wbrawner/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add new expand_shell argument for run_command, to disable expanding shellisms (#45620)

Browse source 
* Add new expand_shell argument for run_command, to disable expanding shellisms. Fixes #45418

* s/expand_shell/expand_user_and_vars/g
This commit is contained in:
Matt Martz 2018-09-14 15:07:11 -05:00 committed by Brian Coca
parent e46ce1619f
commit 07b2698c03
2 changed files with 17 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
changelogs/fragments/run-command-expand-shell.yaml Normal file
View file

@ -0,0 +1,5 @@
minor_changes:
- run_command - Add a new keyword argument expand_user_and_vars, which defaults to True,
allowing the module author to decide whether or paths and variables
are expanded before running the command when use_unsafe_shell=False
(https://github.com/ansible/ansible/issues/45418)

13
lib/ansible/module_utils/basic.py
View file

@ -2680,7 +2680,8 @@ class AnsibleModule(object):
return self._clean return self._clean
def run_command(self, args, check_rc=False, close_fds=True, executable=None, data=None, binary_data=False, path_prefix=None, cwd=None, def run_command(self, args, check_rc=False, close_fds=True, executable=None, data=None, binary_data=False, path_prefix=None, cwd=None,
use_unsafe_shell=False, prompt_regex=None, environ_update=None, umask=None, encoding='utf-8', errors='surrogate_or_strict'): use_unsafe_shell=False, prompt_regex=None, environ_update=None, umask=None, encoding='utf-8', errors='surrogate_or_strict',
expand_user_and_vars=True):
''' '''
Execute a command, returns rc, stdout, and stderr. Execute a command, returns rc, stdout, and stderr.
@ -2718,6 +2719,11 @@ class AnsibleModule(object):
python3 versions we support) otherwise a UnicodeError traceback python3 versions we support) otherwise a UnicodeError traceback
will be raised. This does not affect transformations of strings will be raised. This does not affect transformations of strings
given as args. given as args.
:kw expand_user_and_vars: When ``use_unsafe_shell=False`` this argument
dictates whether ``~`` is expanded in paths and environment variables
are expanded before running the command. When ``True`` a string such as
``$SHELL`` will be expanded regardless of escaping. When ``False`` and
``use_unsafe_shell=False`` no path or variable expansion will be done.
:returns: A 3-tuple of return code (integer), stdout (native string), :returns: A 3-tuple of return code (integer), stdout (native string),
and stderr (native string). On python2, stdout and stderr are both and stderr (native string). On python2, stdout and stderr are both
byte strings. On python3, stdout and stderr are text strings converted byte strings. On python3, stdout and stderr are text strings converted
@ -2756,8 +2762,11 @@ class AnsibleModule(object):
args = to_text(args, errors='surrogateescape') args = to_text(args, errors='surrogateescape')
args = shlex.split(args) args = shlex.split(args)
# expand shellisms # expand ``~`` in paths, and all environment vars
if expand_user_and_vars:
args = [os.path.expanduser(os.path.expandvars(x)) for x in args if x is not None] args = [os.path.expanduser(os.path.expandvars(x)) for x in args if x is not None]
else:
args = [x for x in args if x is not None]
prompt_re = None prompt_re = None
if prompt_regex: if prompt_regex: