Initial commit

plugins/become/doas.py

@@ -0,0 +1,127 @@
+# -*- coding: utf-8 -*-
+# Copyright: (c) 2018, Ansible Project
+# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+DOCUMENTATION = '''
+    become: doas
+    short_description: Do As user
+    description:
+        - This become plugins allows your remote/login user to execute commands as another user via the doas utility.
+    author: ansible (@core)
+    options:
+        become_user:
+            description: User you 'become' to execute the task
+            ini:
+              - section: privilege_escalation
+                key: become_user
+              - section: doas_become_plugin
+                key: user
+            vars:
+              - name: ansible_become_user
+              - name: ansible_doas_user
+            env:
+              - name: ANSIBLE_BECOME_USER
+              - name: ANSIBLE_DOAS_USER
+        become_exe:
+            description: Doas executable
+            default: doas
+            ini:
+              - section: privilege_escalation
+                key: become_exe
+              - section: doas_become_plugin
+                key: executable
+            vars:
+              - name: ansible_become_exe
+              - name: ansible_doas_exe
+            env:
+              - name: ANSIBLE_BECOME_EXE
+              - name: ANSIBLE_DOAS_EXE
+        become_flags:
+            description: Options to pass to doas
+            default:
+            ini:
+              - section: privilege_escalation
+                key: become_flags
+              - section: doas_become_plugin
+                key: flags
+            vars:
+              - name: ansible_become_flags
+              - name: ansible_doas_flags
+            env:
+              - name: ANSIBLE_BECOME_FLAGS
+              - name: ANSIBLE_DOAS_FLAGS
+        become_pass:
+            description: password for doas prompt
+            required: False
+            vars:
+              - name: ansible_become_password
+              - name: ansible_become_pass
+              - name: ansible_doas_pass
+            env:
+              - name: ANSIBLE_BECOME_PASS
+              - name: ANSIBLE_DOAS_PASS
+            ini:
+              - section: doas_become_plugin
+                key: password
+        prompt_l10n:
+            description:
+                - List of localized strings to match for prompt detection
+                - If empty we'll use the built in one
+            default: []
+            ini:
+              - section: doas_become_plugin
+                key: localized_prompts
+            vars:
+              - name: ansible_doas_prompt_l10n
+            env:
+              - name: ANSIBLE_DOAS_PROMPT_L10N
+'''
+
+import re
+
+from ansible.module_utils._text import to_bytes
+from ansible.plugins.become import BecomeBase
+
+
+class BecomeModule(BecomeBase):
+
+    name = 'community.general.doas'
+
+    # messages for detecting prompted password issues
+    fail = ('Permission denied',)
+    missing = ('Authorization required',)
+
+    def check_password_prompt(self, b_output):
+        ''' checks if the expected password prompt exists in b_output '''
+
+        # FIXME: more accurate would be: 'doas (%s@' % remote_user
+        # however become plugins don't have that information currently
+        b_prompts = [to_bytes(p) for p in self.get_option('prompt_l10n')] or [br'doas \(', br'Password:']
+        b_prompt = b"|".join(b_prompts)
+
+        return bool(re.match(b_prompt, b_output))
+
+    def build_become_command(self, cmd, shell):
+        super(BecomeModule, self).build_become_command(cmd, shell)
+
+        if not cmd:
+            return cmd
+
+        self.prompt = True
+
+        become_exe = self.get_option('become_exe') or self.name
+
+        flags = self.get_option('become_flags') or ''
+        if not self.get_option('become_pass') and '-n' not in flags:
+            flags += ' -n'
+
+        user = self.get_option('become_user') or ''
+        if user:
+            user = '-u %s' % (user)
+
+        success_cmd = self._build_success_command(cmd, shell, noexe=True)
+        executable = getattr(shell, 'executable', shell.SHELL_FAMILY)
+
+        return '%s %s %s %s -c %s' % (become_exe, flags, user, executable, success_cmd)

