This was originally to match what puppet agent --test is, since the
rest of the options defaulted to on are grabbed from --test. However,
some security concerns have since been raised - namely that since this
is not the same invocation as --test but instead a remote orchestration
of puppet, the fact that passwords leak into the diff is a dangerous
default.
This reverts commit b86762c1806aa7f021a4780d06db2d3937910a62.
Early pam_limits module didn't support special values for items.
This patch is adding support to special values unlimited, infinity and -1.
Issue: https://github.com/ansible/ansible-modules-extras/issues/1033
Signed-off-by: Ondra Machacek <machacek.ondra@gmail.com>
package_latest was calling package_present but did not care
about the return code so errors in package_present were hidden
and everthing look ok on the console when zypper update did not fail,
but no packages where installed.
pkgin searches for packages such as 'emacs' can return multiple matches,
the first of which is not guaranteed to match. So, iterate through
found packages until we have an appropriate match. Should we *not* find
a match, then return False indicating match failure.
This is a very much needed flag. To turn on/off existing firewall rules. And like the recent fix of the 'Profile' key, the netsh cmd prints 'Enabled' in the textual output. (at least on win10 it does). So again a similar small code added for the necessary exception handling when the difference check happens.
Please merge / push upstream like the other fixes. Many thanks. This is the last fix I have put together for this patch set. So I will raise my PR now.
But if you want to fix more bugs, it seems there may be others. In terms of the control code. Sometimes it will delete a rule under 'force' condition (when found difference) - but instead it is supposed to just modify the existing rule. Some weird behaviour regarding that. The other problem is that ansible does not return the error text printed by 'netsh' cmd verbatim... but it should as that makes debugging these errors a *lot* easier.
Hi again. This commit removes a small portion of your script's own internal error checking. In specific: for the value of the profile: key. This is essential to avoid errors on other verisons of the windows operating system which are not win2008r2 (your version).
For example: on win10 (and most likely win8x too), the names of the profiles don't include the values 'current' and 'all'. But instead the values are 'Public' 'Private' 'Domain' and 'Any. But in addition, there are also certain combinatorial values, such as profile=Public,Private etc. Which is too many to error check yourself.
Yet removing the error checking here should not cause any ill effects however: since the netsh advfirewall ... cmds themselves to add / remove / modify actually to their own error checking of the profile=value. So when the cmd is run, it will error out itself with an appropriate / informative error msg. No harm done.
Therefore please remove the highlighed portions from your own script. It is essential for interoperability with win10 and win8x. Many thanks.
In win10 (and pribably win8x also):
The output of 'show rule' key includes the line "Profiles:<TAB>Public,Private".
Yet your script expects the key name printed out to be "Profile:<TAB>value".
This commit added the necessary exception handling to avoid flagging 'different=true' under the false circumstance. The key name to SET a firewall rule is still "profile=" and not "profiles=".
There is coming up another commit to fix the value handling for win10/win8. Which is another (different) error with the profile: key.
Without this fix, the 'netsh' command gets name=Firewall Rule Name instead of name="Firewall Rule Name". Thus causing all sorts of havoc. Basic shell quoting rules seems to apply to Windows Powershell too. This is very much needed as many of windows 10's default firewall rules contain spaces and brackets () characters.