Merge c19d766d3a into b39ee97ccc

Add changelog fragment for deprecated imports fix
Added changelog entry documenting the bugfixes for synchronize and mount modules' deprecated import issues. Related to #686 Co-authored-by: Cursor AI Signed-off-by: Pavel Bar <pbar@redhat.com>
2026-01-11 15:15:26 +01:00 · 2025-11-28 14:48:59 +00:00 · 2025-11-28 16:48:14 +02:00 · 2025-11-28 16:48:14 +02:00 · 2025-11-28 16:48:14 +02:00 · 2025-11-28 16:48:14 +02:00
8 changed files with 72 additions and 19 deletions
--- a/README.md
+++ b/README.md
@ -2,7 +2,7 @@
 <!-- Add CI and code coverage badges here. Samples included below. -->
 [![Build Status](
 https://dev.azure.com/ansible/ansible.posix/_apis/build/status/CI?branchName=main)](https://dev.azure.com/ansible/ansible.posix/_build?definitionId=26)
-[![Run Status](https://api.shippable.com/projects/5e669aaf8b17a60007e4d18d/badge?branch=main)]() <!--[![Codecov](https://img.shields.io/codecov/c/github/ansible-collections/ansible.posix)](https://codecov.io/gh/ansible-collections/ansible.posix)-->
+[![Codecov](https://img.shields.io/codecov/c/github/ansible-collections/ansible.posix)](https://codecov.io/gh/ansible-collections/ansible.posix)
 ## Communication
--- a/changelogs/fragments/639_fix_authorized_key.yml
+++ b/changelogs/fragments/639_fix_authorized_key.yml
@ -0,0 +1,3 @@
 ---
 bugfixes:
  - ansible.posix.authorized_key - fixes error on permission denied in authorized_key module (https://github.com/ansible-collections/ansible.posix/issues/462).
--- a/changelogs/fragments/686_fix_deprecated_imports.yml
+++ b/changelogs/fragments/686_fix_deprecated_imports.yml
@ -0,0 +1,4 @@
 ---
 bugfixes:
  - synchronize - fix deprecated ``ansible.module_utils._text`` and ``ansible.module_utils.common._collections_compat`` imports (https://github.com/ansible-collections/ansible.posix/issues/686).
  - mount - fix deprecated ``ansible.module_utils._text`` import (https://github.com/ansible-collections/ansible.posix/issues/686).
--- a/plugins/action/synchronize.py
+++ b/plugins/action/synchronize.py
@ -18,12 +18,11 @@ from __future__ import (absolute_import, division, print_function)
 __metaclass__ = type
 import os.path
 from collections.abc import MutableSequence
 from shlex import quote as shlex_quote
 from ansible import constants as C
-from ansible.module_utils.six import string_types
+from ansible.module_utils.common.text.converters import to_text
 from ansible.module_utils.six.moves import shlex_quote
 from ansible.module_utils._text import to_text
 from ansible.module_utils.common._collections_compat import MutableSequence
 from ansible.module_utils.parsing.convert_bool import boolean
 from ansible.plugins.action import ActionBase
 from ansible.plugins.loader import connection_loader
@ -417,7 +416,7 @@ class ActionModule(ActionBase):
            # Replicate what we do in the module argumentspec handling for lists
            if not isinstance(_tmp_args.get('rsync_opts'), MutableSequence):
                tmp_rsync_opts = _tmp_args.get('rsync_opts', [])
-                if isinstance(tmp_rsync_opts, string_types):
+                if isinstance(tmp_rsync_opts, str):
                    tmp_rsync_opts = tmp_rsync_opts.split(',')
                elif isinstance(tmp_rsync_opts, (int, float)):
                    tmp_rsync_opts = [to_text(tmp_rsync_opts)]
--- a/plugins/modules/authorized_key.py
+++ b/plugins/modules/authorized_key.py
@ -225,6 +225,8 @@ import os.path
 import tempfile
 import re
 import shlex
 import errno
 import traceback
 from operator import itemgetter
 from ansible.module_utils._text import to_native
@ -475,16 +477,18 @@ def parsekey(module, raw_key, rank=None):
    return (key, key_type, options, comment, rank)
-def readfile(filename):
+def readfile(module, filename):
    if not os.path.isfile(filename):
        return ''
    f = open(filename)
    try:
        with open(filename, 'r') as f:
            return f.read()
-    finally:
+    except IOError as e:
-        f.close()
+        if e.errno == errno.EACCES:
            module.fail_json(msg="Permission denied on file or path for authorized keys file: %s" % filename,
                             exception=traceback.format_exc())
        elif e.errno == errno.ENOENT:
            return ''
        else:
            raise
 def parsekeys(module, lines):
@ -597,7 +601,7 @@ def enforce_state(module, params):
    # check current state -- just get the filename, don't create file
    do_write = False
    params["keyfile"] = keyfile(module, user, do_write, path, manage_dir)
-    existing_content = readfile(params["keyfile"])
+    existing_content = readfile(module, params["keyfile"])
    existing_keys = parsekeys(module, existing_content)
    # Add a place holder for keys that should exist in the state=present and
--- a/plugins/modules/mount.py
+++ b/plugins/modules/mount.py
@ -225,8 +225,7 @@ import platform
 from ansible.module_utils.basic import AnsibleModule
 from ansible_collections.ansible.posix.plugins.module_utils.mount import ismount
-from ansible.module_utils.six import iteritems
+from ansible.module_utils.common.text.converters import to_bytes, to_native
 from ansible.module_utils._text import to_bytes, to_native
 from ansible.module_utils.parsing.convert_bool import boolean
@ -279,7 +278,7 @@ def _set_mount_save_old(module, args):
    old_lines = []
    exists = False
    changed = False
-    escaped_args = dict([(k, _escape_fstab(v)) for k, v in iteritems(args)])
+    escaped_args = dict([(k, _escape_fstab(v)) for k, v in args.items()])
    new_line = '%(src)s %(name)s %(fstype)s %(opts)s %(dump)s %(passno)s\n'
    if platform.system() == 'SunOS':
--- a/tests/integration/targets/authorized_key/tasks/check_permissions.yml
+++ b/tests/integration/targets/authorized_key/tasks/check_permissions.yml
@ -0,0 +1,41 @@
 ---
 # -------------------------------------------------------------
 # check permissions
 - name: Create a file that is not accessible
  ansible.builtin.file:
    state: touch
    path: "{{ output_dir | expanduser }}/file_permissions"
    owner: root
    mode: '0000'
 - name: Create unprivileged user
  ansible.builtin.user:
    name: nopriv
    create_home: true
 - name: Try to delete a key from an unreadable file
  become: true
  become_user: nopriv
  ansible.posix.authorized_key:
    user: root
    key: "{{ dss_key_basic }}"
    state: absent
    path: "{{ output_dir | expanduser }}/file_permissions"
  register: result
  ignore_errors: true
 - name: Assert that the key deletion has failed
  ansible.builtin.assert:
    that:
      - result is failed
 - name: Remove the file
  ansible.builtin.file:
    state: absent
    path: "{{ output_dir | expanduser }}/file_permissions"
 - name: Remove the user
  ansible.builtin.user:
    name: nopriv
    state: absent
--- a/tests/integration/targets/authorized_key/tasks/main.yml
+++ b/tests/integration/targets/authorized_key/tasks/main.yml
@ -34,3 +34,6 @@
 - name: Test for specifying key as a path
  ansible.builtin.import_tasks: check_path.yml
 - name: Test for permission denied files
  ansible.builtin.import_tasks: check_permissions.yml
Author	SHA1	Message	Date
