Add partially backwards compatible version of _fixup_perms. (#17427)

Also added a deprecation notice for _fixup_perms. Resolves issue #17352 (assumes custom actions use recursive=False).
2025-07-22 04:40:22 -07:00 · 2016-09-06 16:49:59 -07:00 · 2016-09-06 16:49:59 -07:00 · 94a0d2afb4
commit 94a0d2afb4
parent 1d412059a0
10 changed files with 46 additions and 10 deletions
--- a/lib/ansible/plugins/action/init.py
+++ b/lib/ansible/plugins/action/init.py
@ -293,7 +293,29 @@ class ActionBase(with_metaclass(ABCMeta, object)):

        return remote_path

-    def _fixup_perms(self, remote_paths, remote_user, execute=True):
+    def _fixup_perms(self, remote_path, remote_user, execute=True, recursive=True):
+        """
+        We need the files we upload to be readable (and sometimes executable)
+        by the user being sudo'd to but we want to limit other people's access
+        (because the files could contain passwords or other private
+        information.
+
+        Deprecated in favor of _fixup_perms2. Ansible code has been updated to
+        use _fixup_perms2. This code is maintained to provide partial support
+        for custom actions (non-recursive mode only).
+
+        """
+
+        display.deprecated('_fixup_perms is deprecated. Use _fixup_perms2 instead.', version='2.4', removed=False)
+
+        if recursive:
+            raise AnsibleError('_fixup_perms with recursive=True (the default) is no longer supported. ' +
+                               'Use _fixup_perms2 if support for previous releases is not required. '
+                               'Otherwise use fixup_perms with recursive=False.')
+
+        return self._fixup_perms2([remote_path], remote_user, execute)
+
+    def _fixup_perms2(self, remote_paths, remote_user, execute=True):
        """
        We need the files we upload to be readable (and sometimes executable)
        by the user being sudo'd to but we want to limit other people's access
@ -618,7 +640,7 @@ class ActionBase(with_metaclass(ABCMeta, object)):
        # Fix permissions of the tmp path and tmp files.  This should be
        # called after all files have been transferred.
        if remote_files:
-            self._fixup_perms(remote_files, remote_user)
+            self._fixup_perms2(remote_files, remote_user)

        cmd = ""
        in_data = None