Commit graph

7903 commits

Author SHA1 Message Date
Michael Scherer
3385bf5ef2 Do not leak mail password by error 2016-04-07 08:59:11 -04:00
Michael Scherer
c215bff12e Mark password as 'no_log', to avoid leaking it 2016-04-07 08:58:15 -04:00
Rob
84f2aa6167 Updated Amazon module guidelines regarding boto3
* Updated Amazon module guidelines regarding boto3

* Spelling correction
2016-04-06 09:37:52 -04:00
Andy Baker
204b4bab56 type should be 'list' not the default of 'string' 2016-04-04 14:18:00 -04:00
Evgeni Golov
6bfd2846f8 don't create world-readable archives of LXC containers
with the default umask tar will create a world-readable archive of the

container, which may contain sensitive data



Signed-off-by: Evgeni Golov <evgeni@golov.de>
2016-04-04 11:28:22 -04:00
Michael Scherer
719b9b229b Prevent password leaks in notification/irc 2016-04-04 09:31:12 -04:00
Michael Scherer
95e07d2f51 Use no_log=True for campfire module to avoid leaks 2016-04-04 09:18:34 -04:00
Michael Scherer
b5333ba08c Set no log for jabber.py password 2016-04-04 09:14:56 -04:00
Evgeni Golov
7c3999a92a do not use a predictable filenames in the LXC plugin
* do not use a predictable filename for the LXC attach script

* don't use predictable filenames for LXC attach script logging

* don't set a predictable archive_path



this should prevent symlink attacks which could result in

* data corruption

* data leakage

* privilege escalation
2016-04-02 01:20:42 -07:00
René Moser
f710908574 Merge pull request #1915 from mscherer/fix_cpanm
Add proper type to cpanm arguments
2016-04-02 08:48:50 +02:00
Chulki Lee
f3c168594a osx_defaults: fix datetime
Fix #1742
2016-04-01 20:45:33 -04:00
Matt Martz
154afa7dc1 Merge pull request #1943 from sivel/rebase-prs
Rebase PRs against $TRAVIS_BRANCH before performing tests
2016-04-01 14:15:12 -05:00
Matt Martz
d4c73059fe Rebase PRs against $TRAVIS_BRANCH before performing tests 2016-04-01 13:50:22 -05:00
René Moser
daddc7caf4 Merge pull request #1478 from m0/firewalld_interface
Extends firewalld module with ability to add/remove interfaces to/from zones
2016-04-01 13:35:47 +02:00
René Moser
78b6645d10 Merge pull request #1937 from Comcast/fix/iptables_dscp_docs
fix dscp marking documentation in iptables module
2016-04-01 13:30:01 +02:00
René Moser
fb3d584abd Merge pull request #1933 from evgeni/no-lxc-default.conf
do not set a default config for lxc containers
2016-04-01 13:29:04 +02:00
Evgeni Golov
185bcbd8f7 explicitly set "default: null" in the docs 2016-04-01 11:04:35 +02:00
René Moser
e94f28771b Merge pull request #1936 from retropc/devel
fix security vulnerability in lxc module
2016-04-01 07:43:23 +02:00
Matt Davis
7ce47aff79 Merge pull request #1117 from h0nIg/devel_win_owner
win_owner to change owner
2016-03-31 15:45:34 -07:00
David Hocky
031f98e86c fix dscp marking documentation in iptables module 2016-03-31 18:37:37 -04:00
René Moser
83a835925e Merge pull request #1737 from Dufgui/devel
fix #1731 : mongodb_user always says changed
2016-04-01 00:24:22 +02:00
Chris Porter
da84e2e9b8 fix security vulnerability in lxc module
octal/decimal confusion makes file world-writable before executing it
2016-03-31 22:55:44 +01:00
René Moser
8afaa69e21 Merge pull request #1935 from bob-smith/dynamodb_tableversion
restore version_added in dynamodb_table.py
2016-03-31 21:42:17 +02:00
John Barker
950e2d9484 restore version_added in dynamodb_table.py 2016-03-31 20:15:32 +01:00
René Moser
1989b8ba57 Merge pull request #1931 from mhite/bigip_pool_member_port_0
Allow port 0 as a valid pool member port
2016-03-31 19:21:22 +02:00
René Moser
3498cd2eae Merge pull request #1927 from jwitko/devel
The current module supporting F5 BIGIP pool creation does not support…
2016-03-31 10:50:35 +02:00
Brian Coca
2a09b7a582 Merge pull request #1932 from mscherer/fix_yum_repos
Use type='path' for reposdir, since that's a path
2016-03-30 13:03:41 -07:00
Michael Scherer
d9b8043b4a Use type='path' for reposdir, since that's a path 2016-03-30 21:49:58 +02:00
Matt Hite
8a27e785db Allow port 0 as a valid pool member port 2016-03-30 09:29:34 -07:00
Evgeni Golov
71b0067aa6 do not set a default config for lxc containers
otherwise deploying user-containers fail as these require information
from ~/.config/lxc/default.conf that the LXC tools will load if no
--config was supplied

