* Add support for `mysqldump`'s `--ignore_table` switch.
* Fix documentation and default linter warning re: default parameter
* Add number to replacement field in cmd string
* Bump version_added to 2.7
* Set encrypted as default and fix empty password reporting changed
* Starting with Postgres 10 `UNENCRYPTED` passwords are removed and
because of that this module fails with the default `encrypted=no`.
Also encrypted passwords are suported since version 7.2
(https://www.postgresql.org/docs/7.2/static/sql-createuser.html) which
went EOL in 2007 and since 7.3 it is the default. Because of this it
makes a lot more sense to make `encrypted=yes` the default. This won't
break backward compatibility, the module would just update the user's
password in the DB in the hashed format and everything else will work
like before. It's also a security bad practice to store passwords in
plain text. fixes#25823
* There was also a bug with `encrypted=yes` and an empty password always
reported as changed.
* Improved documentation for `encrypted`/`password` parameters, and
removed some obsolete notes about passlib.
* Fix clearing user's password to work with all versions of Postgres
* Add tests for clearing the user password
* Fix documentation atfer rebase
* Add changelog fragment
influxdb_user module has user_name, user_password which may confuse with existing
login arg username and password. Added aliases prefixed ith login_ to
help distinguish.
* Module DOCUMENTATION should match argspec
Large update of many modules so that DOCUMENTATION option name and
aliases match those defined in the argspec.
Issues identified by https://github.com/ansible/ansible/pull/34809
In addition to many typos and missing aliases, the following notable
changes were made:
* Create `module_docs_fragments/url.py` for `url_argument_spec`
* `dellos*_command` shouldn't have ever had `waitfor` (was incorrectly copied)
* `ce_aaa_server_host.py` `s/raduis_server_type/radius_server_type/g`
* `Junos_lldp` enable should be part of `state`.
* Add validation for the next to last line of a module
* Fix last error code
* Reduce to a single conditional
* Fix conditionals
* Move the final warnings statement to main() in mysql_replication
This fix removes a deprecated Postgresql User role attribute
called 'CREATEUSER' and 'NOCREATEUSER'. Also, updated documentation
for deprecation.
Fixes: #24928
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Bulk pep8 fixes - hand crafted
Fix by hand the remaining issues that autopep8 couldn't
* Next batch of hand crafted pep8 fixes
* Ignore W503
https://github.com/PyCQA/pycodestyle/pull/499
* Revert more of W503
This fix adds additional check to get details about roles
from pg_roles instead of pg_authid. On AWS RDS instances,
access to pg_authid is restricted for security reasons.
Fixes: #32358
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
Bug fix: Permissions were not parsed correctly if the database name contains a colon (:) character. For example, a privilege string of "*.*:USAGE/`lnx-www-prod:wordpress`.*:ALL" would fail with "invalid privileges string: Invalid privileges specified: frozenset(['WORDPRESS`.*'])". This 1-line fix works around the problem.
This fix allows user to specify alternative maintenance DB
required for initial connection in Postgresql_db module.
Also, adds pep8 related fixes.
Fixes: #30017
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
This fix adds handling of error/exception message using
to_native API instead of decoding.
Also, fixes PEP8 errors.
Fixes: #31825
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
This fix adds documentation update and example update
for user's password expiration option 'expire' in postgresql_user.
Now, option is more clear and explicit about default value.
Fixes: #30195
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
The fix adds exception handling while user add operation in
postgresql_user module.
Fixes: #29738
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
It could be something like '10beta4', which StrictVersion() would
reject. When Postgres 10 is released, it will be '10', which
StrictVersion() would STILL reject.
Fortunately, psycopg2 has a 'server_version' connection attribute that
is guaranteed to be an integer like 90605 for version 9.6.5, or 100000
for version 10. We can safely use this for version-specific code.
* Update elasticsearch_plugin.py
Change module to work with Elasticsearch 2.x and 5.x automatically.
Update examples and docs.
Supersedes #21989
* Check system paths for elasticsearch-plugin binary
Use get_bin_path from basic.py for searching paths.
* Create a copy of PLUGIN_BIN_PATHS rather than modifying the global
* Use provided plugin_bin path first before trying other places
Change global PLUGIN_BIN_PATHS to a tuple
Fix adds missing imports and boilerplate for proxysql.
It also remove get_exception calls in-favor of native exception.
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* Allow creation of user with localhost exception.
Fixes#22791
When access control is enabled, Mongo allows a user to be created from
localhost (called the "localhost exception":
https://docs.mongodb.com/v3.2/core/security-users/#localhost-exception).
When the `update_password` parameter was added to this module in
Ansible 2.1, this functionality was broken due to a query performed
before `user_add()` is called. This fix only performs the query when
when `update_password` is set to `on-create`, allowing a user to be
created via the localhost exception.
