Commit graph

12934 commits

Author SHA1 Message Date
kubilus1
bcfab26d78 Unchecked index causes IndexError. 2016-12-08 11:34:04 -05:00
Jasper Lievisse Adriaanse
3a319b9a84 support for 'update_cache' in pkgin module 2016-12-08 11:34:04 -05:00
Michael Scherer
971b570b67 Do not leak passwords in case of error in cloudstack modules 2016-12-08 11:34:04 -05:00
Jonathan Mainguy
4b948af706 Enable stdout and stderr on sucessful runs, making show_diff useable
omit color symbols as ansible makes them illegible
2016-12-08 11:34:04 -05:00
Brian Beggs
75b172c706 hipchat api v2 rooms are now url escaped 2016-12-08 11:34:04 -05:00
Aaron Brady
7e1a538b93 Add to_destination parameter 2016-12-08 11:34:04 -05:00
Vlad Gusev
317fe95be0 system/puppet: add --tags parameter (#1916)
* system/puppet: add --tags parameter

--tags [1] is used to apply a part of the node’s catalog.

In puppet:
puppet agent --tags update,monitoring

In ansible:
puppet: tags=update,monitoring

[1] https://docs.puppetlabs.com/puppet/latest/reference/lang_tags.html#restricting-catalog-runs

* Add example of tag usage.

* system/puppet: add list type for a tags dict.
2016-12-08 11:34:03 -05:00
Michael Scherer
817335ae0d Client_secret is supposed to be kept secret, so mark it as no_log (#1995) 2016-12-08 11:34:03 -05:00
nitzmahone
bd3172b2e8 win_updates fix to use documented InstanceGuid property name 2016-12-08 11:34:03 -05:00
nitzmahone
e20eac089f win_updates shouldn't install hidden updates 2016-12-08 11:34:03 -05:00
Michael Scherer
e7e1a8bfea Avoid token leak by marking it as sensitive with no_log (#1966) 2016-12-08 11:34:03 -05:00
Michael Scherer
ed69d8335e Properly label path argument with type='path' (#1940) 2016-12-08 11:34:03 -05:00
Michael Scherer
b8706a1f95 Do not leak mail password by error 2016-12-08 11:34:03 -05:00
Michael Scherer
0dd3296ddd Mark password as 'no_log', to avoid leaking it 2016-12-08 11:34:03 -05:00
Rob
b93fda8573 Updated Amazon module guidelines regarding boto3
* Updated Amazon module guidelines regarding boto3

* Spelling correction
2016-12-08 11:34:03 -05:00
Andy Baker
c0d281e290 type should be 'list' not the default of 'string' 2016-12-08 11:34:03 -05:00
Evgeni Golov
1847f19e41 don't create world-readable archives of LXC containers
with the default umask tar will create a world-readable archive of the

container, which may contain sensitive data

Signed-off-by: Evgeni Golov <evgeni@golov.de>
2016-12-08 11:34:03 -05:00
Michael Scherer
3b79c1621b Prevent password leaks in notification/irc 2016-12-08 11:34:03 -05:00
Michael Scherer
67b2623e92 Use no_log=True for campfire module to avoid leaks 2016-12-08 11:34:03 -05:00
Michael Scherer
f2bf444395 Set no log for jabber.py password 2016-12-08 11:34:03 -05:00
Evgeni Golov
16b2d85d34 do not use a predictable filenames in the LXC plugin
* do not use a predictable filename for the LXC attach script

