cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
6743 commits 47 branches 390 tags 440 MiB
Commit graph

713 commits

Author SHA1 Message Date
Sam Thursfield
60397fae0f Fix authorized_key module crashing when given an invalid key 
I tried a playbook with the following (accidentally wrong) task:

  tasks:
      - name: authorized key test
        authorized_key: key=/home/sam/.ssh/id_rsa.pub key_options='command="/foo/bar"' user=sam

I got the following traceback:

    TASK: [authorized key test] ***************************************************
    failed: [localhost] => {"failed": true, "parsed": false}
    Traceback (most recent call last):
    File "/home/sam/.ansible/tmp/ansible-tmp-1427110003.65-277897441194582/authorized_key", line 2515, in <module>
        main()
    File "/home/sam/.ansible/tmp/ansible-tmp-1427110003.65-277897441194582/authorized_key", line 460, in main
        results = enforce_state(module, module.params)
    File "/home/sam/.ansible/tmp/ansible-tmp-1427110003.65-277897441194582/authorized_key", line 385, in enforce_state
        parsed_new_key = (parsed_new_key[0], parsed_new_key[1], parsed_options, parsed_new_key[3])
    TypeError: 'NoneType' object has no attribute '__getitem__'

With this fix, I see the expected error instead:

    TASK: [authorized key test] ***************************************************
    failed: [localhost] => {"failed": true}
    msg: invalid key specified: /home/sam/.ssh/id_rsa.pub
 2015-03-23 11:51:49 +00:00
Mario Loria
30be06c971 Setting the actual passno and dump defaults, and warning user of consequences in nulling 
Using ansible 1.8.4, I found that these two options actually work slightly different than advertised.
 2015-03-11 21:36:44 -04:00
Dag Wieers
0a91ace6ad Update authorized_key.py 
Fix a (common) error in the examples. This is something that may go unnoticed during troubleshooting when copy&pasting the example.
 2015-03-05 11:42:34 +01:00
Toshio Kuratomi
939ecd33d4 In service_enable, the default of changed is True so we have to set it 
to False explicitly if it is False.

