ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-05-03 07:41:30 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

Proposing fix for Issue #4324; adding support for su in connection plugins ssh, ssh_alt

Browse source 
Fixes for ssh_alt support, adding in references to in_data where appropriate
This commit is contained in:
Paul Durivage 2013-12-17 16:26:58 -06:00
parent 297a28aa79
commit 4088243deb
10 changed files with 246 additions and 78 deletions
Download patch file Download diff file Expand all files Collapse all files

31
lib/ansible/runner/connection_plugins/ssh_old.py
View file

@ -145,7 +145,7 @@ class Connection(object):
return False
return True
def exec_command(self, cmd, tmp_path, sudo_user,sudoable=False, executable='/bin/sh', in_data=None):
def exec_command(self, cmd, tmp_path, sudo_user=None, sudoable=False, executable='/bin/sh', in_data=None, su=False, su_user=None):
''' run a command on the remote host '''
if in_data:
@ -163,7 +163,10 @@ class Connection(object):
ssh_cmd += ['-6']
ssh_cmd += [self.host]
if not self.runner.sudo or not sudoable:
if su and su_user:
sudocmd, prompt, success_key = utils.make_su_cmd(su_user, executable, cmd)
ssh_cmd.append(sudocmd)
elif not self.runner.sudo or not sudoable:
if executable:
ssh_cmd.append(executable + ' -c ' + pipes.quote(cmd))
else:
@ -183,7 +186,6 @@ class Connection(object):
fcntl.lockf(self.runner.output_lockfile, fcntl.LOCK_EX)
try:
# Make sure stdin is a proper (pseudo) pty to avoid: tcgetattr errors
master, slave = pty.openpty()
@ -198,7 +200,8 @@ class Connection(object):
self._send_password()
if self.runner.sudo and sudoable and self.runner.sudo_pass:
if (self.runner.sudo and sudoable and self.runner.sudo_pass) or \
(self.runner.su and su and self.runner.su_pass):
fcntl.fcntl(p.stdout, fcntl.F_SETFL,
fcntl.fcntl(p.stdout, fcntl.F_GETFL) | os.O_NONBLOCK)
sudo_output = ''
@ -208,13 +211,17 @@ class Connection(object):
if p.stdout in rfd:
chunk = p.stdout.read()
if not chunk:
raise errors.AnsibleError('ssh connection closed waiting for sudo password prompt')
raise errors.AnsibleError('ssh connection closed waiting for sudo or su password prompt')
sudo_output += chunk
else:
stdout = p.communicate()
raise errors.AnsibleError('ssh connection error waiting for sudo password prompt')
raise errors.AnsibleError('ssh connection error waiting for sudo or su password prompt')
if success_key not in sudo_output:
stdin.write(self.runner.sudo_pass + '\n')
if sudoable:
stdin.write(self.runner.sudo_pass + '\n')
elif su:
stdin.write(self.runner.su_pass + '\n')
fcntl.fcntl(p.stdout, fcntl.F_SETFL, fcntl.fcntl(p.stdout, fcntl.F_GETFL) & ~os.O_NONBLOCK)
# We can't use p.communicate here because the ControlMaster may have stdout open as well
@ -224,12 +231,18 @@ class Connection(object):
while True:
rfd, wfd, efd = select.select(rpipes, [], rpipes, 1)
# fail early if the sudo password is wrong
# fail early if the sudo/su password is wrong
if self.runner.sudo and sudoable and self.runner.sudo_pass:
incorrect_password = gettext.dgettext(
"sudo", "Sorry, try again.")
if stdout.endswith("%s\r\n%s" % (incorrect_password, prompt)):
raise errors.AnsibleError('Incorrect sudo password')
raise errors.AnsibleError('Incorrect sudo password')
if self.runner.su and su and self.runner.su_pass:
incorrect_password = gettext.dgettext(
"su", "su: Authentication failure")
if stdout.endswith("%s\r\n%s" % (incorrect_password, prompt)):
raise errors.AnsibleError('Incorrect su password')
if p.stdout in rfd:
dat = os.read(p.stdout.fileno(), 9000)