Re: [ansible-devel] Remote Env Setup Queries
The environment: directive exists so each module does not need to implement what you are asking. -- Brian Coca -- You received this message because you are subscribed to the Google Groups "Ansible Development" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-devel+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [ansible-devel] Re: IMPORTANT - New RCs for Security Bug CVE-2016-9587
Most older versions should be vulnerable, we recommend upgrading to 2.1 or 2.2 once we release the fix. -- Brian Coca -- You received this message because you are subscribed to the Google Groups "Ansible Development" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-devel+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-devel] private module_utils
For hacking on new modules that will import libraries that are also being hacked on, there doesn't appear to be a way currently to import. Digging around recently, I saw mentions that with the ziploader addition (which became ansiballs... great name!) that a private module_utils would be worked on. Is this still planned? -- You received this message because you are subscribed to the Google Groups "Ansible Development" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-devel+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-devel] Re: IMPORTANT - New RCs for Security Bug CVE-2016-9587
Does this apply to ansible 1.9? On Monday, January 9, 2017 at 10:57:09 AM UTC-6, James Cammarata wrote: > > Hi all, > > Today we are releasing two new release candidates to address CVE-2016-9587, > which we are removing from embargo today: > > 2.1.4 RC1 > 2.2.1 RC3 > > CVE-2016-9587 is rated as HIGH in risk, as a compromised remote system > being managed > via Ansible can lead to commands being run on the Ansible controller (as > the user > running the ansible or ansible-playbook command). > > If you have the ability, please test the above release candidates so that > we can get > the final releases out as quickly as possible. > > Finally, thanks to the security team at Computest, who did an amazing job > of finding > the flaws and creating an excellent set of tests to reproduce them for us. > > Thanks, and let us know if you run into any problems with the above > release candidates! > > James Cammarata > > Ansible Lead/Sr. Principal Software Engineer > Ansible by Red Hat > twitter: @thejimic, github: jimi-c > -- You received this message because you are subscribed to the Google Groups "Ansible Development" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-devel+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-devel] Remote Env Setup Queries
I'm working on a custom module but having issues with the environment setup on the remote server. How should the remote environment variables be correctly setup. I've been looking here http://docs.ansible.com/ansible/dev_guide/developing_modules.html but not found anything yet or I might have simply missed it. At the moment I'm doing a shell task, along the lines of ". PATH/env.sh && myscript.py", also doing sudo: yes, sudo_user: "{{ remote_user }}" Ideally I'ld like to know how I can specify PATH as a field for my module, then before the module executes on the target server the env.sh is executes before the actual task. Or if people know another module which does similar I don't mine reviewing that and working it out for myself. I just can't figure out how to source the shell script beforehand. Cheers, John -- You received this message because you are subscribed to the Google Groups "Ansible Development" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-devel+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-devel] Re: IMPORTANT - New RCs for Security Bug CVE-2016-9587
Are you will add in debian repository the fixes ? Thank for your support Le lundi 9 janvier 2017 17:57:09 UTC+1, James Cammarata a écrit : > > Hi all, > > Today we are releasing two new release candidates to address CVE-2016-9587, > which we are removing from embargo today: > > 2.1.4 RC1 > 2.2.1 RC3 > > CVE-2016-9587 is rated as HIGH in risk, as a compromised remote system > being managed > via Ansible can lead to commands being run on the Ansible controller (as > the user > running the ansible or ansible-playbook command). > > If you have the ability, please test the above release candidates so that > we can get > the final releases out as quickly as possible. > > Finally, thanks to the security team at Computest, who did an amazing job > of finding > the flaws and creating an excellent set of tests to reproduce them for us. > > Thanks, and let us know if you run into any problems with the above > release candidates! > > James Cammarata > > Ansible Lead/Sr. Principal Software Engineer > Ansible by Red Hat > twitter: @thejimic, github: jimi-c > -- You received this message because you are subscribed to the Google Groups "Ansible Development" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-devel+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.