Fixes #875
 2015-03-03 11:23:35 -08:00
Carlo Mandelli
0029c960e4 Added HP-UX subclass 2015-02-27 18:32:36 +01:00
Oleg A. Mamontov
fa19753707 On FreeBSD apply 'login_class' only if there is real change. 2015-02-27 14:41:35 +03:00
Edward Larkey
4db27877bf Fix typo in authorized key module documentation. 
Added opening double quote
 2015-02-25 09:00:31 -06:00
Stefan J. Betz
dc470cc91f Create SSH Keys always after creating $HOME 2015-02-21 12:00:47 +01:00
Brian Coca
5df3058aab fix for mount w/o opts (bug introduced when fixing bind mounts) 2015-02-18 15:28:39 -05:00
Brian Coca
1bca815d37 Merge pull request #95 from Gamevy/use-insserv 
Use insserv where available
 2015-02-16 18:52:38 -05:00
Brian Coca
ed8154bdc7 Merge pull request #759 from jonhadfield/systemd_enabled_check 
use is-enabled to check systemd service status.
 2015-02-16 12:29:44 -05:00
Sébastien Gross
67ce4cf416 Add basic support for OSX groups. 2015-02-13 10:14:37 +01:00
Sébastien Gross
1555cfeea2 Add basic support for OS X (Darwin) user management. 2015-02-13 10:14:37 +01:00
Dagobert Michelsen
1f2ffb3900 Solaris SMF is already supported and should be mentioned in the docs, 2015-02-12 17:04:31 +01:00
Brian Coca
55b06568b0 added note that url src is only avaialable from 1.9 on 2015-02-12 09:31:45 -05:00
Brian Coca
b82055f021 Merge pull request #648 from bcoca/service_fix_update-rc.d 
simplified update-rc.d enable/disable handling,
 2015-02-11 21:05:25 -05:00
Toshio Kuratomi
b84f566ee7 Tabs to spaces 2015-02-11 14:05:49 -08:00
Brian Coca
8bccb27c41 Merge pull request #49 from Jmainguy/mount_bind_fix 
Fixes bind mounts for some OSs, reproduced only on debian and ubuntu
 2015-02-11 14:59:35 -05:00
Paul Geraghty
b42b0f49b9 Correct grammar of comment relating to example 2015-02-11 02:18:16 +00:00
Jesse Keating
e0c5b4340d Add exclusive option to authorized_keys 
This option allows the module to ensure that ONLY the specified keys
exist in the authorized_keys file. All others will be removed. This is
quite useful when rotating keys and ensuring no other key will be
accepted.
 2015-02-09 17:05:38 -08:00
Jon Hadfield
b20b29bd17 use is-enabled to check systemd service status. 2015-02-08 18:15:15 +00:00
Philippe ALEXANDRE
ac1a64e62f Add Linuxmint support in hostname module 2015-02-06 21:29:25 +01:00
Jesse Keating
cf0e8d62d2 Add service option to avoid failure on missing service 
This adds a must_exist option to the service module, which gives callers the
ability to be tolerant to services that do not exist. This allows for
opportunistic manipulation of a list of services if they happen to exist on the
host. While failed_when could be used, it's difficult to track all the
different error strings that might come from various service tools regarding a
missing service.
 2015-02-05 15:23:35 -08:00
Brian Coca
b9786835eb Merge pull request #554 from likwid/devel 
Added ability to use url as key source
 2015-02-04 10:20:53 -05:00
Graham Hay
17c7d9c5d5 Use insserv where available 2015-02-04 12:24:56 +00:00
Jeff Gonzalez
27c046ae79 Refactored code to use module utility fetch_url function. 2015-02-03 19:08:23 -06:00
Alexis Seigneurin
6d6e948f1e - 'name' should not be required so as to allow uninstalling a cron_file 2015-02-02 14:51:04 +01:00
Brian Coca
543c45a15f implemented account expiration as flag and not state, removed from unsupported platforms 2015-01-28 09:22:32 -05:00
Brian Coca
fc1045a1ee Merge pull request #41 from billwanjohi/add_expired_state 
user: add expired state
 2015-01-27 18:29:45 -05:00
Jeff Gonzalez
e9ae165792 Added documentation for using url as key source 2015-01-27 15:06:55 -06:00
Jonathan Armani
645e0653a3 Merge branch 'devel' into openbsd_rcctl 2015-01-23 13:01:34 +01:00
Toshio Kuratomi
4f1f8e89c9 More information about distutils on Solaris in case we run into this again 2015-01-22 21:55:27 -08:00
Toshio Kuratomi
effdba95de Merge pull request #639 from tgolly/devel 
distutils is not available on some non-Linux OS's
 2015-01-22 21:49:17 -08:00
Brian Coca
8c4b279552 Merge pull request #39 from kustodian/selinux_disable_fix 
Set selinux state to 'permissive' for state=disabled
 2015-01-22 14:52:26 -05:00
Brian Coca
d80e7438a6 Merge pull request #37 from mscherer/fix_old_7420 
Add hostname to generated user SSH key comment
 2015-01-21 18:16:05 -05:00
Brian Coca
6b784fb28a Merge pull request #675 from bcoca/sysctl_nonstrings 
now handles non string values for sysctl
 2015-01-21 10:49:47 -05:00
Ben Konrath
347234b937 Add support for SL7 to hostname module. 2015-01-20 21:50:15 +01:00
Brian Coca
f85b7ee13c now handles non string values for sysctl 2015-01-19 19:37:57 -05:00
Brian Coca
e957150f77 Merge pull request #189 from jarmani/openbsd_rcctl 
Openbsd rcctl
 2015-01-19 10:12:16 -05:00
Patrik Lundin
e8c328773a Update OpenBSD rcctl handling to use new syntax. 
See http://marc.info/?l=openbsd-cvs&m=142054488027109&w=2
 2015-01-17 12:04:41 +01:00
Tim G
8f43a0a4fe Load distutils on all platforms EXCEPT Solaris. 
Solaris doesn't ship distutils with with the default Python package.  This patch fixes "service" on Solaris since 30d6713.
 2015-01-16 10:06:36 +10:00
Brian Coca
9ac5ed2621 now allows for case in which someone removed the K* links and is trying 
to reenable a service
 2015-01-15 15:53:39 -05:00
Brian Coca
f4a709ad7c simplified update-rc.d enable/disable handling, removed forced defaults 
creation as that breaks local customizations
 2015-01-15 15:32:19 -05:00
Toshio Kuratomi
4c50fbedf4 Merge pull request #632 from mscherer/fix_uneeded_echo 
Do not use echo shell builtin for password
 2015-01-13 23:05:58 -08:00
Tim G
68b5b7be72 distutils is not available on some non-Linux OS's 2015-01-14 13:15:38 +10:00
Michael Scherer
826d313aad Do not use echo shell builtin for password 
Using \t in a password may result in a different password
being set :

