#!/usr/bin/python # Copyright (c) 2013, Jeroen Hoekx # Copyright (c) 2016, Matt Robinson # Copyright (c) 2017, Dag Wieers # Copyright (c) 2017, Ansible Project # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) # SPDX-License-Identifier: GPL-3.0-or-later from __future__ import annotations DOCUMENTATION = r""" author: - Jeroen Hoekx (@jhoekx) - Matt Robinson (@ribbons) - Dag Wieers (@dagwieers) module: iso_extract short_description: Extract files from an ISO image description: - This module has two possible ways of operation. - If 7zip is installed on the system, this module extracts files from an ISO into a temporary directory and copies files to a given destination, if needed. - If the user has mount-capabilities (CAP_SYS_ADMIN on Linux) this module mounts the ISO image to a temporary location, and copies files to a given destination, if needed. requirements: - Either 7z (from C(7zip) or C(p7zip) package) - Or mount capabilities (root-access, or CAP_SYS_ADMIN capability on Linux) extends_documentation_fragment: - community.general.attributes attributes: check_mode: support: full diff_mode: support: none options: image: description: - The ISO image to extract files from. type: path required: true aliases: [path, src] dest: description: - The destination directory to extract files to. type: path required: true files: description: - A list of files to extract from the image. - Extracting directories does not work. type: list elements: str required: true force: description: - If V(true), it replaces the remote file when contents are different than the source. - If V(false), the file is only extracted and copied if the destination does not already exist. type: bool default: true executable: description: - The path to the C(7z) executable to use for extracting files from the ISO. - If not provided, it assumes the value V(7z). type: path password: description: - Password used to decrypt files from the ISO. - It is only used if C(7z) is used. - The password is used as a command line argument to 7z. This is a B(potential security risk) that allows passwords to be revealed if someone else can list running processes on the same machine in the right moment. type: str version_added: 10.1.0 notes: - Only the file checksum (content) is taken into account when extracting files from the ISO image. If O(force=false), only checks the presence of the file. """ EXAMPLES = r""" - name: Extract kernel and ramdisk from a LiveCD community.general.iso_extract: image: /tmp/rear-test.iso dest: /tmp/virt-rear/ files: - isolinux/kernel - isolinux/initrd.cgz """ RETURN = r""" # """ import os.path import shutil import tempfile from ansible.module_utils.basic import AnsibleModule def main(): module = AnsibleModule( argument_spec=dict( image=dict(type="path", required=True, aliases=["path", "src"]), dest=dict(type="path", required=True), files=dict(type="list", elements="str", required=True), force=dict(type="bool", default=True), password=dict(type="str", no_log=True), executable=dict(type="path"), # No default on purpose ), supports_check_mode=True, ) image = module.params["image"] dest = module.params["dest"] files = module.params["files"] force = module.params["force"] password = module.params["password"] executable = module.params["executable"] result = dict( changed=False, dest=dest, image=image, ) # We want to know if the user provided it or not, so we set default here if executable is None: executable = "7z" binary = module.get_bin_path(executable, None) # When executable was provided and binary not found, warn user ! if module.params["executable"] is not None and not binary: module.warn(f"Executable '{executable}' is not found on the system, trying to mount ISO instead.") if not os.path.exists(dest): module.fail_json(msg=f"Directory '{dest}' does not exist") if not os.path.exists(os.path.dirname(image)): module.fail_json(msg=f"ISO image '{image}' does not exist") result["files"] = [] extract_files = list(files) if not force: # Check if we have to process any files based on existence for f in files: dest_file = os.path.join(dest, os.path.basename(f)) if os.path.exists(dest_file): result["files"].append( dict( checksum=None, dest=dest_file, src=f, ) ) extract_files.remove(f) if not extract_files: module.exit_json(**result) tmp_dir = tempfile.mkdtemp() # Use 7zip when we have a binary, otherwise try to mount if binary: cmd = [binary, "x", image, f"-o{tmp_dir}"] if password: cmd += [f"-p{password}"] cmd += extract_files else: cmd = [module.get_bin_path("mount"), "-o", "loop,ro", image, tmp_dir] rc, out, err = module.run_command(cmd) if rc != 0: result.update( dict( cmd=cmd, rc=rc, stderr=err, stdout=out, ) ) shutil.rmtree(tmp_dir) if binary: module.fail_json(msg=f"Failed to extract from ISO image '{image}' to '{tmp_dir}'", **result) else: module.fail_json( msg=f"Failed to mount ISO image '{image}' to '{tmp_dir}', and we could not find executable '{executable}'.", **result, ) try: for f in extract_files: tmp_src = os.path.join(tmp_dir, f) if not os.path.exists(tmp_src): module.fail_json(msg=f"Failed to extract '{f}' from ISO image", **result) src_checksum = module.sha1(tmp_src) dest_file = os.path.join(dest, os.path.basename(f)) if os.path.exists(dest_file): dest_checksum = module.sha1(dest_file) else: dest_checksum = None result["files"].append( dict( checksum=src_checksum, dest=dest_file, src=f, ) ) if src_checksum != dest_checksum: if not module.check_mode: shutil.copy(tmp_src, dest_file) result["changed"] = True finally: if not binary: module.run_command([module.get_bin_path("umount"), tmp_dir]) shutil.rmtree(tmp_dir) module.exit_json(**result) if __name__ == "__main__": main()