CVE-2017-7481
Lookup returns wrap the result in unsafe, however when used through the
standard templar engine, this does not result in the jinja2 environment being
marked as unsafe as a whole. This means the lookup result looses the unsafe
protection and may become simple unicode strings, which can result in bad
things being re-templated.
This also adds a global lookup param and cfg options for lookups to allow
unsafe returns, so users can force the previous (insecure) behavior.
The makefile in docs/api/ had a top level check for the
'sphinx-build' tool, but the check was getting triggered
on 'make clean' when it is not needed and causing 'make rpm'
and similar builds to fail.
So this commit removes the check.
Fixes#24163
Output of `yum check-update` can contain lines with long package names and long
repository label names, which will be broken into multiple lines, which need to
be sanitized. The solution to this has been fixed and refactored in 2.3 in form
of parse_check_update(), but it still contains subtle bug, which makes such
multi-lines invisible to later logic (such packages aren't included in
parse_check_update()) output. The problem is caused by using '\1' in re.sub(),
instead of proper r'\1', which literally puts unicode symbol \1 into resulting
output.
ssh-keyscan isn't very verbose about errors. Give the user whatever
information we have available even if it isn't much. At least they will
know how we were running ssh-keyscan and why there's an error now.
Fixes#19440
Use the default repr of AnsibleVaultEncryptedUnicode.data instead
of a custom one, since jinja templating ends up using the repr()
results.
Fixes#23846, #24175
os_quota checks the current quotas for compute, network and volume
services and fails when no volume service is found in the catalog.
Since openstack test deployments without volume services are common
os_quota shouldn't fail if such service is missing.
Fixes#23085
Signed-off-by: Alberto Murillo Silva <alberto.murillo.silva@intel.com>
This allow users to write better playbooks by replacing
- shell: dnf autoremove -y
with
- dnf: autoremove=yes
Fixes#18815
Signed-off-by: Alberto Murillo Silva <alberto.murillo.silva@intel.com>
Fix adds correct warning after deleting Windows User.
Also, adds modular function to get group
Fixes https://github.com/ansible/ansible/issues/24190
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* ansible-doc -s is supposed to output a sample snippet of how you could
add the module into a playbook. These changes update the style:
* Use yaml mappings instead of key=value
* Use the module name directly instead of action: modulename
* Fixes a bug when displaying option descritpions which are yaml strings
instead of lists.
This fixes in code the bad formatting reported in #24201
Matt Clay