plugins/become/dzdo.py

@@ -0,0 +1,96 @@
+# -*- coding: utf-8 -*-
+# Copyright: (c) 2018, Ansible Project # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+DOCUMENTATION = '''
+    become: dzdo
+    short_description: Centrify's Direct Authorize
+    description:
+        - This become plugins allows your remote/login user to execute commands as another user via the dzdo utility.
+    author: ansible (@core)
+    options:
+        become_user:
+            description: User you 'become' to execute the task
+            ini:
+              - section: privilege_escalation
+                key: become_user
+              - section: dzdo_become_plugin
+                key: user
+            vars:
+              - name: ansible_become_user
+              - name: ansible_dzdo_user
+            env:
+              - name: ANSIBLE_BECOME_USER
+              - name: ANSIBLE_DZDO_USER
+        become_exe:
+            description: Dzdo executable
+            default: dzdo
+            ini:
+              - section: privilege_escalation
+                key: become_exe
+              - section: dzdo_become_plugin
+                key: executable
+            vars:
+              - name: ansible_become_exe
+              - name: ansible_dzdo_exe
+            env:
+              - name: ANSIBLE_BECOME_EXE
+              - name: ANSIBLE_DZDO_EXE
+        become_flags:
+            description: Options to pass to dzdo
+            default: -H -S -n
+            ini:
+              - section: privilege_escalation
+                key: become_flags
+              - section: dzdo_become_plugin
+                key: flags
+            vars:
+              - name: ansible_become_flags
+              - name: ansible_dzdo_flags
+            env:
+              - name: ANSIBLE_BECOME_FLAGS
+              - name: ANSIBLE_DZDO_FLAGS
+        become_pass:
+            description: Options to pass to dzdo
+            required: False
+            vars:
+              - name: ansible_become_password
+              - name: ansible_become_pass
+              - name: ansible_dzdo_pass
+            env:
+              - name: ANSIBLE_BECOME_PASS
+              - name: ANSIBLE_DZDO_PASS
+            ini:
+              - section: dzdo_become_plugin
+                key: password
+'''
+
+from ansible.plugins.become import BecomeBase
+
+
+class BecomeModule(BecomeBase):
+
+    name = 'community.general.dzdo'
+
+    # messages for detecting prompted password issues
+    fail = ('Sorry, try again.',)
+
+    def build_become_command(self, cmd, shell):
+        super(BecomeModule, self).build_become_command(cmd, shell)
+
+        if not cmd:
+            return cmd
+
+        becomecmd = self.get_option('become_exe') or self.name
+
+        flags = self.get_option('become_flags') or ''
+        if self.get_option('become_pass'):
+            self.prompt = '[dzdo via ansible, key=%s] password:' % self._id
+            flags = '%s -p "%s"' % (flags.replace('-n', ''), self.prompt)
+
+        user = self.get_option('become_user') or ''
+        if user:
+            user = '-u %s' % (user)
+
+        return ' '.join([becomecmd, flags, user, self._build_success_command(cmd, shell)])

