* mysql_user: Match quotes, double quotes and backticks when checking current privileges
(cherry picked from commit 1ae0e2138332dad30f5bdd9a46d46b1abf9be868)
* Add changelog fragment for PR #40092
(cherry picked from commit 8974ce3c78557a4ea36b7c33b5dc9361bdea92a1)
* mysql_user: fix malformed regex used to check current privileges
* Raise AnsibleConnectionError on winrm con errors
Currently all uncaught exceptions of the requests library that is used
in winrm will lead to an "Unexpected failure during module execution".
Instead of letting all exceptions bubble up we catch the connection
related errors (inkl. timeouts) and re-raise them as
AnsibleConnectionError so Ansible will mark the host as unreachable and
exit with the correct return code.
This is especially important for Zuul (https://zuul-ci.org) to
distinguish between failures and connection/host related errors.
* Update lib/ansible/plugins/connection/winrm.py
Co-Authored-By: westphahl <westphahl@gmail.com>
* Add changelog fragment
* Disallow use of remote home directories containing .. in their path
* Add CVE to changelog
(cherry picked from commit b34d141)
Co-authored-by: Matt Martz <matt@sivel.net>
* Test out Server 2019 - ci_complete
* run tests and continue on error - ci_complete
* Add the full matrix back in
(cherry picked from commit 0334c20630)
This is an implementation of 8bffcf8e50
that was done in the PR https://github.com/ansible/ansible/pull/48082 to devel.
The changes have been manually brought across to the the stable-2.7 branch as it
cannot be cleanly cherry picked due to the substantial differences in become
between these versions.
Currently we impersonate the `SYSTEM` token in order to elevate our become
process with the highest privileges it has available but there are some edge
cases where the first `SYSTEM` token we come across doesn't have the
`SeTcbPrivilege` which is required for the above. This PR adds a further check
in the search for a `SYSTEM` token to make sure it has the `SeTcbPrivilege`
before continuing.
(cherry picked from commit cc5088c9e1)
* recent changes to args for hosted template file broke the test; changed test to use a specific known-working commit instead of `master`.
* long-term may want to consider hosting the template in httptester or just embedding a local copy
(cherry picked from commit 46bf387)
Co-authored-by: Matt Davis <mrd@redhat.com>
* ansible-test: Add Ubuntu 18.04 to Shippable CI nodes
* re-add ubuntu1604/3 to matrix
* forgot to add environment for git kill gpg-agent
(cherry picked from commit 828df4b336)
* Catch SSH authentication errors and don't retry multiple times to prevent account lock out
Signed-off-by: Sam Doran <sdoran@redhat.com>
* Subclass AnsibleAuthenticationFailure from AnsibleConnectionFailure
Use comparison rather than range() because it's much more efficient.
Signed-off-by: Sam Doran <sdoran@redhat.com>
* Add tests
Signed-off-by: Sam Doran <sdoran@redhat.com>
* Make paramiko_ssh connection plugin behave the same way
Signed-off-by: Sam Doran <sdoran@redhat.com>
* Add changelog
Signed-off-by: Sam Doran <sdoran@redhat.com>
(cherry picked from commit 9d4c0dc111)
* check for result['status'] in systemd module
* instead of checking for result['state'], actually check for chroot and warn
* allow systemctl status to work if in a chroot, update warn text
* simply change warning message
(cherry picked from commit 37960ccc87)
* Fix subversion integration test on Fedora 29.
This upgrades the sqlite-libs and subversion packages to make sure
that the version of sqlite expected by subversion is installed.
* Fix compatibility with RHEL and CentOS.
(cherry picked from commit d4dbc7f2e0)
Co-authored-by: Matt Clay <matt@mystile.com>
* Fix mandatory statement error for junos modules
Fixes#40267
* Add error regex in junos terminal plugin to error out
in case of commit fails
* If commit fails add logic to discard changes before existing
else next task will result in error
* Add integration test
* Minor update
(cherry picked from commit cc8e90395a)
* added missing docs for option in acl module (#50775)
* added missing docs for option in acl module
* remove acl from ignore
(cherry picked from commit 91d8383898)
* Change test suite to fit expected behaviour
This reverts some changes from ansible/ansible@723daf3
If a line is found in the file, exactly or via regexp matching, it must
not be added again.
insertafter/insertbefore options are used only when a line is to be
inserted, to specify where it must be added.
(cherry picked from commit 31c11de2af000972ba13f584e82001a2bc9c062a)
(cherry picked from commit eb92ce3d6f036be24fee1bad479daa4e6bc33221)
* Implement the change in behaviour mentioned in the previous commit
(cherry picked from commit a4141cfa2e49973310bba8c0962ef82d66c35f29)
(cherry picked from commit 6afe25d93e9bfe8059e7aa013b412984e272529d)
* Fix comment to reflect what the code does
(cherry picked from commit 150f5cb232f10e38509823cb5864a9fd800b6df5)
(cherry picked from commit 1a13bf06a3b6920c2c99094980bc85ae53e661cd)
* Set the correct return message.
In these cases, the lines are added, not replaced.
(cherry picked from commit 3216c31401d15906e2435422e71dfb96e30678c4)
(cherry picked from commit 5bd04bd5d57dd283de46ae3049dde6e97cdcf0e0)
* Add a changelog
(cherry picked from commit c39cf6b33269eac35c3c769de41e7c3dea642b68)
(cherry picked from commit fc071636b47c6982eb9b5a508545f78ad8e70e96)