VhjddlmZmZmZeZdZdZddlm Z dZ Gdde Z dZ ed k(re y y ) )absolute_importdivisionprint_functiona module: capabilities short_description: Manage Linux capabilities description: - This module manipulates files privileges using the Linux capabilities(7) system. extends_documentation_fragment: - community.general.attributes attributes: check_mode: support: full diff_mode: support: none options: path: description: - Specifies the path to the file to be managed. type: str required: true aliases: [key] capability: description: - Desired capability to set (with operator and flags, if O(state=present)) or remove (if O(state=absent)). type: str required: true aliases: [cap] state: description: - Whether the entry should be present or absent in the file's capabilities. type: str choices: [absent, present] default: present notes: - The capabilities system will automatically transform operators and flags into the effective set, so for example, C(cap_foo=ep) will probably become C(cap_foo+ep). - This module does not attempt to determine the final operator and flags to compare, so you will want to ensure that your capabilities argument matches the final capabilities. author: - Nate Coraor (@natefoo) a$ - name: Set cap_sys_chroot+ep on /foo community.general.capabilities: path: /foo capability: cap_sys_chroot+ep state: present - name: Remove cap_net_bind_service from /bar community.general.capabilities: path: /bar capability: cap_net_bind_service state: absent ) AnsibleModule)=-+c4eZdZdZdZdZdZdZdZddZ y) CapabilitiesModuleLinuxNc||_|jdj|_|jdjj |_|jd|_|jdd|_|jdd|_ |j|j |j dk( |_ |jy) Npath capabilitystategetcapT)requiredsetcappresent) op_required) moduleparamsstriprlowerrr get_bin_path getcap_cmd setcap_cmd _parse_capcapability_tuprun)selfrs r/home/dcms/DCMS/lib/python3.12/site-packages/ansible_collections/community/general/plugins/modules/capabilities.py__init__zCapabilitiesModule.__init__Js MM&)//1  -- 5;;=CCE]]7+  --h-F --h-F"oodoo4::YbKboc  c jj}|Dcgc]}|d }}jdk(rj|vrjj rjj ddnttfd|}|jjjj djdjj|njdk(rjd|vrjj rjj ddnRtfd |}jj djdjj|jj d j ycc}w) NrrTzcapabilities changed)changedmsgc.|djdk7SNrrxr s r!z(CapabilitiesModule.run..`s!8K8KA8N0Nr#)r%rr&stdoutabsentc.|djdk7Sr(r)r*s r!r,z(CapabilitiesModule.run..js1Q443F3Fq3I+Ir#F)r%r) rrrrr check_mode exit_jsonlistfilterappendr)r currentcapcapss` r!rzCapabilitiesModule.runUs++dii(")*3A** :: "t':':''I{{%% %%d8N%Ov&NPWXYt223 %%d$**J`imitituyu~u~AHjI%J ZZ8 #(;(;A(>$(F{{%% %%d8N%O!!I7S %%d$**J`imitituyu~u~AHjI%J e4::>)+s Gcg}|jd|}|jj|\}}}|dk7s|dk7r/|jjd|z|j ||j |k7rd|vr1|j ddj j }n/|j dj j }|D]~}|j }d|vrH|j d} |j| d \| d <} } | D]} |j| | | f_|j|j||S) Nz -v rz Unable to get capabilities of %sr&r-stderrz =,) rr run_command fail_jsonrsplitrrr4) r rrvalcmdrcr-r;r7r6 cap_groupopflagssubcaps r!rzCapabilitiesModule.getcapnsT OOT2![[44S9FF 7fl KK ! !&H4&OX^XdXdXfou ! v <<>T !v~||D)!,224::<||~a(..0668 6iik#: # #I/3y}/M,IbM2u"+9 VR$789KK 45 6 r#c dj|Dcgc]}dj|c}}|jd|d|}|jj|\}}}|dk7r"|jj d|z||y|Scc}w)N r9z 'z' rz Unable to set capabilities of %sr:)joinrrr?r@)r rr7r6rCrDr-r;s r!rzCapabilitiesModule.setcapsxx6#67"ootT:![[44S9FF 7 KK ! !&H4&OX^gm ! nM 7sB c"d} d}|dk(r#|jt|}|dz }|dk(r#||}|j |\}}|||fS#t$r9|r-|jj dt tzn|ddfcYSY_wxYw)Nr>rr<z#Couldn't find operator (one of: %s))r&)findOPS Exceptionrr@strrA)r r6ropindirFrGs r!rzCapabilitiesModule._parse_caps )A2+Q(Q2+ZYYr] UR ) %%*ORUVYRZ*Z%[T4((\ )s)A =B B)T) __name__ __module__ __qualname__platform distributionr"rrrrr#r!r r Fs&HL ?2B r#r c tttdddgtdddgtddddg d }t|y) NrPTkey)typeraliasesr6rr.)r[defaultchoices)rrr) argument_specsupports_check_mode)rdictr )rs r!mainrbsP 54%AwGE9x>ST ! Fvr#__main__N) __future__rrrr[ __metaclass__ DOCUMENTATIONEXAMPLESansible.module_utils.basicrrNobjectr rbrSrXr#r!rjsTA@ & P 5` ` L  zFr#