mirror of
				https://github.com/ansible-collections/community.general.git
				synced 2025-10-24 21:14:00 -07:00 
			
		
		
		
	[PR #8057/c13bede0 backport][stable-7] pam_limits: do not create file in check mode when it does not exist (#8070)
pam_limits: do not create file in check mode when it does not exist (#8057)
Do not create file in check mode when it does not exist.
(cherry picked from commit c13bede0c5)
Co-authored-by: Felix Fontein <felix@fontein.de>
	
	
This commit is contained in:
		
					parent
					
						
							
								0c676df7cf
							
						
					
				
			
			
				commit
				
					
						ddf566a729
					
				
			
		
					 2 changed files with 17 additions and 10 deletions
				
			
		
							
								
								
									
										2
									
								
								changelogs/fragments/8057-pam_limits-check-mode.yml
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										2
									
								
								changelogs/fragments/8057-pam_limits-check-mode.yml
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,2 @@ | ||||||
|  | bugfixes: | ||||||
|  |   - "pam_limits - when the file does not exist, do not create it in check mode (https://github.com/ansible-collections/community.general/issues/8050, https://github.com/ansible-collections/community.general/pull/8057)." | ||||||
|  | @ -175,7 +175,6 @@ def main(): | ||||||
|     limits_conf = '/etc/security/limits.conf' |     limits_conf = '/etc/security/limits.conf' | ||||||
| 
 | 
 | ||||||
|     module = AnsibleModule( |     module = AnsibleModule( | ||||||
|         # not checking because of daisy chain to file module |  | ||||||
|         argument_spec=dict( |         argument_spec=dict( | ||||||
|             domain=dict(required=True, type='str'), |             domain=dict(required=True, type='str'), | ||||||
|             limit_type=dict(required=True, type='str', choices=pam_types), |             limit_type=dict(required=True, type='str', choices=pam_types), | ||||||
|  | @ -201,6 +200,7 @@ def main(): | ||||||
|     new_comment = module.params['comment'] |     new_comment = module.params['comment'] | ||||||
| 
 | 
 | ||||||
|     changed = False |     changed = False | ||||||
|  |     does_not_exist = False | ||||||
| 
 | 
 | ||||||
|     if os.path.isfile(limits_conf): |     if os.path.isfile(limits_conf): | ||||||
|         if not os.access(limits_conf, os.W_OK): |         if not os.access(limits_conf, os.W_OK): | ||||||
|  | @ -208,7 +208,7 @@ def main(): | ||||||
|     else: |     else: | ||||||
|         limits_conf_dir = os.path.dirname(limits_conf) |         limits_conf_dir = os.path.dirname(limits_conf) | ||||||
|         if os.path.isdir(limits_conf_dir) and os.access(limits_conf_dir, os.W_OK): |         if os.path.isdir(limits_conf_dir) and os.access(limits_conf_dir, os.W_OK): | ||||||
|             open(limits_conf, 'a').close() |             does_not_exist = True | ||||||
|             changed = True |             changed = True | ||||||
|         else: |         else: | ||||||
|             module.fail_json(msg="directory %s is not writable (check presence, access rights, use sudo)" % limits_conf_dir) |             module.fail_json(msg="directory %s is not writable (check presence, access rights, use sudo)" % limits_conf_dir) | ||||||
|  | @ -224,15 +224,20 @@ def main(): | ||||||
| 
 | 
 | ||||||
|     space_pattern = re.compile(r'\s+') |     space_pattern = re.compile(r'\s+') | ||||||
| 
 | 
 | ||||||
|  |     if does_not_exist: | ||||||
|  |         lines = [] | ||||||
|  |     else: | ||||||
|  |         with open(limits_conf, 'rb') as f: | ||||||
|  |             lines = list(f) | ||||||
|  | 
 | ||||||
|     message = '' |     message = '' | ||||||
|     f = open(limits_conf, 'rb') |  | ||||||
|     # Tempfile |     # Tempfile | ||||||
|     nf = tempfile.NamedTemporaryFile(mode='w+') |     nf = tempfile.NamedTemporaryFile(mode='w+') | ||||||
| 
 | 
 | ||||||
|     found = False |     found = False | ||||||
|     new_value = value |     new_value = value | ||||||
| 
 | 
 | ||||||
|     for line in f: |     for line in lines: | ||||||
|         line = to_native(line, errors='surrogate_or_strict') |         line = to_native(line, errors='surrogate_or_strict') | ||||||
|         if line.startswith('#'): |         if line.startswith('#'): | ||||||
|             nf.write(line) |             nf.write(line) | ||||||
|  | @ -323,17 +328,17 @@ def main(): | ||||||
|         message = new_limit |         message = new_limit | ||||||
|         nf.write(new_limit) |         nf.write(new_limit) | ||||||
| 
 | 
 | ||||||
|     f.close() |  | ||||||
|     nf.flush() |     nf.flush() | ||||||
| 
 | 
 | ||||||
|     with open(limits_conf, 'r') as content: |  | ||||||
|         content_current = content.read() |  | ||||||
| 
 |  | ||||||
|     with open(nf.name, 'r') as content: |     with open(nf.name, 'r') as content: | ||||||
|         content_new = content.read() |         content_new = content.read() | ||||||
| 
 | 
 | ||||||
|     if not module.check_mode: |     if not module.check_mode: | ||||||
|         # Copy tempfile to newfile |         if does_not_exist: | ||||||
|  |             with open(limits_conf, 'a'): | ||||||
|  |                 pass | ||||||
|  | 
 | ||||||
|  |         # Move tempfile to newfile | ||||||
|         module.atomic_move(nf.name, limits_conf) |         module.atomic_move(nf.name, limits_conf) | ||||||
| 
 | 
 | ||||||
|     try: |     try: | ||||||
|  | @ -344,7 +349,7 @@ def main(): | ||||||
|     res_args = dict( |     res_args = dict( | ||||||
|         changed=changed, |         changed=changed, | ||||||
|         msg=message, |         msg=message, | ||||||
|         diff=dict(before=content_current, after=content_new), |         diff=dict(before=b''.join(lines), after=content_new), | ||||||
|     ) |     ) | ||||||
| 
 | 
 | ||||||
|     if backup: |     if backup: | ||||||
|  |  | ||||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue