From 52d70d28eac2655a610b57291ca73e6ad33367ea Mon Sep 17 00:00:00 2001 From: Abbijeet Kasurde Date: Thu, 16 Sep 2021 17:32:34 +0800 Subject: [PATCH] [WIP] Add whitelisting for package and service module --- lib/ansible/plugins/action/package.py | 8 ++++++++ lib/ansible/plugins/action/service.py | 5 +++++ 2 files changed, 13 insertions(+) diff --git a/lib/ansible/plugins/action/package.py b/lib/ansible/plugins/action/package.py index 932acccb..18acc856 100644 --- a/lib/ansible/plugins/action/package.py +++ b/lib/ansible/plugins/action/package.py @@ -56,6 +56,14 @@ class ActionModule(ActionBase): module = facts.get('ansible_facts', {}).get('ansible_pkg_mgr', 'auto') if module != 'auto': + if module not in ['apk','apt_rpm','apt','dnf','homebrew_cask', + 'homebrew_tap','homebrew','installp','macports','mas', + 'openbsd_pkg','opkg','pacman','pkg5','pkgin', + 'pkgng','pkgutil','portage','portinstall','slackpkg', + 'snap','sorcery','svr4pkg','swdepot','swupd', + 'urpmi','xbps','yum','zypper']: + raise AnsibleActionFail('Coudld not find a module for package manager %s.' + 'Try setting the "use" option.'% module) if module not in self._shared_loader_obj.module_loader: raise AnsibleActionFail('Could not find a module for %s.' % module) diff --git a/lib/ansible/plugins/action/service.py b/lib/ansible/plugins/action/service.py index 3ebd0ae1..d9b0344b 100644 --- a/lib/ansible/plugins/action/service.py +++ b/lib/ansible/plugins/action/service.py @@ -61,6 +61,11 @@ class ActionModule(ActionBase): module = 'service' if module != 'auto': + # Check if auto detected module is valid module name or not + if module not in ['nosh','openwrt_init','runit', + 'svc','systemd','sysvinit']: + raise AnsibleActionFail('Could not find module for service manager %s.' + 'Try setting the "use" option.') # run the 'service' module new_module_args = self._task.args.copy() if 'use' in new_module_args: -- 2.27.0