9088671c4e)
* Fix changelog entry for user module CVE fix
(cherry picked from commit 210a43ebeb)
(cherry picked from commit b618339c32)
* Remove E210
* win_nssm: add failing tests for issue #44079
(cherry picked from commit a5d1241fa1)
* win_nssm: add more failing tests
These tests highlight several issues with this module:
* Service not started when state=started
* Errors with app_parameters (see #25265)
* Exception when passing several dependencies separated by comma as specified in doc
(cherry picked from commit e50234bdb3)
* win_nssm: use Run-Command instead of Invoke-Expression to prevent interpretation issue
Fix#44079
(cherry picked from commit 20a0d90ebe)
* win_nssm: fix service not started when state=started
Nssm status returns a multiline output that doesn't match any of the strict patterns in the switch statement.
(cherry picked from commit 8180a7c39b)
* win_nssm: fix incorrect separator in doc for service dependencies
The dependencies parameter works with space as separator, but not with comma as shown in the documentation
(cherry picked from commit ddd4b4bea6)
* win_nssm: fix error with app_parameters parameter
Fix#25265
(cherry picked from commit aba0d48ba5)
* win_nssm: add idempotence tests
(cherry picked from commit 46a5e4f3bf)
* win_nssm: fix several idempotence issues and misbehaviors
Add missing space between arguments when app_parameters contains several keys.
Use Argv-ToString and Escape-Argument to improve arguments handling (parameters with quotes, backslashes or spaces).
(cherry picked from commit 933a4092bf)
* win_nssm: test parameters with spaces, quotes or backslashes
(cherry picked from commit 51843a7b3c)
* win_nssm: restore comma as separator for service dependencies
Revert commit ddd4b4b
(cherry picked from commit ead882bb9b)
* win_nssm: restore support of string as dict form for app_parameters and remove support of literal YAML dict
(cherry picked from commit 862855252b)
* win_nssm: wrong variable in tests
(cherry picked from commit 9b9c839461)
* win_nssm: add changelog fragment
This prevents a stack trace in Python 3 when the result is an empty file since
the file is open in binary mode and a native string in Python 3 is str,
not bytes.
(cherry picked from commit 8b1ae30e2e)
* ansible-test: add skip/windows/... alias to skip tests on specific Windows versions
* show what tests were skipped
* changes to logic to only skip if all Windows targets are set to skip
* codestyle improvements
* change warning message based on review
* check args type before running the Windows path
(cherry picked from commit 0f5331645f)
* Add symlinks sanity test.
* Replace legacy test symlinks with actual content.
* Remove dir symlink from template_jinja2_latest.
* Update import test to use generated library dir.
* Fix copy test symlink setup.
(cherry picked from commit e2b6047514)
* [stable-2.7] Fix logic to not re-download existing files when force=no (#45495)
* Fix logic to not re-download existing files when force=no. Fixes#45491
* Reduce logic complexity.
(cherry picked from commit 5785de582f)
Co-authored-by: Matt Martz <matt@sivel.net>
* Backport of get_url fix cannot use result
result was only added in 2.8+.
(cherry picked from commit 99171a9c6f)
Co-authored-by: Matt Martz <matt@sivel.net>
* Fix targets that may be a list containing strings and lists which worked prior to 2.6.
(cherry picked from commit 450fb9f855)
* Add ec2_group integration tests for lists of nested targets
(cherry picked from commit 14e3399db1)
* changelog
(cherry picked from commit fb17db0876)
* fix tempating issues with no_log and loops (#44468)
* fix tempating issues with no_log and loops
- task is no log if any item is
- added test cases
fixes#43294
(cherry picked from commit bda074d34e)
* use play context to avoid bug when jinja2+py3
* Fix pkg_mgr_name fact finding for Fedora (#40922)
* Properly handle default package manager vs apt
For distros where apt might be installed but is not the default
package manager for the distro, properly identify the default distro
package manager during fact finding and re-use fact finding from
DistributionFactCollector and instead of reimplementing small
portions of it in PkgMgrFactCollector
Add unit test to always check the apt + Fedora combination to test
the new code.
Fixes#34014
Signed-off-by: Adam Miller <admiller@redhat.com>
* remove q debugging output I accidentally left behind
Signed-off-by: Adam Miller <admiller@redhat.com>
* add os_family to the conditional so we're only hitting that code path when needed
Signed-off-by: Adam Miller <admiller@redhat.com>
* setup for a _check* pattern for general os_family group pkg_mgr checking
Signed-off-by: Adam Miller <admiller@redhat.com>
* use Mock.patch decorator for os.path.exists in TestPkgMgrFactsAptFedora
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix fedora version dnf fact, default pkg_mgr detection per distro family (#43261)
* fix fedora version dnf fact, default pkg_mgr detection per distro family
* loop over possible dnf/yum paths in case there are multiple canonical sources later in life
Signed-off-by: Adam Miller <admiller@redhat.com>
* pkg_mgr: fixed apt_rpm detection (#43769)
Instead of checking the distribution name (which apparently is tricky to find out)
check if /usr/bin/apt-get is managed by RPM.
