ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-06-29 03:30:22 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

Verify that effective uid == remote_user when transport is local

Browse source 
Raise exception if effective uid of process is not the same as
remote_user.
This commit is contained in:
Stephen Fromm 2012-04-10 16:27:19 -07:00
parent 5d74fedeb9
commit b5061bb62e
1 changed files with 4 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
lib/ansible/runner.py
View file

@ -22,6 +22,7 @@ import fnmatch
import multiprocessing import multiprocessing
import signal import signal
import os import os
import pwd
import Queue import Queue
import random import random
import traceback import traceback
@ -115,6 +116,9 @@ class Runner(object):
self.basedir = basedir self.basedir = basedir
self.sudo = sudo self.sudo = sudo
euid = pwd.getpwuid(os.geteuid())[0]
if self.transport == 'local' and self.remote_user != euid:
raise Exception("User mismatch: expected %s, but is %s" % (self.remote_user, euid))
if type(self.module_args) != str: if type(self.module_args) != str:
raise Exception("module_args must be a string: %s" % self.module_args) raise Exception("module_args must be a string: %s" % self.module_args)