    $ echo 'a\ta'
    a   a

Problem report originally found by Pilou-
( https://github.com/ansible/ansible-modules-extras/pull/198 )
 2015-01-12 19:30:07 +01:00
Brian Coca
8c8be0e48c Merge pull request #572 from jrobeson/rename-fedora-hostname-strategy 
[hostname] rename FedoraStratgy to SystemdStrategy
 2015-01-12 10:56:55 -05:00
Toshio Kuratomi
2973bac72f Clarify documented behaviour of user module's ssh_key_file parameter 
Fixes #9873
 2015-01-07 08:46:42 -08:00
sysadmin75
aa99eade7e ansible-modules-core #530 fix - Mount module does not accept spaces in mount point path 2014-12-27 20:08:25 -05:00
Johnny Robeson
50011f13d6 [hostname] rename FedoraStratgy to SystemdStrategy 2014-12-26 00:02:36 -05:00
Jeff Gonzalez
54214f83b5 Added ability to use url as key source 2014-12-22 18:22:31 -06:00
Peter Oliver
18c429d016 Fix appending to a user's group on Solaris 
Without this change, you get:
    AttributeError: 'set' object has no attribute 'extend'

Tested on a Solaris 11.2 client with the included Python 2.6.8.
 2014-12-21 20:05:17 +00:00
Toshio Kuratomi
443951ce82 Merge pull request #524 from zitterbacke/patch-1 
re-enable AIX password setting
 2014-12-16 23:38:38 -08:00
Toshio Kuratomi
67aeab9576 Merge pull request #512 from mscherer/fix_438 
Revert commit cbc417c, as the code is broken, see #438
 2014-12-16 22:46:20 -08:00
Jonathan Mainguy
541070be4c Fixed hostname for rhel5 python 2.4.3 2014-12-16 09:49:13 -05:00
zitterbacke
2e88582165 re-enable AIX password setting 
the AIX class uses a unsafe shell for setting the user password (containing a pipe in the command). This patch adopts to the new behavior of module_utils/basic.py (since somewhere around 1.7).