Fixes#43539
* Ensure that apt is always chosen on debian/ubuntu
One can install alternate packages managers on debuntu machines.
However, doing so doesn't mean you want to suddenly start using them.
Add in a check similar to the fedora yum/dnf check that sets apt as the
pkg_mgr if the ansible_os_family is Debian.
When creating a new account, check to see if the expiration parameter is negative and pass in the appropriate parameter. Since the negative integer passed into expires is converted to time.struct_time which in turn gets converted to a formatted time string when passed to the underlying command, a -1 or large negative number would result in passing a date before 1970-01-01 to the underlying command.
This had the opposite effect of creating an account with no expiration account resulting in a newly created account that was already expired, or just throwing an error on certain systems.
(cherry picked from commit df335d91b0)
* fixes parameters via environment variables, issue #44163
(cherry picked from commit 2c84022b20)
* including test case using environment variables as per issue #44163
(cherry picked from commit eaaada25c7)
* including missing environment variable in shared documentation fragement, related to issue #44163
(cherry picked from commit e97d2e7ed1)
* added changelog
* yml fix
This also allows the test to run on newer containers by not
manipulating any of the pre-configured repositories.
(cherry picked from commit cac51e6da8)
* inventory plugins: add test about config API usage (#41888)
* Check get_option method works with inventory plugins
This use case is already tested by some cloud inventoty plugin but
these tests are slow and aren't always executed, hence this new quick
test.
* AnsiblePlugin: Fix typo in docstring
(cherry picked from commit 06f5e49dfb)
* Update aliases
This allows the use of variables in vars_prompt fields but allows variables entered in the prompt to affect play vars rather than throwing an undefined error.
Add tests for vars_prompt
(cherry picked from commit 6d38167d49)
* openvswitch_db : Handle column value conversion and idempotency in no_key case (#43869)
* change column value to string. handle idempotency in no key case
* fix unit test failures in baseline
(cherry picked from commit 8eaebf86b6)
* change column value to string. handle idempotency in no key case
* service tests: check that daemon is really running
(spoiler: it isn't)
* service tests: add PIDFile directive in systemd unit
* service tests: check 'changed' too
* service tests: fix indentation & use changed test
* service tests: #16694 has been fixed a long time ago
* service tests: refactor
- always execute cleaning tasks
- move tests tasks in a dedicated file
* service tests: add test for #42786
* service tests: display value of ansible_service_mgr
* service tests: allow to run tests twice in a row
stop & disable ansible test service
* service tests: 'pattern' value must be a substring
'pattern' parameter is poorly named
* service tests: check ansible_test service status
* service tests: test daemon must handle SIGHUP
because 'initctl reload' sends SIGHUP, otherwise test daemon stops when
receiving the signal
* service tests: remove upstart override file too
and check that files were removed using raw module and stat command
(cherry picked from commit c5f37f6bd6)
* Only report change when home directory is different
Add tests with home: parameter
Have to skip macOS for now since there is a bug when specifying the home directory path for an existing user that results in a module failure. That needs to be fixed in a separate PR.
(cherry picked from commit 0ca61e9d87)
* win_user: use different method to validate credentials that does not rely on SMB/RPC
* Use Add-Type as SetLastError on .net reflection not working on 2012 R2
(cherry picked from commit 04431216e7)
* Update Shippable integration test groups.
* Update integration test group aliases.
* Rebalance AWS and Azure tests with extra group.
* Rebalance Windows tests with another group.
(cherry picked from commit 4e489d1be8)
* [2.6] Update ios tests (#42509)
* 192.168.0.1/24 conflicts with management IP
* Images don't have the hostnames we expect
(cherry picked from commit 399d13d)
Co-authored-by: Nathaniel Case <this.is@nathanielca.se>
* ios test cleanup pt 2 (#42570)
* Remove local from ios_config to avoid needing to add provider
* ios_smoke should test all with local to pick up the slack
(cherry picked from commit 381263ad99)
* Use separate variables for stdin and stdout file descriptors
* Do not set stdout to raw mode when output is not a TTY
(cherry picked from commit 1d1595b990)
Martin Krizek