Commit graph

288 commits

Author SHA1 Message Date
Daniel Shepherd
1a4604361f pamd: add delete=False to NamedTemporaryFile() (#47281)
* add delete=False to NamedTemporaryFile and remove print statement from module

* add changelog fragment

* use module.tmpdir from (#47133) and add changelog fragment for it as well

(cherry picked from commit c67ab296bb)
2018-10-22 20:09:44 -07:00
Martin Krizek
b618339c32 2.7: user: do not pass ssh_key_passphrase on cmdline (#47445)
* user: do not pass ssh_key_passphrase on cmdline

CVE-2018-16837

Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
(cherry picked from commit a0aa53d1a1)

* Ignore user module use of subprocess.

(cherry picked from commit 8d00afc013)

* Fix python3 problem in user module cve fix

(cherry picked from commit 9088671c4e)

* Fix changelog entry for user module CVE fix

(cherry picked from commit 210a43ebeb)
2018-10-22 19:59:34 -07:00
Adam Miller
b14c45a16c Handle dnf immutable mutable datatypes (#47434)
* Handle dnf immutable mutable datatypes

In DNF < 3.0 are lists, and modifying them works
In DNF >= 3.0 < 3.6 are lists, but modifying them doesn't work
In DNF >= 3.6 have been turned into tuples, to communicate that
modifying them doesn't work

Further explanation of this is available via Adam Williamson from
the Fedora QA Team.

    https://www.happyassassin.net/2018/06/27/adams-debugging-adventures-the-immutable-mutable-object/

Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit 70025e7b56)

* add backport changelog

Signed-off-by: Adam Miller <admiller@redhat.com>
2018-10-22 19:11:45 -07:00
Toshio Kuratomi
7812c065f4 Revert "Fix prompt mismatch issue for ios (#47004)"
This reverts commit 17cd01589a.

This commit was not passing CI.  Reverting
2018-10-22 18:33:58 -07:00
Dag Wieers
44ae37d78b mail: Fix regression when sending mail without SSL (v2.7) (#47019)
* mail: Fix regression when sending mail without SSL (v2.7)

When this module was refactored in #37098 the non-SSL use-case was broken.

The main cause is that we have no way to do integration tests for testing SMTP.

This is a back-port to v2.7 of #46403

* Add changelog fragment
2018-10-22 16:45:21 -07:00
Matt Martz
0e933f76ba [stable-2.7] Handle sets differently than lists in wrap_var. Fixes #47372.
(cherry picked from commit c58de75f38)

Co-authored-by: Matt Martz <matt@sivel.net>
2018-10-22 16:32:26 -07:00
Pablo
ce16286dee [stable-2.7] Fix exception when including tasks from handlers (#47307)
Set _notified_handlers for the task's _uuid that is run as a handler

Fix #47287
(cherry picked from commit 6497049)

Co-authored-by: Pablo <pablorf.dev@outlook.com>
2018-10-22 15:52:54 -07:00
Ganesh Nalawade
17cd01589a Fix prompt mismatch issue for ios (#47004)
* Fix prompt mismatch issue for ios

Fixes #40884 #44463

*  If the command prompt is matched check if data is
   still pending to be read from buffer.
*  This fix adds a new timer `buffer_read_timeout`
   which will be trigerred after command prompt
   is matched and data is attempted to be read from channel.
   If not data is present of channel the timer will expire
   and response we be returned to calling function.

* Fix unit test failure

* Update to make buffer timeout float

* Update doc and fix review comment

* Fix CI issues

* Update doc

* Fix review comments

* Update changelog

(cherry picked from commit 335a979f1d)
2018-10-22 15:47:15 -07:00
Martin Krizek
57c25636d8 2.7: yum/dnf: fail when space separated string of names (#47109) (#47414)
* yum/dnf: fail when space separated string of names (#47109)

* yum/dnf: fail when space separated string of names

* Groups allow spaces in names

(cherry picked from commit e8b6864e21)

* Add changelog
2018-10-22 15:46:12 -07:00
Jonathan Oddy
d130c166ad Fix AWS EC2 inventory plugin caching of groups (#46961)
* Fix AWS EC2 inventory plugin caching of groups

* Added changelog fragment for aws_ec2 caching fix

* Store the AWS query results

The underlying inventory object contains inventory from other sources,
so caching it as ours would be wrong.
It seems easiest and safest to just cache the boto query results
instead.

* Remove unused functions

(cherry picked from commit 7ba09adee1)
2018-10-22 11:59:50 -07:00
Dag Wieers
5a0e016b4b psexec: Handle socket errors (Connection timeout) (Backport) (#47407)
* psexec: Handle socket errors (Connection timeout)

This ensures we get a nicer error message from psexec.

* Add changelog fragment
2018-10-22 11:34:25 -07:00
Jordan Borean
a636562818 psexec: better error on import failure (#47327)
(cherry picked from commit 013c44484a)
2018-10-22 10:41:19 -07:00
Felix Fontein
69568b4ca8 [2.7] docker_container: fix memory_swappiness documentation (#47378)
* Documentation for docker_container: fix documentation for memory_swappiness. Default value will not equal 0, it will be inherited from the host machine (#47296)


(cherry picked from commit 4c2efa4b67)

* Add changelog.
2018-10-22 10:40:27 -07:00
Nathaniel Case
7d936c12fd [2.7] Update some cliconf plugins (#47141) (#47310)
* [2.7] Update some cliconf plugins (#47141)

* Add `check_all` to many community cliconf plugins
(cherry picked from commit 7844a40)

Co-authored-by: Nathaniel Case <this.is@nathanielca.se>

* Add changelog entry
2018-10-22 10:35:27 -07:00
Matt Martz
f1db8985e3 [stable-2.7] Don't use the task for a cache, return a special cache var (#47243)
* Don't use task to cache loop results, use hostvars. Fixes #47207

* Avoid a race condition, supply _ansible_loop_cache through get_vars directly

* Add tests

* Add changelog fragment

* Remove unnecessary copy

* Remove unnecessary host from _get_delegated_vars signature.
(cherry picked from commit 77d32b8f57)

Co-authored-by: Matt Martz <matt@sivel.net>
2018-10-22 10:33:19 -07:00
Martin Krizek
46c217feda Do not strip new lines in native jinja (#46751)
* Do not strip new lines in native jinja

* Add changelog/fragment

(cherry picked from commit 541255a2d8)
2018-10-22 09:47:45 -07:00
Felix Fontein
f7c5c466be Add changelog. 2018-10-22 09:44:30 -07:00
Per-Henrik Lundblom
d82c5fb55f [aws] ec2_vol_facts: only access volume tags when set (#46801)
(cherry picked from commit e744c83808)
2018-10-22 09:06:14 -07:00
Jordan Borean
7690659f7f openss: fix various test and Python 3 issues (#47188)
(cherry picked from commit 6666b070a9)
2018-10-22 08:59:23 -07:00
Dani Hodovic
28ed7f722e docker_service: parse scale parameter correctly to 2.7 (#47239)
* fix: Parse docker_service scale parameter to int (#45508)

* Changelog: add fragment for docker_service scale fix
2018-10-22 08:58:18 -07:00
Fran Fitzpatrick
24d7ccd182 Backport: junos terminal regex prompt fix to v2.7 (#47203)
* Fix junos terminal regex (#47096)

Fix junos stdout regex

Change at hing

(cherry picked from commit fc341e01fa)

* Changelog: adds fragment for junos fix terminal
prompt regex

* Proper yaml formatting
2018-10-22 08:38:12 -07:00
Jordan Borean
20fc17a55f postgresql_user: fix test errors on newer Fedora versions (#47166)
(cherry picked from commit dd46f953f6)
2018-10-22 08:37:32 -07:00
Matt Martz
20c1cf41a4 [stable-2.7] Use the copied and merged task for calculating task vars in the free strategy. Fixes #47024 (#47060)
(cherry picked from commit c3d5779)

Co-authored-by: Matt Martz <matt@sivel.net>
2018-10-22 08:36:00 -07:00
Brian Coca
b2381cfac9 fixes to ansible-doc (#47209)
* Adoc fixes (#47137)
* removed hardcoded loader/plugins list
* updated a few errors to keep orig object
* fix httpapi/cliconf listing
* ansible-doc fixes
* show undocumented as UNDOCUMENTEd
* added missing undoc

(cherry picked from commit fce9673ac1)

* An earlier optimization of ansible-doc -l caused failures. (#47012)
The optimization quickly searches the plugin code for short_description
fields and then uses that in the -l output.  The searching was a bit too
naive and ended up pulling out malformed yaml.  This caused those
plugins to be omitted from the list of plugins of that type with
a warning that their documentation strings were wrong.

This change makes the documentation parser aware that the documentation
string could have a relative indent for all of its fields which makes it
robust in the face of this particular problem.

* Don't search for space after short_description:

Any whitespace would be valid.  In particular newline

(cherry picked from commit 61ae6424a3)
2018-10-17 11:40:02 -05:00
Jonathan Oddy
60e7f43998 [stable-2.7] Restore SIGPIPE handler to DFL on POpen
Python sets the SIGPIPE handler to SIG_IGN. On execv() signal handlers are
reset to their defaults, EXCEPT those that are SIG_IGN which are left ignored.
In Python 3 subprocess.popen explicitly resets the SIGPIPE handler to SIG_DFL,
but unfortunately in Python 2.7 it does not. This leads to subprocesses being
executed with SIGPIPE ignored. This is often a problem with bash scripts which
rely on SIGPIPE to terminate commands in a pipe, but can easily be a problem
with other applications.

