ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-08-03 12:44:22 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

Merge 1548e339eb into 84b5d38c51

Browse source
This commit is contained in:
Giorgos Drosos 2025-07-30 05:10:23 -04:00 committed by GitHub
commit b2192e70d5
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 74 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

3
changelogs/fragments/10484-kernel_blacklist-handle-file-exceptions-gracefully.yml Normal file
View file

@ -0,0 +1,3 @@
bugfixes:
- kernel_blacklist - handle file exceptions gracefully
(https://github.com/ansible-collections/community.general/issues/10482, https://github.com/ansible-collections/community.general/pull/10484).

33
plugins/modules/kernel_blacklist.py
View file

@ -69,15 +69,23 @@ class Blacklist(StateModuleHelper):
def __init_module__(self): def __init_module__(self):
self.pattern = re.compile(r'^blacklist\s+{0}$'.format(re.escape(self.vars.name))) self.pattern = re.compile(r'^blacklist\s+{0}$'.format(re.escape(self.vars.name)))
self.vars.filename = self.vars.blacklist_file self.vars.filename = self.vars.blacklist_file
self.vars.set('file_exists', os.path.exists(self.vars.filename), output=False, change=True) try:
if not self.vars.file_exists: dirpath = os.path.dirname(self.vars.filename)
with open(self.vars.filename, 'a'): if not os.path.isdir(dirpath):
pass self.module.fail_json(msg="The directory {!r} does not exist.".format(dirpath))
self.vars.file_exists = True self.vars.set('file_exists', os.path.exists(self.vars.filename), output=False, change=True)
self.vars.set('lines', [], change=True, diff=True) if not self.vars.file_exists:
else: with open(self.vars.filename, 'a'):
with open(self.vars.filename) as fd: pass
self.vars.set('lines', [x.rstrip() for x in fd.readlines()], change=True, diff=True) self.vars.file_exists = True
self.vars.set('lines', [], change=True, diff=True)
else:
with open(self.vars.filename) as fd:
self.vars.set('lines', [x.rstrip() for x in fd.readlines()], change=True, diff=True)
except (OSError, IOError) as e:
self.module.fail_json(msg="Error accessing or creating blacklist file {!r}: {}".format(self.vars.filename, e))
self.vars.set('file_exists', True, output=False, change=True)
self.vars.set('is_blacklisted', self._is_module_blocked(), change=True) self.vars.set('is_blacklisted', self._is_module_blocked(), change=True)
def _is_module_blocked(self): def _is_module_blocked(self):
@ -104,8 +112,11 @@ class Blacklist(StateModuleHelper):
def __quit_module__(self): def __quit_module__(self):
if self.has_changed() and not self.module.check_mode: if self.has_changed() and not self.module.check_mode:
bkp = self.module.backup_local(self.vars.filename) bkp = self.module.backup_local(self.vars.filename)
with open(self.vars.filename, "w") as fd: try:
fd.writelines(["{0}\n".format(x) for x in self.vars.lines]) with open(self.vars.filename, "w") as fd:
fd.writelines(["{0}\n".format(x) for x in self.vars.lines])
except (OSError, IOError) as e:
self.module.fail_json(msg="Failed to write to blacklist file {!r}: {}".format(self.vars.filename, e))
self.module.add_cleanup_file(bkp) self.module.add_cleanup_file(bkp)

49
tests/integration/targets/kernel_blacklist/tasks/main.yml
View file

@ -153,3 +153,52 @@
- cls_rsvp - cls_rsvp
loop_control: loop_control:
loop_var: line_item loop_var: line_item
- name: Resolve UID of nobody
ansible.builtin.command: id -u nobody
register: nobody_uid
ignore_errors: true
- name: Create file owned by nobody
ansible.builtin.copy:
dest: /tmp/test-blacklist-perm.conf
content: ""
owner: "{{ nobody_uid.stdout | int }}"
mode: '0600'
become: true
when: nobody_uid.rc == 0
- name: Run kernel_blacklist with unreadable file
community.general.kernel_blacklist:
name: lp
state: present
blacklist_file: /tmp/test-blacklist-perm.conf
ignore_errors: true
register: result_perm
when: nobody_uid.rc == 0
- name: Assert module fails gracefully with permission error
ansible.builtin.assert:
that:
- result_perm.failed
- "result_perm.msg is match(\"Failed to write to blacklist file '/tmp/test-blacklist-perm.conf': \\\\[Errno 13\\\\] Permission denied: '.*'\")"
when: nobody_uid.rc == 0
- name: Ensure non-existing path
ansible.builtin.file:
path: /tmp/nonexistent-dir
state: absent
- name: Run kernel_blacklist with nonexistent path
community.general.kernel_blacklist:
name: lp
state: present
blacklist_file: /tmp/nonexistent-dir/blacklist.conf
ignore_errors: true
register: result_missing
- name: Assert module fails gracefully with missing directory error
ansible.builtin.assert:
that:
- result_missing.failed
- result_missing.msg == "The directory '/tmp/nonexistent-dir' does not exist."