Commit graph

7924 commits

Author SHA1 Message Date
Michael Scherer
5e15cc887b Auth_toekn is a secret, shouldn't be logged (#1999) 2016-04-11 11:35:14 -04:00
Joerg Fiedler
44bfca315a add chroot flag to pkgng in order to allow installation of packages into chroot environments, e.g. jails (#1218) 2016-04-11 08:25:30 +02:00
Him You Ten
f99576749a added stdout and stderr outputs (#1900)
* added stdout and stderr outputs

Added stdout and stderr outputs of the results from composer as the current msg output strips \n so very hard to read when debugging

* using stdout for fail_json

using stdout for fail_json so we get the stdout_lines array
2016-04-11 08:21:15 +02:00
Matt Hite
0405c54dba New preserve_node parameter to skip unreferenced node removal 2016-04-11 08:00:30 +02:00
kubilus1
773d402eac Unchecked index causes IndexError. 2016-04-11 07:55:07 +02:00
René Moser
542a96f907 Merge pull request #1827 from jasperla/pkgin_update_cache
support for 'update_cache' in pkgin module
2016-04-10 22:49:31 +02:00
René Moser
31de43d306 Merge pull request #1952 from mscherer/fix_cloudstack
Do not leak passwords in case of error in cloudstack modules
2016-04-10 18:24:26 +02:00
Monty Taylor
38c8fec277 Merge pull request #1149 from Jmainguy/puppet_stdout
Enable stdout and stderr on sucessful runs, making show_diff useable
2016-04-10 08:43:39 -07:00
René Moser
474baaa831 Merge pull request #1981 from macdiesel/macdiesel/urlencode-hipchat-api-path
Escape room name in hipchat api v2 urls
2016-04-10 11:57:01 +02:00
René Moser
fc79c8820e Merge pull request #1971 from insom/devel
Add `to_destination` parameter to iptables
2016-04-10 11:18:49 +02:00
Vlad Gusev
f1175693f6 system/puppet: add --tags parameter (#1916)
* system/puppet: add --tags parameter

--tags [1] is used to apply a part of the node’s catalog.

In puppet:
puppet agent --tags update,monitoring

In ansible:
puppet: tags=update,monitoring

[1] https://docs.puppetlabs.com/puppet/latest/reference/lang_tags.html#restricting-catalog-runs

* Add example of tag usage.

* system/puppet: add list type for a tags dict.
2016-04-10 11:14:48 +02:00
Michael Scherer
197ee8bef4 Client_secret is supposed to be kept secret, so mark it as no_log (#1995) 2016-04-09 23:33:11 -07:00
nitzmahone
5abb914315 win_updates fix to use documented InstanceGuid property name 2016-04-07 17:38:38 -07:00
nitzmahone
93db039783 win_updates shouldn't install hidden updates 2016-04-07 17:38:37 -07:00
Michael Scherer
bc198cc33a Avoid token leak by marking it as sensitive with no_log (#1966) 2016-04-07 12:47:57 -04:00
Michael Scherer
7120fb4b01 Properly label path argument with type='path' (#1940) 2016-04-07 11:25:04 -04:00
Michael Scherer
3385bf5ef2 Do not leak mail password by error 2016-04-07 08:59:11 -04:00
Michael Scherer
c215bff12e Mark password as 'no_log', to avoid leaking it 2016-04-07 08:58:15 -04:00
Brian Beggs
ed35159702 hipchat api v2 rooms are now url escaped 2016-04-06 17:07:03 -04:00
Rob
84f2aa6167 Updated Amazon module guidelines regarding boto3
* Updated Amazon module guidelines regarding boto3

* Spelling correction
2016-04-06 09:37:52 -04:00
Aaron Brady
e2138c7e14 Add to_destination parameter 2016-04-06 11:30:59 +01:00
Andy Baker
204b4bab56 type should be 'list' not the default of 'string' 2016-04-04 14:18:00 -04:00
Evgeni Golov
6bfd2846f8 don't create world-readable archives of LXC containers
with the default umask tar will create a world-readable archive of the

container, which may contain sensitive data



Signed-off-by: Evgeni Golov <evgeni@golov.de>
2016-04-04 11:28:22 -04:00
Michael Scherer
719b9b229b Prevent password leaks in notification/irc 2016-04-04 09:31:12 -04:00
Michael Scherer
95e07d2f51 Use no_log=True for campfire module to avoid leaks 2016-04-04 09:18:34 -04:00
Michael Scherer
b5333ba08c Set no log for jabber.py password 2016-04-04 09:14:56 -04:00
Michael Scherer
5696e6c33a Do not leak passwords in case of error in cloudstack modules 2016-04-03 10:34:10 +02:00
Evgeni Golov
7c3999a92a do not use a predictable filenames in the LXC plugin
* do not use a predictable filename for the LXC attach script