* Only set `password = None` when user exists.
* Feature #2731: added postgres import and dump
* Feature #2731: be more permissive of arguments
```
hacking/test-module -m ./ppostgresql_db.py -a "db=example state=dump target=/tmp/out"`
```
failed previously since host, user, and port were required as keywords
in the pg_dump / pg_import methods.
* Feature #2731: fixed doc string for validate-modules
```
$ ansible-validate-modules database/postgresql/
```
now passes.
* Feature #2731: disable 'password' for dump/restore
* Feature #2731: bump added version to 2.3
* Feature #2731: replace db_import with db_restore
* Feature #2731: add missing version description
* Feature #2731: fix 'state' description
* Feature #2731: fix pep8 issues
* Feature #2731: put state documentation in a single string
* Bump added version from 2.3 to 2.4
* Fix pep8 and pylint errors
* Attempt yaml formatting of documentation string
* Add integration tests for postgres_db:dump/restore
* Update dump/restore logic to support new kw-args
Also attempt to support password; integration tests are
still failing.
* Revert to postgres user for dump/restore
Passing PGPASSWORD is not working for subprocesses. For the
moment, reverting to the strategy of failing if login_password
is set and using `postgres` for all testing of dump/restore.
* Various cleanups to have tests passing
* Working tests for {sql,tar} x {,bz2,gz,xz}
* Use pg_user to support FreeBSD
* Revert login_ prefixes and re-enable password support
All `login_` keywords are mapped to their non-prefix versions
so the previous changes were effectively using `postgres` for
all actions. With the proper keywords, PGPASSWORD-passing to
the subprocess is now working.
* Optionally add password
environ_update doesn't handle None values in the
dictionary to be added to the environment. Adding
check.
* Quick fixes
* Refactor login arguments after fixes from pchauncey
The fixes introduced by pchaunchy pointed to further issues
(like no --dbname on PG<=9.2) with the login parameters. This
refactors them and adds further tests.
Note: this will still not pass integration tests due to a further
issue with pg_dump as a non-admin user:
pg_restore: [archiver (db)] Error while PROCESSING TOC:
pg_restore: [archiver (db)] Error from TOC entry 1925; 0 0 COMMENT EXTENSION plpgsql
pg_restore: [archiver (db)] could not execute query: ERROR: must be owner of extension plpgsql
* Introduce target_opts for passing limiting dumped/restored schemas
The current integration tests (PG version and template DBs) don't
permit a regular user (`{{ db_user1 }}`) access to plpgsql causing
restores to fail. By adding an option for passing arbitrary args to
pg_dump and pg_restore, testing is made easier. This also paves the
way for `-j` usage, once the PG version is bumped.
* postgresql_user module - transaction logic hacks to allow recovery from failed select
* postgresql_user - PEP8 and style fixes to make debugging easier
* postgresql_user - move password changing logic to separate function
* postgresql_user - trap failure in case where there is no access to pg_authid
* postgresql_user - further PEP8 fixes
* postgresql_user - Simplify password change logic and improve imports according to suggestions from PR review
* postgresql_user - Eliminate pep8/blank line errors introduced in merge
* Check behaviour when pg_authid relation isn't readable
TASK [postgresql : Normal user isn't allowed to access pg_authid relation:
password comparison will fail, password will be updated] ***
An exception occurred during task execution. To see the full traceback,
use -vvv. The error was: psycopg2.ProgrammingError: permission denied
for relation pg_authid
* Don't reintroduce passlib, remove useless query
* Factorize tests related to no_password_change using an include task
* Refactor: deduplicate tasks
* postgresql_user: test 'expires' parameter
* Change 'valid until' even it's the only updated field
* value is changed when another value is provided
* value isn't returned when unset
* Remove unused variable
* psycopg2.extras.DictRow is able to handle comparison
* postgresql_user: simplify helper method
* postgresql_user: define variable just before using it
* Fix comparison between user input and applied configuration
* new test: adding an invalid attribute
* Refactor, add cleaning task
* Check that using same attribute a 2nd time does nothing
* Always try to remove created user
* postgresql_user: fix pep8
When an unchanged MD5-hashed password was used and passlib was
unavailable, an useless 'ALTER USER' query was executed.
Once this useless query avoided, the last 'SELECT' query becomes
useless too.
cosmix
Strahinja Kustudic
René Moser
John R Barker
Dag Wieers
Artem Zinenko
jctanner
Vitaliy Zhhuta
bmildren
Abhijeet Kasurde
Branko Majic
Matt Clay
dramaley
Sam Doran
Toshio Kuratomi
Abhijit Menon-Sen
Andreas Olsson
Sam Doran
Roman Nozdrin
Aleksandr Vinokurov
alex lustenberg
Will Thames
Robin Roth
Morgan Robertson
Josh Moore
Michael De La Rue
Pilou