Check module_path permissions when creating ssh_wrapper for git

If the module directory is not writable/executable to the current user (most likely because of a sudo to a non-root user), the ssh_wrapper will be created in the default location for mkstemp() calls. To facilitate the deletion of these new files, a new mechanism for cleaning up files created by the module was also added. Fixes #7375
2014-05-13 13:52:38 -05:00 · 2014-05-13 13:52:38 -05:00 · 31250905e9
commit 31250905e9
parent 5ae08e1699
1 changed files with 10 additions and 1 deletions
--- a/source_control/git
+++ b/source_control/git
@ -181,7 +181,15 @@ def get_submodule_update_params(module, git_path, cwd):

 def write_ssh_wrapper():
    module_dir = get_module_path()
+    try:
+        # make sure we have full permission to the module_dir, which
+        # may not be the case if we're sudo'ing to a non-root user
+        if os.access(module_dir, os.W_OK|os.R_OK|os.X_OK):
            fd, wrapper_path = tempfile.mkstemp(prefix=module_dir + '/')
+        else:
+            raise OSError
+    except (IOError, OSError):
+        fd, wrapper_path = tempfile.mkstemp()
    fh = os.fdopen(fd, 'w+b')
    template = """#!/bin/sh
 if [ -z "$GIT_SSH_OPTS" ]; then
@ -505,6 +513,7 @@ def main():
    if key_file or ssh_opts:
        ssh_wrapper = write_ssh_wrapper()
        set_git_ssh(ssh_wrapper, key_file, ssh_opts)
+        module.add_cleanup_file(path=ssh_wrapper)

    # add the git repo's hostkey 
    if module.params['ssh_opts'] is not None: