open(path) throws an error when called on a directory or UNIX socket,
and therefore a check to ensure that the path is absent will always
succeed when there is a directory or file located there.
This updates the check to use os.access(path, os.F_OK) instead, which
instead just checks that the path exists instead of trying to open it as
a file, and therefore properly handles directories and sockets.
This causes a slight semantic change in how permissions are handled.
The existing code will fail to work correctly if the user running the
module on the managed host has no read access to the path specified.
The new code will work correctly in that situation.
Both versions fail if the user can't traverse the parent directory.
I've also added a check to the try block to catch OSError. I've seen
this call fail with an OSError on rare occasion in the face of odd
extended permissions (usually MAC configuration) in cases where it
should technically return False. In such cases, the file is functionally
inaccessible to the user making the call, so it's essentially not there,
but it can't be created by them either. I've documented this, as well as
the fact that the bug this change fixes exists, and a rather nasty
inconsistency involving symbloic handling that I stumbled across while
testing this change.
Fixes: #20870
* wait_for: treat broken connections as "unready"
We have observed the following condition while waiting for hosts:
```
Traceback (most recent call last):
File "/var/folders/f8/23xp00654plcv2b2tcc028680000gn/T/ansible_8hxm4_/ansible_module_wait_for.py", line 585, in <module>
main()
File "/var/folders/f8/23xp00654plcv2b2tcc028680000gn/T/ansible_8hxm4_/ansible_module_wait_for.py", line 535, in main
s.shutdown(socket.SHUT_RDWR)
File "/usr/local/opt/python/Frameworks/Python.framework/Versions/2.7/lib/python2.7/socket.py", line 228, in meth
return getattr(self._sock,name)(*args)
socket.error: [Errno 57] Socket is not connected
```
This appears to happen while the host is still starting; we believe something is
accepting our connection but immediately resetting it. In these cases, we'd
prefer to continue waiting instead of immediately failing the play.
This patch has been applied locally for some time, and we have seen no adverse
effects.
* wait_for: fixup change
We were missing an import and a space after the `#`
Made the following changes:
* Removed wildcard imports
* Replaced long form of GPL header with short form
* Removed get_exception usage
* Added from __future__ boilerplate
* Adjust division operator to // where necessary
For the following files:
* web_infrastructure modules
* system modules
* linode, lxc, lxd, atomic, cloudscale, dimensiondata, ovh, packet,
profitbricks, pubnub, smartos, softlayer, univention modules
* compat dirs (disabled as its used intentionally)
* Mutually reference Windows and non-Windows modules
To make it easier for Windows or non-Windows users to find the relevant
module information, we are mutually referencing both variants in their
documentation.
We are also adding a special note if a module works on both Windows and
non-Windows targets.
* Mutually reference Windows and non-Windows modules
To make it easier for Windows or non-Windows users to find the relevant
module information, we are mutually referencing both variants in their
documentation.
We are also adding a special note if a module works on both Windows and
non-Windows targets.
* Replace 'look at' with 'use', as requested
ci_complete
Changes to the metadata format were approved here:
https://github.com/ansible/proposals/issues/54
* Update documentation to the new metadata format
* Changes to metadata-tool to account for new metadata
* Add GPL license header
* Add upgrade subcommand to upgrade metadata version
* Change default metadata to the new format
* Fix exclusion of non-modules from the metadata report
* Fix ansible-doc for new module metadata
* Exclude metadata version from ansible-doc output
* Fix website docs generation for the new metadata
* Update metadata schema in valiate-modules test
* Update the metadata in all modules to the new version
* Update validate-modules
* Validates ANSIBLE_METADATA
* Ensures imports happen after documentation vars
* Some pep8 cleanup
* Clean up some left over unneeded code
* Update modules for new module guidelines and validate-modules checks
* Update imports for ec2_vpc_route_table and ec2_vpc_nat_gateway
* Change example syntax on authorized_key module
* Change example syntax on cron module
* Change example syntax on group module
* Change example syntax on hostname module
* Change example syntax on seboolean module
* Change example syntax on selinux module
* Change example syntax on service module
* Change example syntax on sysctl module
* Change example syntax on systemd module
* Change example syntax on user module
* Change example syntax on debug module
* Change example syntax on fail module
* Change example syntax on include module
* Change example syntax on include_role module
* Change example syntax on include_vars module
* Change example syntax on pause module
* Change example syntax on wait_for module
* Change example syntax on apache2_module module
* > Change example syntax on django_manage module
* Change example syntax on htpasswd module
There are established connections for a service. The service is bound to a ipv4-mapped ipv6 address. Wait_for wrongly waits for clients listed in exclude_hosts.
* reading from a socket that gave some data we weren't looking for and
then closed.
* read from a socket that stays open and never sends data.
* reading from a socket that sends data but not the data we're looking
for.
Fixes#2051
Adam Miller
Austin S. Hemmelgarn
sethp-nr
Brian Coca
Toshio Kuratomi
Matt Clay
Dag Wieers
Abhijeet Kasurde
James Cammarata
Brian Coca
Chen Zhiwei
Brian-Williams
Matt Martz
Søren Kröger
zaiusdr
Sam Doran
Stanislav Antic
Michael Scherer
vaupelt
Toshio Kuratomi
Lars Larsson
Andrey Trubachev
Greg DeKoenigsberg
Gerard Lynch
Michael DeHaan