This implements the Python 3 behaviour for Python 2.7 by using a preexec_fn.
(cherry picked from commit f2dccb9)

Co-authored-by: Jonathan Oddy <jonathan.oddy@transferwise.com>
2018-10-15 10:54:04 -07:00
Ganesh Nalawade
da07b58c3b Fix in confirmed_commit capability in netconf_config modules (#46964)
* Fix in confirmed_commit capability in netconf_config modules

Fixes #46804

*  If confirm value is greater than zero or confirm_commit option is set and confirmed-commit
   capability is not supported but Netconf server only in that case fail the module

* Update confirm-commit flag

* Update changelog

(cherry picked from commit 5394638047)
2018-10-15 10:06:45 -07:00
Gustavo Muniz do Carmo
977f094741 Fix iterator to list conversion in ldap_entry module
PR #45778 fixes #45417

(cherry picked from commit 7a747341fb)
2018-10-15 10:05:55 -07:00
Zim Kalinowski
f16bb4daf4 Fixing assigning ssl certificate to http listener in app gateway (#45… (#46027)
* Fixing assigning ssl certificate to http listener in app gateway (#45830)

* fixed ssl certificate reference

* modified test

(cherry picked from commit 83645963fb)

* added chagelog
2018-10-15 09:57:02 -07:00
Brian Coca
e841e7b53d use ansible json encoder for results in callbacks (#46830)
* use ansible json encoder for results in callbacks

(cherry picked from commit 643ff29d2d)
2018-10-12 12:41:39 -07:00
Brian Coca
97a3e59ce8 better information for user from inventory plugins (#46766)
* better information for user from inventory plugins

 - use foreman as example



(cherry picked from commit 9e0c2a658f)
2018-10-12 10:38:57 -07:00
Matt Martz
30c1a1933e [stable-2.7] Do not use mutable defaults in FieldAttribute, instead allow supplying a callable for defaults of mutable types. Fixes #46824 (#46833).
(cherry picked from commit a06a5ded61)

Co-authored-by: Matt Martz <matt@sivel.net>
2018-10-12 10:38:38 -07:00
Peter Oliver
dcc37b6eb9 Locate prtdiag even when absent from /usr/bin (#44113)
* Locate prtdiag even when absent from /usr/bin

On Solaris 8 hosts, this prevents fact collection from aborting with:

    Argument 'args' to run_command must be list or string

* Lint fix.

* Style: pass /usr/platform/.../sbin as optional path to get_bin_path().

(cherry picked from commit 40fb992a6f)
2018-10-12 10:34:51 -07:00
Abhijeet Kasurde
c982295f6c VMware: Refactor disc logic (#39285)
* Refactoring related to network device
* Assign unique random temporary key while creating SCSI or/and IDE controller devices
* Add testcase for this change

Fixes: #38679

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
(cherry picked from commit fd985db72d)
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
2018-10-12 10:32:51 -07:00
Dominik Holler
9a2e192e8a Fix os_router ignores enable_snat: no (#45921)
If enable_snat is False, this should be used to build the
request, because the default value in the OpenStack Networking
API is True.

Fixes the issue #45915.

(cherry picked from commit 452a4ab781)
2018-10-12 10:30:58 -07:00
Adam Miller
f5df17ca51 yum module properly check for None config_file (#46641) (#46820)
* yum module properly check for None config_file (#46641)

* yum module properly check for None config_file
* add conf_file test cases to yum integration tests

Signed-off-by: Adam Miller <admiller@redhat.com>

(cherry picked from commit fb6e91bf98)

* add changelog for 2.7 backport

Signed-off-by: Adam Miller <admiller@redhat.com>
2018-10-11 12:16:50 -07:00
Ryan Brown
d46ed88fa3 [aws] Fix IAM role name parsing to come from the ARN (#46076)
* [aws] Change IAM role name parsing to come from the ARN (#45534)

(cherry picked from commit fe6b7f6b5d)

* Changelog
2018-10-11 09:43:14 -07:00
Adam Miller
4fe7671d34 yum module handle list optional empty strings properly (#46634) (#46819)
* yum module handle list optional empty strings properly (#46634)

Fixes #46517

Signed-off-by: Adam Miller <admiller@redhat.com>
(cherry picked from commit ad405fc21e)

* add changelog

Signed-off-by: Adam Miller <admiller@redhat.com>
2018-10-11 09:41:04 -07:00
Brian Coca
f3b5e0359f manage levels for 'multiple included lists' (#46359)
* manage levels for 'multiple included lists'

fixes #46343

(cherry picked from commit 80d977bac6)
2018-10-11 08:48:40 -07:00
Sloane Hertel
e9d42babbf [aws_ssm_parameter_store] use describe_parameters paginator (#45632) (#45666)
* [aws_ssm_parameter_store] use describe_parameters paginator (#45632)

