Allow copy to writable files in unwritable dirs (#23509)

unsafe_writes currently allows updating a file that can be updated but
not removed (for instance, when docker mounted).  This change also
allows unsafe_writes to write to writable files in unwritable dirs. For
instance, if a system has made a single file inside of /etc/ writable to
a specific normal user.

Fixes #14961
This commit is contained in:
Toshio Kuratomi 2017-07-20 12:41:57 -07:00 committed by GitHub
commit 3a2afc7825
2 changed files with 46 additions and 36 deletions

View file

@ -360,7 +360,8 @@ def main():
if "permission denied" in to_native(e).lower():
module.fail_json(msg="Destination directory %s is not accessible" % (os.path.dirname(dest)))
module.fail_json(msg="Destination directory %s does not exist" % (os.path.dirname(dest)))
if not os.access(os.path.dirname(b_dest), os.W_OK):
if not os.access(os.path.dirname(b_dest), os.W_OK) and not module.params['unsafe_writes']:
module.fail_json(msg="Destination %s not writable" % (os.path.dirname(dest)))
backup_file = None