Pavel Bar	5c76460a6f	Merge `c19d766d3a` into `b39ee97ccc`	2025-11-28 14:48:59 +00:00
Pavel Bar	c19d766d3a	Add changelog fragment for deprecated imports fix Added changelog entry documenting the bugfixes for synchronize and mount modules' deprecated import issues. Related to #686 Co-authored-by: Cursor AI Signed-off-by: Pavel Bar <pbar@redhat.com>	2025-11-28 16:48:14 +02:00
Pavel Bar	5b071d26ba	Fix additional six deprecations for CI compliance Replace deprecated ansible.module_utils.six imports with Python 3 standard library equivalents to pass pylint sanity checks. synchronize.py: - ansible.module_utils.six.string_types → str - ansible.module_utils.six.moves.shlex_quote → shlex.quote mount.py: - ansible.module_utils.six.iteritems → dict.items() Related to #686 Co-authored-by: Cursor AI Signed-off-by: Pavel Bar <pbar@redhat.com>	2025-11-28 16:48:14 +02:00
Pavel Bar	708df85118	Fix deprecated module_utils imports in mount These deprecated imports will be removed in ansible-core 2.24. Updated to use the new recommended import paths. - ansible.module_utils._text → ansible.module_utils.common.text.converters Related to #686 Co-authored-by: Cursor AI Signed-off-by: Pavel Bar <pbar@redhat.com>	2025-11-28 16:48:14 +02:00
Pavel Bar	60bc3e3634	Fix deprecated module_utils imports in synchronize These deprecated imports will be removed in ansible-core 2.24. Updated to use the new recommended import paths. - ansible.module_utils._text → ansible.module_utils.common.text.converters - ansible.module_utils.common._collections_compat → collections.abc Fixes #686 Co-authored-by: Cursor AI Signed-off-by: Pavel Bar <pbar@redhat.com>	2025-11-28 16:48:14 +02:00
softwarefactory-project-zuul[bot]	b39ee97ccc	Merge pull request #677 from shenxianpeng/patch-1 docs: fix broken badge and restore coverage badge SUMMARY Replaced the outdated Shippable badge and active Codecov coverage badge, like other repos in ansible-collections org ISSUE TYPE Docs Pull Request COMPONENT NAME ADDITIONAL INFORMATION Reviewed-by: Hideki Saito <saito@fgrep.org>	2025-11-28 07:14:56 +00:00
softwarefactory-project-zuul[bot]	72a6eb9729	Merge pull request #639 from Klaas-/Klaas-fix_authorized_key Fixes #462 notice permission denied on authorized_key module SUMMARY As of right now the authorized_key module does not notice on an "absent" if a authorized_keys file is simply not readable to the executing user. I am trying to fix that ISSUE TYPE Bugfix Pull Request COMPONENT NAME authorized_key ADDITIONAL INFORMATION Execute as a user that does not have access to the root users authorized keys file - name: Delete key from root user ansible.posix.authorized_key: state: absent user: root key: ssh-rsa xxxxxxxx - name: Delete key from root user become: true ansible.posix.authorized_key: state: absent user: root key: ssh-rsa xxxxxxxx The one without become will succeed before my change and will fail with a permission denied error after my change. The 2nd task will actually remove a key from root user if become privileges are available for the executing user Reviewed-by: Brian Coca Reviewed-by: Klaas Demter Reviewed-by: Felix Fontein <felix@fontein.de> Reviewed-by: Hideki Saito <saito@fgrep.org>	2025-11-28 03:25:21 +00:00
Klaas Demter	9651a19805	change result.failed==True to result is failed in check_permissions.yml Co-authored-by: Felix Fontein <felix@fontein.de>	2025-10-22 08:29:46 +02:00
Klaas Demter	413ab782a8	Fixes #462 notice permission denied on authorized_key module	2025-10-21 10:00:12 +02:00
Xianpeng Shen	cda2e0657f	docs: fix broken badge and restore coverage badge	2025-08-14 14:33:30 +03:00