Signed-off-by: Evgeni Golov <evgeni@golov.de>
2016-03-30 17:08:42 +02:00
René Moser
282221e5a0 Merge pull request #1928 from resmo/fix/build-os-user-role
openstack: doc: add return doc, fixes build
2016-03-30 13:00:19 +02:00
Rene Moser
25d7126852 openstack: doc: add return doc, fixes build 2016-03-30 12:56:20 +02:00
René Moser
ab656bb7dd Merge pull request #1866 from Jimdo/monitor_thresholds
Allow Datadog metric alerts to define multiple thresholds
2016-03-30 12:09:12 +02:00
René Moser
6c8f01dd5f Merge pull request #1911 from Shrews/os_user_role
Add OpenStack os_user_role module
2016-03-30 12:00:43 +02:00
Jason Witkowski
b7dad3494e The current module supporting F5 BIGIP pool creation does not support a setup where the port number must be zero to signify the pool will listen on multiple ports. This change implements that functionality and fixes an illogical conditional. 2016-03-29 17:01:52 -04:00
Brian Coca
7ef09ac889 Merge pull request #1919 from mscherer/fix_portage
Use boolean instead of "yes" + choice for most option
2016-03-28 07:05:10 -07:00
Michael Scherer
9853caa536 Use boolean instead of "yes" + choice for most option
This enable a more standard behavior with others modules
2016-03-28 09:14:57 +02:00
Brian Coca
6962f8af62 Merge pull request #1918 from mscherer/fix_pkgng
Use type 'path' for rootdir, for pkgng
2016-03-27 13:32:30 -07:00
Michael Scherer
2e8cd5cd74 Use type 'path' for rootdir, for pkgng 2016-03-27 21:08:05 +02:00
Michael Scherer
c226314770 Add proper type to cpanm arguments
from_path, locallib, executable should be path to benefits
from path expansion for ~user.
2016-03-26 09:19:47 +01:00
René Moser
2d481c93ee Merge pull request #1913 from mgruener/cloudflare-dns-test-fixes
Cloudflare dns test fixes
2016-03-26 09:09:55 +01:00
René Moser
241dba1ee7 Merge pull request #1555 from LuckyGeck/devel
Added reject_with and uid_owner support to iptables module
2016-03-25 23:01:39 +01:00
René Moser
efbb66adbb Merge pull request #1748 from thelan/patch-zabbix-httpauth
Add auth basic support on Zabbix modules (Fixes #1647)
2016-03-25 22:52:08 +01:00
Michael Gruener
46cebbb83d cloudflare_dns: Cosmetic cleanup 2016-03-25 21:08:25 +01:00
Michael Gruener
9db7e2a455 cloudflare_dns: normalize return value and docs 2016-03-25 21:04:19 +01:00
David Shrewsbury
6bcd3d624b Add OpenStack os_user_role module 2016-03-25 15:03:30 -04:00
Michael Gruener
82989ce473 cloudflare_dns: Cleanup record update handling 2016-03-25 19:41:18 +01:00
Michael Gruener
71961134be cloudflare_dns: Allow CNAME content updates 2016-03-25 19:19:11 +01:00
Julien Recurt
cd1114a2bd Add option to use ZabbixApi via auth basic protection 2016-03-25 19:00:17 +01:00
Michael Gruener
396d44c4b3 cloudflare_dns: Fix solo SRV record creation 2016-03-25 18:23:52 +01:00