* don't use predictable filenames for LXC attach script logging

* don't set a predictable archive_path

this should prevent symlink attacks which could result in

* data corruption

* data leakage

* privilege escalation
2016-12-08 11:34:03 -05:00
Michael Scherer
f47a756c46 Add proper type to cpanm arguments
from_path, locallib, executable should be path to benefits
from path expansion for ~user.
2016-12-08 11:34:03 -05:00
Chulki Lee
432a9a31ca osx_defaults: fix datetime
Fix #1742
2016-12-08 11:34:02 -05:00
Matt Martz
c8bd27f1e8 Rebase PRs against $TRAVIS_BRANCH before performing tests 2016-12-08 11:34:02 -05:00
mo@oclab.net
20fd04b9e7 firewalld: fixes documentation
- removes warning, aligning to existing documentation
- adds version
2016-12-08 11:34:02 -05:00
mo@oclab.net
8b2d484032 firewalld: add/remove interfaces to/from zones 2016-12-08 11:34:02 -05:00
David Hocky
aabd6390d4 fix dscp marking documentation in iptables module 2016-12-08 11:34:02 -05:00
Evgeni Golov
88d8820f1b explicitly set "default: null" in the docs 2016-12-08 11:34:02 -05:00
Evgeni Golov
e1846d2e4b do not set a default config for lxc containers
otherwise deploying user-containers fail as these require information
from ~/.config/lxc/default.conf that the LXC tools will load if no
--config was supplied

Signed-off-by: Evgeni Golov <evgeni@golov.de>
2016-12-08 11:34:02 -05:00
Chris Porter
2b8b04638d fix security vulnerability in lxc module
octal/decimal confusion makes file world-writable before executing it
2016-12-08 11:34:02 -05:00
Hans-Joachim Kliemeck
e3d8facc7f fixxed tests 2016-12-08 11:34:02 -05:00
Hans-Joachim Kliemeck
c82d72e12a fixed problems related to userpricincipalname (user@domain) and undefined variables fixed variable capitalization 2016-12-08 11:34:02 -05:00
Hans-Joachim Kliemeck
186197397c fixxed problem with match @ 2016-12-08 11:34:02 -05:00
Hans-Joachim Kliemeck
9ba30d2cea only call set-acl if necessary 2016-12-08 11:34:02 -05:00
Hans-Joachim Kliemeck
700ca56c61 as suggested by @marcind, convert to boolean 2016-12-08 11:34:02 -05:00
Hans-Joachim Kliemeck
404483ea83 fixed documentation 2016-12-08 11:34:02 -05:00
Hans-Joachim Kliemeck
de4a271dd0 added userprincipal support 2016-12-08 11:34:02 -05:00
Hans-Joachim Kliemeck
65d5658553 added separate module to change owner, since win_acl is ACL only and should not be more complex 2016-12-08 11:34:02 -05:00
Marcos Diez
1aec0a3ffb mongodb_user.py: changes on comments 2016-12-08 11:34:01 -05:00
Marcos Diez
37ba9a3fe1 mongodb_user: fix checking if the roles of an oplog reader user changed 2016-12-08 11:34:01 -05:00
Guillaume Dufour
dc83f2c6d7 use python fallback to avoid error on old mongo version without roles 2016-12-08 11:34:01 -05:00
Guillaume Dufour
467d9a8090 avoid problem with old mongo version without roles 2016-12-08 11:34:01 -05:00
Guillaume Dufour
b07e1c13f7 fix #1731 : mongodb_user always says changed 2016-12-08 11:34:01 -05:00
John Barker
d20b7ee6e6 restore version_added in dynamodb_table.py 2016-12-08 11:34:01 -05:00
Matt Hite
846a538648 Allow port 0 as a valid pool member port 2016-12-08 11:34:01 -05:00
Jason Witkowski
48931065e5 The current module supporting F5 BIGIP pool creation does not support a setup where the port number must be zero to signify the pool will listen on multiple ports. This change implements that functionality and fixes an illogical conditional. 2016-12-08 11:34:01 -05:00
Michael Scherer
a21ab5b990 Use type='path' for reposdir, since that's a path 2016-12-08 11:34:01 -05:00
Rene Moser
051b11b983 openstack: doc: add return doc, fixes build 2016-12-08 11:34:01 -05:00
Paul Seiffert
48223fd268 Allow Datadog metric alerts to define multiple thresholds 2016-12-08 11:34:01 -05:00
David Shrewsbury
33d3616bab Add OpenStack os_user_role module 2016-12-08 11:34:01 -05:00