plugins/become/ksu.py

@@ -0,0 +1,119 @@
+# -*- coding: utf-8 -*-
+# Copyright: (c) 2018, Ansible Project
+# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+DOCUMENTATION = '''
+    become: ksu
+    short_description: Kerberos substitute user
+    description:
+        - This become plugins allows your remote/login user to execute commands as another user via the ksu utility.
+    author: ansible (@core)
+    options:
+        become_user:
+            description: User you 'become' to execute the task
+            ini:
+              - section: privilege_escalation
+                key: become_user
+              - section: ksu_become_plugin
+                key: user
+            vars:
+              - name: ansible_become_user
+              - name: ansible_ksu_user
+            env:
+              - name: ANSIBLE_BECOME_USER
+              - name: ANSIBLE_KSU_USER
+            required: True
+        become_exe:
+            description: Su executable
+            default: ksu
+            ini:
+              - section: privilege_escalation
+                key: become_exe
+              - section: ksu_become_plugin
+                key: executable
+            vars:
+              - name: ansible_become_exe
+              - name: ansible_ksu_exe
+            env:
+              - name: ANSIBLE_BECOME_EXE
+              - name: ANSIBLE_KSU_EXE
+        become_flags:
+            description: Options to pass to ksu
+            default: ''
+            ini:
+              - section: privilege_escalation
+                key: become_flags
+              - section: ksu_become_plugin
+                key: flags
+            vars:
+              - name: ansible_become_flags
+              - name: ansible_ksu_flags
+            env:
+              - name: ANSIBLE_BECOME_FLAGS
+              - name: ANSIBLE_KSU_FLAGS
+        become_pass:
+            description: ksu password
+            required: False
+            vars:
+              - name: ansible_ksu_pass
+              - name: ansible_become_pass
+              - name: ansible_become_password
+            env:
+              - name: ANSIBLE_BECOME_PASS
+              - name: ANSIBLE_KSU_PASS
+            ini:
+              - section: ksu_become_plugin
+                key: password
+        prompt_l10n:
+            description:
+                - List of localized strings to match for prompt detection
+                - If empty we'll use the built in one
+            default: []
+            ini:
+              - section: ksu_become_plugin
+                key: localized_prompts
+            vars:
+              - name: ansible_ksu_prompt_l10n
+            env:
+              - name: ANSIBLE_KSU_PROMPT_L10N
+'''
+
+import re
+
+from ansible.module_utils._text import to_bytes
+from ansible.plugins.become import BecomeBase
+
+
+class BecomeModule(BecomeBase):
+
+    name = 'community.general.ksu'
+
+    # messages for detecting prompted password issues
+    fail = ('Password incorrect',)
+    missing = ('No password given',)
+
+    def check_password_prompt(self, b_output):
+        ''' checks if the expected password prompt exists in b_output '''
+
+        prompts = self.get_option('prompt_l10n') or ["Kerberos password for .*@.*:"]
+        b_prompt = b"|".join(to_bytes(p) for p in prompts)
+
+        return bool(re.match(b_prompt, b_output))
+
+    def build_become_command(self, cmd, shell):
+
+        super(BecomeModule, self).build_become_command(cmd, shell)
+
+        # Prompt handling for ``ksu`` is more complicated, this
+        # is used to satisfy the connection plugin
+        self.prompt = True
+
+        if not cmd:
+            return cmd
+
+        exe = self.get_option('become_exe') or self.name
+        flags = self.get_option('become_flags') or ''
+        user = self.get_option('become_user') or ''
+        return '%s %s %s -e %s ' % (exe, user, flags, self._build_success_command(cmd, shell))

plugins/become/machinectl.py

@@ -0,0 +1,86 @@
+# -*- coding: utf-8 -*-
+# Copyright: (c) 2018, Ansible Project
+# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+DOCUMENTATION = '''
+    become: machinectl
+    short_description: Systemd's machinectl privilege escalation
+    description:
+        - This become plugins allows your remote/login user to execute commands as another user via the machinectl utility.
+    author: ansible (@core)
+    options:
+        become_user:
+            description: User you 'become' to execute the task
+            ini:
+              - section: privilege_escalation
+                key: become_user
+              - section: machinectl_become_plugin
+                key: user
+            vars:
+              - name: ansible_become_user
+              - name: ansible_machinectl_user
+            env:
+              - name: ANSIBLE_BECOME_USER
+              - name: ANSIBLE_MACHINECTL_USER
+        become_exe:
+            description: Machinectl executable
+            default: machinectl
+            ini:
+              - section: privilege_escalation
+                key: become_exe
+              - section: machinectl_become_plugin
+                key: executable
+            vars:
+              - name: ansible_become_exe
+              - name: ansible_machinectl_exe
+            env:
+              - name: ANSIBLE_BECOME_EXE
+              - name: ANSIBLE_MACHINECTL_EXE
+        become_flags:
+            description: Options to pass to machinectl
+            default: ''
+            ini:
+              - section: privilege_escalation
+                key: become_flags
+              - section: machinectl_become_plugin
+                key: flags
+            vars:
+              - name: ansible_become_flags
+              - name: ansible_machinectl_flags
+            env:
+              - name: ANSIBLE_BECOME_FLAGS
+              - name: ANSIBLE_MACHINECTL_FLAGS
+        become_pass:
+            description: Password for machinectl
+            required: False
+            vars:
+              - name: ansible_become_password
+              - name: ansible_become_pass
+              - name: ansible_machinectl_pass
+            env:
+              - name: ANSIBLE_BECOME_PASS
+              - name: ANSIBLE_MACHINECTL_PASS
+            ini:
+              - section: machinectl_become_plugin
+                key: password
+'''
+
+from ansible.plugins.become import BecomeBase
+
+
+class BecomeModule(BecomeBase):
+
+    name = 'community.general.machinectl'
+
+    def build_become_command(self, cmd, shell):
+        super(BecomeModule, self).build_become_command(cmd, shell)
+
+        if not cmd:
+            return cmd
+
+        become = self.get_option('become_exe') or self.name
+        flags = self.get_option('become_flags') or ''
+        user = self.get_option('become_user') or ''
+        return '%s -q shell %s %s@ %s' % (become, flags, user, cmd)