besides it changes the qoutes for the echo command from double to single, because password-hashes contain $-signs and one would not have this variables expanded.
 2014-12-16 15:10:00 +01:00
Michael Scherer
39cd64ec17 Revert commit cbc417c, as the code is broken, see #438 
LooseVersion expect a string, so filtering to return a int
is incorrect. Thanks to Jeremy Brown for the analysis.
 2014-12-14 21:59:44 +01:00
Toshio Kuratomi
e1f90635af Don't traceback if a gid is specified instead of a group name 
Fixes https://github.com/ansible/ansible/issues/9796
 2014-12-12 12:08:03 -08:00
Patrik Lundin
2acfbf016d Handle string returned by 'default' correctly. 
We need to handle the string returned by 'default' in the same way we handle
the string returned by 'status' since the resulting flags are compared later.
 2014-12-11 23:01:23 +01:00
Brian Coca
ba139b145b fixed hostname for gentoo 2014-12-11 09:05:27 -05:00
Brian Coca
aba9e5e4f9 vastly simplified systemd detection, made enable/disable errors clearer 
both of which allows us to remove 'service name detection' as if systemd
is init we still use it to handle initscripts.
 2014-12-08 08:15:54 -05:00
Brian Coca
df6d58614e now actually adds usable name for systemd when service only has init 
script
 2014-12-05 12:45:01 -05:00
Toshio Kuratomi
5af4463823 Gixes to doc formatting 2014-12-03 08:17:15 -08:00
Toshio Kuratomi
799a75580a Update cron example for setting to run twice a day 
Fixes #415
 2014-12-02 14:38:32 -08:00
Brian Coca
943f8fe7c9 Merge pull request #346 from bcoca/service_cleanup 
service cleanup
 2014-12-02 11:03:03 -05:00
Jonathan Mainguy
a75bef5bc6 Fixes bind mounts 
Fixed tab's and spaces, or so I think I did

Fixed tabs and spaces for real this time
 2014-12-01 21:31:44 -05:00
Achilleas Pipinellis
a375ce33d3 Clarify supported init systems. 2014-12-01 16:15:24 +02:00
Pascal Borreli
32a00ec3a3 Fixed typo 2014-11-28 16:36:21 +01:00
Fabrice Bernhard
1ef8c26c0e Typo in comments 
Credit goes to @kbsali 
@pborreli : you did not see that one? :-)
 2014-11-27 12:36:34 +01:00
Brian Coca
29d211e7ab service cleanup 2014-11-17 22:32:16 -05:00
Brian Coca
f49120598f service now detects systemd is actually running, not just installed 2014-11-17 15:03:49 -05:00
Jonathan Mainguy
8b8008569f fixes user module for rhel5 by using -n instead of -N, all other distros will still use -N 2014-11-17 13:26:08 -05:00
Robert Estelle
4dd099fe7a Remove incorrect executable permissions. 2014-11-13 18:08:48 -05:00
Brian Coca
04680ce228 Merge pull request #286 from bcoca/hostname_24_compatible 
made hostname work with python 2.4
 2014-11-13 12:39:01 -05:00
Patrik Lundin
eea4d06848 Fix typo: Replace "N0" with "NO". 2014-11-13 12:39:29 +01:00
Brian Coca
83669d7eda switched to iterator as per comments 2014-11-11 09:39:03 -05:00
Martijn P. Rijkeboer
5257222f33 Fix whitespace around '=' in sysctl.conf. 2014-11-10 20:00:28 +01:00
Brian Coca
e4b6968901 made hostname work with python 2.4 2014-11-08 12:08:47 -05:00
David Fritzsche
c96a85fb70 Add working status detection for pf on FreeBSD 
The return code of "service pf onestatus" is usually zero on FreeBSD (tested with FreeBSD 10.0), even if pf is not running. So the service module always thinks that pf is running, even when it needs to be started.
 2014-10-31 11:41:51 +01:00
Toshio Kuratomi
7f611468a8 Fix for systemd service scripts with newlines 
Fixes #127
 2014-10-22 16:43:35 -04:00
Patrik Lundin
f9d9c1b6d7 Multiple fixes for OpenBSD rcctl handling. 
* Use the newly added 'default' argument to know if the default flags are set
  or not.
* Handle that 'status' may either return flags or YES/NO.
* Centralize flag handling logic.
* Set action variable after check if we need to keep going.

