diff options
| author | Sam Doran <sdoran@redhat.com> | 2021-01-11 01:55:15 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-01-11 00:55:15 -0600 |
| commit | b22d97b2c1cb03d1ab112196bd931ee83ef2485d (patch) | |
| tree | d20ab1e34bda7322caf4f09cd211dc4ca827c37b | |
| parent | 1cd09b1ebcba3f54d31bdb0cf884bb2ab02d26d3 (diff) | |
| download | ansible-b22d97b2c1cb03d1ab112196bd931ee83ef2485d.tar.gz | |
[stable-2.10] Fix string/bytestring comparsion in m_u.basic (#70439) (#73129)
Change:
- module_utils.basic.is_special_selinux_path() used a string ==
bytestring comparison which returned False and made Ansible think that
certain filesystems aren't, in fact, special-cased, when they should
be. Ensure both sides of the == are bytestrings.
Test Plan:
- Added `copy` integration tests for this case.
Tickets:
- Fixes #70244
Signed-off-by: Rick Elrod <rick@elrod.me>.
(cherry picked from commit 688cd8657bcd4610aa268913be67e76778bc6940)
| -rw-r--r-- | changelogs/fragments/70244-selinux-special-fs.yml | 2 | ||||
| -rw-r--r-- | lib/ansible/module_utils/basic.py | 5 | ||||
| -rw-r--r-- | test/integration/targets/copy/tasks/selinux.yml | 35 |
3 files changed, 40 insertions, 2 deletions
diff --git a/changelogs/fragments/70244-selinux-special-fs.yml b/changelogs/fragments/70244-selinux-special-fs.yml new file mode 100644 index 0000000000..e4a596bb64 --- /dev/null +++ b/changelogs/fragments/70244-selinux-special-fs.yml @@ -0,0 +1,2 @@ +bugfixes: + - Fix bytestring vs string comparison in module_utils.basic.is_special_selinux_path() so that special-cased filesystems which don't support SELinux context attributes still allow files to be manipulated on them. (https://github.com/ansible/ansible/issues/70244) diff --git a/lib/ansible/module_utils/basic.py b/lib/ansible/module_utils/basic.py index 24d225f5c1..cd190f5096 100644 --- a/lib/ansible/module_utils/basic.py +++ b/lib/ansible/module_utils/basic.py @@ -978,11 +978,12 @@ class AnsibleModule(object): f.close() except Exception: return (False, None) + path_mount_point = self.find_mount_point(path) + for line in mount_data: (device, mount_point, fstype, options, rest) = line.split(' ', 4) - - if path_mount_point == mount_point: + if to_bytes(path_mount_point) == to_bytes(mount_point): for fs in self._selinux_special_fs: if fs in fstype: special_context = self.selinux_context(path_mount_point) diff --git a/test/integration/targets/copy/tasks/selinux.yml b/test/integration/targets/copy/tasks/selinux.yml new file mode 100644 index 0000000000..6bd3b04f6f --- /dev/null +++ b/test/integration/targets/copy/tasks/selinux.yml @@ -0,0 +1,35 @@ +# Ensure that our logic for special filesystems works as intended +# https://github.com/ansible/ansible/issues/70244 +- block: + - name: Install dosfstools + yum: + name: dosfstools + state: present + + - name: Create a file to use for a fat16 filesystem + command: dd if=/dev/zero of=/fat16 bs=1024 count=10240 + + - name: mkfs.fat + command: mkfs.fat -F16 /fat16 + + - name: Mount it + command: mount /fat16 /mnt + + - name: Copy a file to it + copy: + src: /etc/fstab + dest: /mnt/fstab + always: + - name: Unmount it + command: umount /mnt + ignore_errors: true + + - name: Nuke /fat16 + file: + path: /fat16 + state: absent + + - name: Uninstall dosfstools + yum: + name: dosfstools + state: absent |