plugins/become/pbrun.py

@@ -0,0 +1,103 @@
+# -*- coding: utf-8 -*-
+# Copyright: (c) 2018, Ansible Project
+# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+DOCUMENTATION = '''
+    become: pbrun
+    short_description: PowerBroker run
+    description:
+        - This become plugins allows your remote/login user to execute commands as another user via the pbrun utility.
+    author: ansible (@core)
+    options:
+        become_user:
+            description: User you 'become' to execute the task
+            default: ''
+            ini:
+              - section: privilege_escalation
+                key: become_user
+              - section: pbrun_become_plugin
+                key: user
+            vars:
+              - name: ansible_become_user
+              - name: ansible_pbrun_user
+            env:
+              - name: ANSIBLE_BECOME_USER
+              - name: ANSIBLE_PBRUN_USER
+        become_exe:
+            description: Sudo executable
+            default: pbrun
+            ini:
+              - section: privilege_escalation
+                key: become_exe
+              - section: pbrun_become_plugin
+                key: executable
+            vars:
+              - name: ansible_become_exe
+              - name: ansible_pbrun_exe
+            env:
+              - name: ANSIBLE_BECOME_EXE
+              - name: ANSIBLE_PBRUN_EXE
+        become_flags:
+            description: Options to pass to pbrun
+            ini:
+              - section: privilege_escalation
+                key: become_flags
+              - section: pbrun_become_plugin
+                key: flags
+            vars:
+              - name: ansible_become_flags
+              - name: ansible_pbrun_flags
+            env:
+              - name: ANSIBLE_BECOME_FLAGS
+              - name: ANSIBLE_PBRUN_FLAGS
+        become_pass:
+            description: Password for pbrun
+            required: False
+            vars:
+              - name: ansible_become_password
+              - name: ansible_become_pass
+              - name: ansible_pbrun_pass
+            env:
+              - name: ANSIBLE_BECOME_PASS
+              - name: ANSIBLE_PBRUN_PASS
+            ini:
+              - section: pbrun_become_plugin
+                key: password
+        wrap_exe:
+            description: Toggle to wrap the command pbrun calls in 'shell -c' or not
+            default: False
+            type: bool
+            ini:
+              - section: pbrun_become_plugin
+                key: wrap_execution
+            vars:
+              - name: ansible_pbrun_wrap_execution
+            env:
+              - name: ANSIBLE_PBRUN_WRAP_EXECUTION
+'''
+
+from ansible.plugins.become import BecomeBase
+
+
+class BecomeModule(BecomeBase):
+
+    name = 'community.general.pbrun'
+
+    prompt = 'Password:'
+
+    def build_become_command(self, cmd, shell):
+        super(BecomeModule, self).build_become_command(cmd, shell)
+
+        if not cmd:
+            return cmd
+
+        become_exe = self.get_option('become_exe') or self.name
+        flags = self.get_option('become_flags') or ''
+        user = self.get_option('become_user') or ''
+        if user:
+            user = '-u %s' % (user)
+        noexe = not self.get_option('wrap_exe')
+
+        return ' '.join([become_exe, flags, user, self._build_success_command(cmd, shell, noexe=noexe)])