* don't use predictable filenames for LXC attach script logging

* don't set a predictable archive_path



this should prevent symlink attacks which could result in

* data corruption

* data leakage

* privilege escalation
2016-04-02 01:20:42 -07:00
René Moser
f710908574 Merge pull request #1915 from mscherer/fix_cpanm
Add proper type to cpanm arguments
2016-04-02 08:48:50 +02:00
Chulki Lee
f3c168594a osx_defaults: fix datetime
Fix #1742
2016-04-01 20:45:33 -04:00
Matt Martz
154afa7dc1 Merge pull request #1943 from sivel/rebase-prs
Rebase PRs against $TRAVIS_BRANCH before performing tests
2016-04-01 14:15:12 -05:00
Matt Martz
d4c73059fe Rebase PRs against $TRAVIS_BRANCH before performing tests 2016-04-01 13:50:22 -05:00
René Moser
daddc7caf4 Merge pull request #1478 from m0/firewalld_interface
Extends firewalld module with ability to add/remove interfaces to/from zones
2016-04-01 13:35:47 +02:00
René Moser
78b6645d10 Merge pull request #1937 from Comcast/fix/iptables_dscp_docs
fix dscp marking documentation in iptables module
2016-04-01 13:30:01 +02:00
René Moser
fb3d584abd Merge pull request #1933 from evgeni/no-lxc-default.conf
do not set a default config for lxc containers
2016-04-01 13:29:04 +02:00
Evgeni Golov
185bcbd8f7 explicitly set "default: null" in the docs 2016-04-01 11:04:35 +02:00
René Moser
e94f28771b Merge pull request #1936 from retropc/devel
fix security vulnerability in lxc module
2016-04-01 07:43:23 +02:00
Matt Davis
7ce47aff79 Merge pull request #1117 from h0nIg/devel_win_owner
win_owner to change owner
2016-03-31 15:45:34 -07:00
David Hocky
031f98e86c fix dscp marking documentation in iptables module 2016-03-31 18:37:37 -04:00
René Moser
83a835925e Merge pull request #1737 from Dufgui/devel
fix #1731 : mongodb_user always says changed
2016-04-01 00:24:22 +02:00
Chris Porter
da84e2e9b8 fix security vulnerability in lxc module
octal/decimal confusion makes file world-writable before executing it
2016-03-31 22:55:44 +01:00
René Moser
8afaa69e21 Merge pull request #1935 from bob-smith/dynamodb_tableversion
restore version_added in dynamodb_table.py
2016-03-31 21:42:17 +02:00
John Barker
950e2d9484 restore version_added in dynamodb_table.py 2016-03-31 20:15:32 +01:00
René Moser
1989b8ba57 Merge pull request #1931 from mhite/bigip_pool_member_port_0
Allow port 0 as a valid pool member port
2016-03-31 19:21:22 +02:00
René Moser
3498cd2eae Merge pull request #1927 from jwitko/devel
The current module supporting F5 BIGIP pool creation does not support…
2016-03-31 10:50:35 +02:00
Brian Coca
2a09b7a582 Merge pull request #1932 from mscherer/fix_yum_repos
Use type='path' for reposdir, since that's a path
2016-03-30 13:03:41 -07:00
Michael Scherer
d9b8043b4a Use type='path' for reposdir, since that's a path 2016-03-30 21:49:58 +02:00
Matt Hite
8a27e785db Allow port 0 as a valid pool member port 2016-03-30 09:29:34 -07:00
Evgeni Golov
71b0067aa6 do not set a default config for lxc containers
otherwise deploying user-containers fail as these require information
from ~/.config/lxc/default.conf that the LXC tools will load if no
--config was supplied

Signed-off-by: Evgeni Golov <evgeni@golov.de>
2016-03-30 17:08:42 +02:00
René Moser
282221e5a0 Merge pull request #1928 from resmo/fix/build-os-user-role
openstack: doc: add return doc, fixes build
2016-03-30 13:00:19 +02:00