Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
A
ansible
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
OpenEdx
ansible
Commits
23f2a7fc
Commit
23f2a7fc
authored
Dec 13, 2012
by
Stephen Fromm
Browse files
Options
Browse Files
Download
Plain Diff
Merge pull request #1771 from sfromm/issue1762
Ensure files created by authorized_key have correct selinux context
parents
bf73ac76
ccca5fcd
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
14 additions
and
0 deletions
+14
-0
lib/ansible/module_common.py
+10
-0
library/authorized_key
+4
-0
No files found.
lib/ansible/module_common.py
View file @
23f2a7fc
...
@@ -275,6 +275,12 @@ class AnsibleModule(object):
...
@@ -275,6 +275,12 @@ class AnsibleModule(object):
group = str(gid)
group = str(gid)
return (user, group)
return (user, group)
def set_default_selinux_context(self, path, changed):
if not HAVE_SELINUX or not self.selinux_enabled():
return changed
context = self.selinux_default_context(path)
return self.set_context_if_different(path, context, False)
def set_context_if_different(self, path, context, changed):
def set_context_if_different(self, path, context, changed):
if not HAVE_SELINUX or not self.selinux_enabled():
if not HAVE_SELINUX or not self.selinux_enabled():
...
@@ -658,6 +664,10 @@ class AnsibleModule(object):
...
@@ -658,6 +664,10 @@ class AnsibleModule(object):
if self.selinux_enabled():
if self.selinux_enabled():
context = self.selinux_context(dest)
context = self.selinux_context(dest)
self.set_context_if_different(src, context, False)
self.set_context_if_different(src, context, False)
else:
if self.selinux_enabled():
context = self.selinux_default_context(dest)
self.set_context_if_different(src, context, False)
os.rename(src, dest)
os.rename(src, dest)
# == END DYNAMICALLY INSERTED CODE ===
# == END DYNAMICALLY INSERTED CODE ===
...
...
library/authorized_key
View file @
23f2a7fc
...
@@ -97,6 +97,8 @@ def keyfile(module, user, write=False):
...
@@ -97,6 +97,8 @@ def keyfile(module, user, write=False):
if
not
os
.
path
.
exists
(
sshdir
):
if
not
os
.
path
.
exists
(
sshdir
):
os
.
mkdir
(
sshdir
,
0700
)
os
.
mkdir
(
sshdir
,
0700
)
if
module
.
selinux_enabled
():
module
.
set_default_selinux_context
(
sshdir
,
False
)
os
.
chown
(
sshdir
,
uid
,
gid
)
os
.
chown
(
sshdir
,
uid
,
gid
)
os
.
chmod
(
sshdir
,
0700
)
os
.
chmod
(
sshdir
,
0700
)
...
@@ -105,6 +107,8 @@ def keyfile(module, user, write=False):
...
@@ -105,6 +107,8 @@ def keyfile(module, user, write=False):
f
=
open
(
keysfile
,
"w"
)
#touches file so we can set ownership and perms
f
=
open
(
keysfile
,
"w"
)
#touches file so we can set ownership and perms
finally
:
finally
:
f
.
close
()
f
.
close
()
if
module
.
selinux_enabled
():
module
.
set_default_selinux_context
(
keysfile
,
False
)
os
.
chown
(
keysfile
,
uid
,
gid
)
os
.
chown
(
keysfile
,
uid
,
gid
)
os
.
chmod
(
keysfile
,
0600
)
os
.
chmod
(
keysfile
,
0600
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