plugins/become/pfexec.py

@@ -0,0 +1,103 @@
+# -*- coding: utf-8 -*-
+# Copyright: (c) 2018, Ansible Project
+# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+DOCUMENTATION = '''
+    become: pfexec
+    short_description: profile based execution
+    description:
+        - This become plugins allows your remote/login user to execute commands as another user via the pfexec utility.
+    author: ansible (@core)
+    options:
+        become_user:
+            description:
+                - User you 'become' to execute the task
+                - This plugin ignores this setting as pfexec uses it's own ``exec_attr`` to figure this out,
+                  but it is supplied here for Ansible to make decisions needed for the task execution, like file permissions.
+            default: root
+            ini:
+              - section: privilege_escalation
+                key: become_user
+              - section: pfexec_become_plugin
+                key: user
+            vars:
+              - name: ansible_become_user
+              - name: ansible_pfexec_user
+            env:
+              - name: ANSIBLE_BECOME_USER
+              - name: ANSIBLE_PFEXEC_USER
+        become_exe:
+            description: Sudo executable
+            default: pfexec
+            ini:
+              - section: privilege_escalation
+                key: become_exe
+              - section: pfexec_become_plugin
+                key: executable
+            vars:
+              - name: ansible_become_exe
+              - name: ansible_pfexec_exe
+            env:
+              - name: ANSIBLE_BECOME_EXE
+              - name: ANSIBLE_PFEXEC_EXE
+        become_flags:
+            description: Options to pass to pfexec
+            default: -H -S -n
+            ini:
+              - section: privilege_escalation
+                key: become_flags
+              - section: pfexec_become_plugin
+                key: flags
+            vars:
+              - name: ansible_become_flags
+              - name: ansible_pfexec_flags
+            env:
+              - name: ANSIBLE_BECOME_FLAGS
+              - name: ANSIBLE_PFEXEC_FLAGS
+        become_pass:
+            description: pfexec password
+            required: False
+            vars:
+              - name: ansible_become_password
+              - name: ansible_become_pass
+              - name: ansible_pfexec_pass
+            env:
+              - name: ANSIBLE_BECOME_PASS
+              - name: ANSIBLE_PFEXEC_PASS
+            ini:
+              - section: pfexec_become_plugin
+                key: password
+        wrap_exe:
+            description: Toggle to wrap the command pfexec calls in 'shell -c' or not
+            default: False
+            type: bool
+            ini:
+              - section: pfexec_become_plugin
+                key: wrap_execution
+            vars:
+              - name: ansible_pfexec_wrap_execution
+            env:
+              - name: ANSIBLE_PFEXEC_WRAP_EXECUTION
+    note:
+      - This plugin ignores ``become_user`` as pfexec uses it's own ``exec_attr`` to figure this out.
+'''
+
+from ansible.plugins.become import BecomeBase
+
+
+class BecomeModule(BecomeBase):
+
+    name = 'community.general.pfexec'
+
+    def build_become_command(self, cmd, shell):
+        super(BecomeModule, self).build_become_command(cmd, shell)
+
+        if not cmd:
+            return cmd
+
+        exe = self.get_option('become_exe') or self.name
+        flags = self.get_option('become_flags')
+        noexe = not self.get_option('wrap_exe')
+        return '%s %s "%s"' % (exe, flags, self._build_success_command(cmd, shell, noexe=noexe))