Fix the service reaching an internal limit while processing the results and returning unexpected data
(cherry picked from commit 7aaa5da41d)

* changelog
2018-10-11 08:22:36 -07:00
Andrea Tartaglia
ebc35bd79f [2.7] nmcli: backport of #42415 (#46814)
* nmcli: fix vlan connection modification Fixes #42322 (#42415)

* ensure optional items are set to empty strings rather than not presented
fix syntax of vlan modification command

* extended tests for nmcli

(cherry picked from commit fb72a5424c)

* Changelog fragment for nmcli fix
2018-10-11 07:45:11 -07:00
Ganesh Nalawade
42183e562a Fix netconf module_utils dict changed size issue (#46778)
Fixes #46755

Use list() to copy the keys of attribute dict
while iterating over attribute dict.

(cherry picked from commit 58aaf53271)

Update Changelog
2018-10-11 07:44:33 -07:00
Sam Doran
4546057fc8 Backport #46360 for 2.7 - Fix for ignore post_reboot_delay (#46510)
* win_reboot: Fix for ignore post_reboot_delay (#46360)

* win_reboot: Fix for ignore post_reboot_delay

This fixes an issue where win_reboot would be ignoring the provided
post_reboot_delay (and on Windows timing/waiting is everything!)

This must be backported to the v2.7 branch.

* Merge post-reboot handling into run()

(cherry picked from commit 8c64b4af7c)

* Add a changelog for the win_reboot fix
2018-10-11 07:42:03 -07:00
Nilashish Chakraborty
0e48544ae1 Backport 2.7: Return correct version on installed VyOS (#39115) (#46730)
* Return correct version on installed VyOS (#39115)

* Return correct version on installed VyOS

Previously existing regexp will shows only "VyOS" without numeric output of router version.
For example: from  "Version:      VyOS 1.1.6" only VyOS will be written in ansible_net_version variable
For more informative output numeric value should be returned as well

* Fixed unittests

(cherry picked from commit 235b11f681)

* Added changelog
2018-10-11 07:26:09 -07:00
Felix Fontein
4ffc75ab44 docker_container: fix problem with published_ports idempotency (#46595)
* Fix comparisons for expected_ports (set vs dict).

* Added changelog.

(cherry picked from commit c5ea3d058e)
2018-10-11 07:20:42 -07:00
Felix Fontein
10fd0251e8 docker_container: improve publish all ports functionality (#46594)
* Improve handling of published_ports: all.

* Add changelog.

(cherry picked from commit 8afe46dc02)
2018-10-11 07:20:42 -07:00
Daniel Jakots
a0f38bdab5 Register missing parameter reboot_timeout (#46585)
(cherry picked from commit 753711cd12)
2018-10-09 18:25:58 -07:00
Vlad Mencl
83194a0a99 module/systemd: fix logic determining if a service needs to be enable… (#46318)
* module/systemd: fix logic determining if a service needs to be enabled (#46245)

* modules/systemd: fix logic: allow scope to default to 'system'

Fix logic introduced in 7ea909418e: if 'scope' param is not specified,
it defaults to system, but the value of module.params['scope'] is None,
not 'system' - so allow for that.

* modules/systemd: fix logic: disabled means disabled

Fix logic determining whether a service with both systemd and initd files is enabled or disabled.

In situations where systemd thinks service is disabled, but rc.d symlinks mark it as enabled,
this module wrongly assumes the service is enabled.

Fix this logic: disabled means disabled

Only when the output from does NOT include disabled, consider the status of rc.d symlinks.

This essentially replicates the fixes done to the systemd handling in the "service" module in 3c89a21e0c

Fixes #22303

Fixes #44409

(cherry picked from commit ef131c7556)

* backport/2.7/46245: add changelog fragment
2018-10-09 18:23:47 -07:00
Daniel Jakots
26de4f9749 Add support for OpenBSD (#46147)
(cherry picked from commit 2769a4e2cc)
2018-10-09 18:22:44 -07:00
René Moser
083d2a6ad7 [2.7] backport cs_instance fixes (#46274)
* cs_instance: doc: fix typo in examples (#46035)


(cherry picked from commit c09b785a66)

* cs_instance: fix host migration without volume (#46115)


(cherry picked from commit e7926cf9f4)

* add changelog fragment
2018-10-09 18:22:07 -07:00
Felix Fontein
c481a5bf4a [2.7] route53: fix CAA record ordering for idempotency (#46227)
* [aws] route53 module: fix idempotency for CAA records  (#46049)

* Fixing record order for CAA records to properly handle idempotency.

* Add integration tests that reproduce CAA failure

(cherry picked from commit a727a1ee67)

* Added changelog.
2018-10-09 18:21:25 -07:00