ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-05-30 21:09:09 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

vault noe preserves permissions on edit and rekey and sets a restricitve default umask for all other cases

Browse source
This commit is contained in:
Brian Coca 2015-10-31 13:56:14 -04:00
parent 35bedd1190
commit 00bc74404a
2 changed files with 20 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

6
lib/ansible/cli/vault.py
View file

@ -86,6 +86,9 @@ class VaultCLI(CLI):
super(VaultCLI, self).run()
loader = DataLoader()
# set default restrictive umask
old_umask = os.umask(0o077)
if self.options.vault_password_file:
# read vault_pass from a file
self.vault_pass = CLI.read_vault_password_file(self.options.vault_password_file, loader)
@ -108,6 +111,9 @@ class VaultCLI(CLI):
self.execute()
# and restore umask
os.umask(old_umask)
def execute_encrypt(self):
if len(self.args) == 0 and sys.stdin.isatty():