plugins/become/pmrun.py

@@ -0,0 +1,75 @@
+# -*- coding: utf-8 -*-
+# Copyright: (c) 2018, Ansible Project
+# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+DOCUMENTATION = '''
+    become: pmrun
+    short_description: Privilege Manager run
+    description:
+        - This become plugins allows your remote/login user to execute commands as another user via the pmrun utility.
+    author: ansible (@core)
+    options:
+        become_exe:
+            description: Sudo executable
+            default: pmrun
+            ini:
+              - section: privilege_escalation
+                key: become_exe
+              - section: pmrun_become_plugin
+                key: executable
+            vars:
+              - name: ansible_become_exe
+              - name: ansible_pmrun_exe
+            env:
+              - name: ANSIBLE_BECOME_EXE
+              - name: ANSIBLE_PMRUN_EXE
+        become_flags:
+            description: Options to pass to pmrun
+            ini:
+              - section: privilege_escalation
+                key: become_flags
+              - section: pmrun_become_plugin
+                key: flags
+            vars:
+              - name: ansible_become_flags
+              - name: ansible_pmrun_flags
+            env:
+              - name: ANSIBLE_BECOME_FLAGS
+              - name: ANSIBLE_PMRUN_FLAGS
+        become_pass:
+            description: pmrun password
+            required: False
+            vars:
+              - name: ansible_become_password
+              - name: ansible_become_pass
+              - name: ansible_pmrun_pass
+            env:
+              - name: ANSIBLE_BECOME_PASS
+              - name: ANSIBLE_PMRUN_PASS
+            ini:
+              - section: pmrun_become_plugin
+                key: password
+    notes:
+      - This plugin ignores the become_user supplied and uses pmrun's own configuration to select the user.
+'''
+
+from ansible.plugins.become import BecomeBase
+from ansible.module_utils.six.moves import shlex_quote
+
+
+class BecomeModule(BecomeBase):
+
+    name = 'community.general.pmrun'
+    prompt = 'Enter UPM user password:'
+
+    def build_become_command(self, cmd, shell):
+        super(BecomeModule, self).build_become_command(cmd, shell)
+
+        if not cmd:
+            return cmd
+
+        become = self.get_option('become_exe') or self.name
+        flags = self.get_option('become_flags') or ''
+        return '%s %s %s' % (become, flags, shlex_quote(self._build_success_command(cmd, shell)))

plugins/become/sesu.py

@@ -0,0 +1,89 @@
+# -*- coding: utf-8 -*-
+# Copyright: (c) 2018, Ansible Project
+# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+DOCUMENTATION = '''
+    become: sesu
+    short_description: CA Privileged Access Manager
+    description:
+        - This become plugins allows your remote/login user to execute commands as another user via the sesu utility.
+    author: ansible (@nekonyuu)
+    options:
+        become_user:
+            description: User you 'become' to execute the task
+            ini:
+              - section: privilege_escalation
+                key: become_user
+              - section: sesu_become_plugin
+                key: user
+            vars:
+              - name: ansible_become_user
+              - name: ansible_sesu_user
+            env:
+              - name: ANSIBLE_BECOME_USER
+              - name: ANSIBLE_SESU_USER
+        become_exe:
+            description: sesu executable
+            default: sesu
+            ini:
+              - section: privilege_escalation
+                key: become_exe
+              - section: sesu_become_plugin
+                key: executable
+            vars:
+              - name: ansible_become_exe
+              - name: ansible_sesu_exe
+            env:
+              - name: ANSIBLE_BECOME_EXE
+              - name: ANSIBLE_SESU_EXE
+        become_flags:
+            description: Options to pass to sesu
+            default: -H -S -n
+            ini:
+              - section: privilege_escalation
+                key: become_flags
+              - section: sesu_become_plugin
+                key: flags
+            vars:
+              - name: ansible_become_flags
+              - name: ansible_sesu_flags
+            env:
+              - name: ANSIBLE_BECOME_FLAGS
+              - name: ANSIBLE_SESU_FLAGS
+        become_pass:
+            description: Password to pass to sesu
+            required: False
+            vars:
+              - name: ansible_become_password
+              - name: ansible_become_pass
+              - name: ansible_sesu_pass
+            env:
+              - name: ANSIBLE_BECOME_PASS
+              - name: ANSIBLE_SESU_PASS
+            ini:
+              - section: sesu_become_plugin
+                key: password
+'''
+
+from ansible.plugins.become import BecomeBase
+
+
+class BecomeModule(BecomeBase):
+
+    name = 'community.general.sesu'
+
+    _prompt = 'Please enter your password:'
+    fail = missing = ('Sorry, try again with sesu.',)
+
+    def build_become_command(self, cmd, shell):
+        super(BecomeModule, self).build_become_command(cmd, shell)
+
+        if not cmd:
+            return cmd
+
+        become = self.get_option('become_exe') or self.name
+        flags = self.get_option('become_flags') or ''
+        user = self.get_option('become_user') or ''
+        return '%s %s %s -c %s' % (become, flags, user, self._build_success_command(cmd, shell))