40 lines
1.3 KiB
Diff
40 lines
1.3 KiB
Diff
From da6adc6984f21c0d93afff0b0ff55d0eb0ee3e9f Mon Sep 17 00:00:00 2001
|
|
From: Alexander Graul <agraul@suse.com>
|
|
Date: Tue, 17 Aug 2021 11:52:00 +0200
|
|
Subject: [PATCH] Don't use shell="/sbin/nologin" in requisites
|
|
|
|
Using shell="/sbin/nologin" in an onlyif/unless requisite does not
|
|
really make sense since the condition can't be run. shell=/sbin/nologin
|
|
is also a common argument, e.g. for user.present.
|
|
|
|
Fixes: bsc#1188259
|
|
---
|
|
salt/state.py | 9 +++++++--
|
|
1 file changed, 7 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/salt/state.py b/salt/state.py
|
|
index cb434a91e7..cda84a0fcb 100644
|
|
--- a/salt/state.py
|
|
+++ b/salt/state.py
|
|
@@ -986,9 +986,14 @@ class State:
|
|
cmd_opts[run_cmd_arg] = low_data.get(run_cmd_arg)
|
|
|
|
if "shell" in low_data and "shell" not in cmd_opts_exclude:
|
|
- cmd_opts["shell"] = low_data["shell"]
|
|
+ shell = low_data["shell"]
|
|
elif "shell" in self.opts["grains"]:
|
|
- cmd_opts["shell"] = self.opts["grains"].get("shell")
|
|
+ shell = self.opts["grains"].get("shell")
|
|
+ else:
|
|
+ shell = None
|
|
+ # /sbin/nologin always causes the onlyif / unless cmd to fail
|
|
+ if shell is not None and shell != "/sbin/nologin":
|
|
+ cmd_opts["shell"] = shell
|
|
|
|
if "onlyif" in low_data:
|
|
_ret = self._run_check_onlyif(low_data, cmd_opts)
|
|
--
|
|
2.39.2
|
|
|
|
|