Big thanks to @ajacoutot for implementing the rcctl 'default' argument.
 2014-10-12 18:41:23 +02:00
Patrik Lundin
e463400412 Simplify self.arguments logic. 
Strange logic pointed out by @jarmani, thanks!
 2014-10-06 21:20:20 +02:00
Patrik Lundin
924cf20cf8 Depend more on rcctl if it is present. 
* Make the module support enable/disable of special services like pf via rcctl.
  Idea and method from @jarmani.
* Make the module handle when the user supplied 'arguments' variable does not
  match the current flags in rc.conf.local.
* Update description now that the code tries to use rcctl for everything if it
  is available.
 2014-10-06 21:20:20 +02:00
Patrik Lundin
5f37624eb4 Tweak error checking for "enabled" code. 
Based on input from @jarmani:
* A return value of 2 now means a service does not exist. Instead of
  trying to handle the different meanings of rc after running "status",
  just look at stderr to know if something failed.
* Skip looking at stdout to make the code cleaner. Any errors should
  turn up on stderr.
 2014-10-06 21:20:20 +02:00
Patrik Lundin
c6dd88c1d1 Fail if "rcctl status" writes to stderr. 2014-10-06 21:20:20 +02:00
Patrik Lundin
1a8cdb5e3e Check rc and print error message if any. 
It is probably good to use stdout before printing a generic error
message as well.
 2014-10-06 21:20:20 +02:00
Patrik Lundin
c46e030100 Make "enabled" code aware of --check mode. 2014-10-06 21:20:20 +02:00
Jonathan Armani
1b97390765 Add enable / disable of services for OpenBSD if rcctl is present 2014-10-06 21:20:20 +02:00
billwanjohi
ff36edbb11 user: add expired state 
ported from
https://github.com/ansible/ansible/pull/6303

It's very useful and routine to disable a *nix user.
I implemented expired instead of locked because this prevents any use of
the account, safer than just preventing password-based authentication.

I have tests [1], but since none of the suite came along with the core
modules, I'm unsure how to submit them.

[1] https://github.com/billwanjohi/ansible/blob/add_locked_state/test/integration/roles/test_user/tasks/main.yml
 2014-09-29 22:42:28 +00:00
kustodian
82af074382 Set selinux state to 'permissive' for state=disabled 2014-09-30 00:33:55 +02:00
Michael Scherer
37d9903169 Add hostname to generated user SSH key comment 
The default is not very useful to sort between different
keys and user. Adding the hostname in the comment permit to later
sort them if you start to reuse the key and set them in different
servers. See https://github.com/ansible/ansible/pull/7420
for the rational.
 2014-09-29 18:07:41 -04:00
Michael DeHaan
385a037cd6 package files 2014-09-26 11:05:47 -04:00
Michael DeHaan
c8e1a2077e file extensions! 2014-09-26 10:37:56 -04:00
Michael DeHaan
417309a626 Restructuring. 2014-09-26 10:13:26 -04:00
Michael DeHaan
73123b69fa Move modules into subdirectory. 2014-09-26 09:23:50 -04:00
Toshio Kuratomi
8b81062be0 The fix for gh-7284 causes problems for initscripts which have the 
standards compliant return codes but return a verbose error message via
stdout.  Limit the times when we invoke the heuristic to attempt to work
around this.
 2014-09-22 14:53:07 -04:00
Michael Scherer
c9a0a7ae4b Fix #9704, correctly set changed as false when nothing is done 2014-09-21 14:55:31 +02:00
Toshio Kuratomi
7b100dd389 Be more specific in checking if a job restarted successfully. 
Fixes: #9056
 2014-09-19 12:03:27 -07:00
Toshio Kuratomi
36083c3b90 Failure to enable a service now fails the task 
Fixes: 8855
 2014-09-18 12:39:54 -07:00
Toshio Kuratomi
a50258d26a remove debugging that was causing failure 2014-09-17 10:25:54 -07:00