Commit graph

12927 commits

Author SHA1 Message Date
Michael Scherer
817335ae0d Client_secret is supposed to be kept secret, so mark it as no_log (#1995) 2016-12-08 11:34:03 -05:00
nitzmahone
bd3172b2e8 win_updates fix to use documented InstanceGuid property name 2016-12-08 11:34:03 -05:00
nitzmahone
e20eac089f win_updates shouldn't install hidden updates 2016-12-08 11:34:03 -05:00
Michael Scherer
e7e1a8bfea Avoid token leak by marking it as sensitive with no_log (#1966) 2016-12-08 11:34:03 -05:00
Michael Scherer
ed69d8335e Properly label path argument with type='path' (#1940) 2016-12-08 11:34:03 -05:00
Michael Scherer
b8706a1f95 Do not leak mail password by error 2016-12-08 11:34:03 -05:00
Michael Scherer
0dd3296ddd Mark password as 'no_log', to avoid leaking it 2016-12-08 11:34:03 -05:00
Rob
b93fda8573 Updated Amazon module guidelines regarding boto3
* Updated Amazon module guidelines regarding boto3

* Spelling correction
2016-12-08 11:34:03 -05:00
Andy Baker
c0d281e290 type should be 'list' not the default of 'string' 2016-12-08 11:34:03 -05:00
Evgeni Golov
1847f19e41 don't create world-readable archives of LXC containers
with the default umask tar will create a world-readable archive of the

container, which may contain sensitive data

Signed-off-by: Evgeni Golov <evgeni@golov.de>
2016-12-08 11:34:03 -05:00
Michael Scherer
3b79c1621b Prevent password leaks in notification/irc 2016-12-08 11:34:03 -05:00
Michael Scherer
67b2623e92 Use no_log=True for campfire module to avoid leaks 2016-12-08 11:34:03 -05:00
Michael Scherer
f2bf444395 Set no log for jabber.py password 2016-12-08 11:34:03 -05:00
Evgeni Golov
16b2d85d34 do not use a predictable filenames in the LXC plugin
* do not use a predictable filename for the LXC attach script

* don't use predictable filenames for LXC attach script logging

* don't set a predictable archive_path

this should prevent symlink attacks which could result in

* data corruption

* data leakage

* privilege escalation
2016-12-08 11:34:03 -05:00
Michael Scherer
f47a756c46 Add proper type to cpanm arguments
from_path, locallib, executable should be path to benefits
from path expansion for ~user.
2016-12-08 11:34:03 -05:00
Chulki Lee
432a9a31ca osx_defaults: fix datetime
Fix #1742
2016-12-08 11:34:02 -05:00
Matt Martz
c8bd27f1e8 Rebase PRs against $TRAVIS_BRANCH before performing tests 2016-12-08 11:34:02 -05:00
mo@oclab.net
20fd04b9e7 firewalld: fixes documentation
- removes warning, aligning to existing documentation
- adds version
2016-12-08 11:34:02 -05:00
mo@oclab.net
8b2d484032 firewalld: add/remove interfaces to/from zones 2016-12-08 11:34:02 -05:00
David Hocky
aabd6390d4 fix dscp marking documentation in iptables module 2016-12-08 11:34:02 -05:00
Evgeni Golov
88d8820f1b explicitly set "default: null" in the docs 2016-12-08 11:34:02 -05:00
Evgeni Golov
e1846d2e4b do not set a default config for lxc containers
otherwise deploying user-containers fail as these require information
from ~/.config/lxc/default.conf that the LXC tools will load if no
--config was supplied

Signed-off-by: Evgeni Golov <evgeni@golov.de>
2016-12-08 11:34:02 -05:00
Chris Porter
2b8b04638d fix security vulnerability in lxc module
octal/decimal confusion makes file world-writable before executing it
2016-12-08 11:34:02 -05:00
Hans-Joachim Kliemeck
e3d8facc7f fixxed tests 2016-12-08 11:34:02 -05:00
Hans-Joachim Kliemeck
c82d72e12a fixed problems related to userpricincipalname (user@domain) and undefined variables fixed variable capitalization 2016-12-08 11:34:02 -05:00
Hans-Joachim Kliemeck
186197397c fixxed problem with match @ 2016-12-08 11:34:02 -05:00
Hans-Joachim Kliemeck
9ba30d2cea only call set-acl if necessary 2016-12-08 11:34:02 -05:00
Hans-Joachim Kliemeck
700ca56c61 as suggested by @marcind, convert to boolean 2016-12-08 11:34:02 -05:00
Hans-Joachim Kliemeck
404483ea83 fixed documentation 2016-12-08 11:34:02 -05:00
Hans-Joachim Kliemeck
de4a271dd0 added userprincipal support 2016-12-08 11:34:02 -05:00
Hans-Joachim Kliemeck
65d5658553 added separate module to change owner, since win_acl is ACL only and should not be more complex 2016-12-08 11:34:02 -05:00
Marcos Diez
1aec0a3ffb mongodb_user.py: changes on comments 2016-12-08 11:34:01 -05:00
Marcos Diez
37ba9a3fe1 mongodb_user: fix checking if the roles of an oplog reader user changed 2016-12-08 11:34:01 -05:00
Guillaume Dufour
dc83f2c6d7 use python fallback to avoid error on old mongo version without roles 2016-12-08 11:34:01 -05:00
Guillaume Dufour
467d9a8090 avoid problem with old mongo version without roles 2016-12-08 11:34:01 -05:00
Guillaume Dufour
b07e1c13f7 fix #1731 : mongodb_user always says changed 2016-12-08 11:34:01 -05:00
John Barker
d20b7ee6e6 restore version_added in dynamodb_table.py 2016-12-08 11:34:01 -05:00
Matt Hite
846a538648 Allow port 0 as a valid pool member port 2016-12-08 11:34:01 -05:00
Jason Witkowski
48931065e5 The current module supporting F5 BIGIP pool creation does not support a setup where the port number must be zero to signify the pool will listen on multiple ports. This change implements that functionality and fixes an illogical conditional. 2016-12-08 11:34:01 -05:00
Michael Scherer
a21ab5b990 Use type='path' for reposdir, since that's a path 2016-12-08 11:34:01 -05:00
Rene Moser
051b11b983 openstack: doc: add return doc, fixes build 2016-12-08 11:34:01 -05:00
Paul Seiffert
48223fd268 Allow Datadog metric alerts to define multiple thresholds 2016-12-08 11:34:01 -05:00
David Shrewsbury
33d3616bab Add OpenStack os_user_role module 2016-12-08 11:34:01 -05:00
Michael Scherer
dc94ce72c7 Use boolean instead of "yes" + choice for most option
This enable a more standard behavior with others modules
2016-12-08 11:34:01 -05:00
Michael Scherer
2a0c9bb3a2 Use type 'path' for rootdir, for pkgng 2016-12-08 11:34:01 -05:00
Michael Gruener
bdeb5af740 cloudflare_dns: Cosmetic cleanup 2016-12-08 11:34:01 -05:00
Michael Gruener
90503c9f2a cloudflare_dns: normalize return value and docs 2016-12-08 11:34:00 -05:00
Michael Gruener
95f270089b cloudflare_dns: Cleanup record update handling 2016-12-08 11:34:00 -05:00
Michael Gruener
78640328cb cloudflare_dns: Allow CNAME content updates 2016-12-08 11:34:00 -05:00
Michael Gruener
41ed47d66e cloudflare_dns: Fix solo SRV record creation 2016-12-08 11:34:00 -05:00