mirror of
				https://github.com/ansible-collections/community.general.git
				synced 2025-10-25 21:44:00 -07:00 
			
		
		
		
	Revert "Merge pull request #5325 from angstwad/add-su-support"
This reverts commit6f4bfa2cff, reversing changes made toc91ba3a7c7.
This commit is contained in:
		
					parent
					
						
							
								6f4bfa2cff
							
						
					
				
			
			
				commit
				
					
						c17d0e0357
					
				
			
		
					 17 changed files with 95 additions and 305 deletions
				
			
		
							
								
								
									
										41
									
								
								bin/ansible
									
										
									
									
									
								
							
							
						
						
									
										41
									
								
								bin/ansible
									
										
									
									
									
								
							|  | @ -67,14 +67,6 @@ class Cli(object): | ||||||
|         if len(args) == 0 or len(args) > 1: |         if len(args) == 0 or len(args) > 1: | ||||||
|             parser.print_help() |             parser.print_help() | ||||||
|             sys.exit(1) |             sys.exit(1) | ||||||
| 
 |  | ||||||
|         # su and sudo command line arguments need to be mutually exclusive |  | ||||||
|         if (options.su or options.su_user or options.ask_su_pass) and \ |  | ||||||
|                 (options.sudo or options.sudo_user or options.ask_sudo_pass): |  | ||||||
|             parser.error("Sudo arguments ('--sudo', '--sudo-user', and '--ask-sudo-pass') " |  | ||||||
|                          "and su arguments ('-su', '--su-user', and '--ask-su-pass') are " |  | ||||||
|                          "mutually exclusive") |  | ||||||
| 
 |  | ||||||
|         return (options, args) |         return (options, args) | ||||||
| 
 | 
 | ||||||
|     # ---------------------------------------------- |     # ---------------------------------------------- | ||||||
|  | @ -104,46 +96,31 @@ class Cli(object): | ||||||
| 
 | 
 | ||||||
|         sshpass = None |         sshpass = None | ||||||
|         sudopass = None |         sudopass = None | ||||||
|         su_pass = None |  | ||||||
|         options.ask_pass = options.ask_pass or C.DEFAULT_ASK_PASS |         options.ask_pass = options.ask_pass or C.DEFAULT_ASK_PASS | ||||||
|         # Never ask for an SSH password when we run with local connection |         # Never ask for an SSH password when we run with local connection | ||||||
|         if options.connection == "local": |         if options.connection == "local": | ||||||
|             options.ask_pass = False |             options.ask_pass = False | ||||||
|         options.ask_sudo_pass = options.ask_sudo_pass or C.DEFAULT_ASK_SUDO_PASS |         options.ask_sudo_pass = options.ask_sudo_pass or C.DEFAULT_ASK_SUDO_PASS | ||||||
|         options.ask_su_pass = options.ask_su_pass or C.DEFAULT_ASK_SU_PASS |         (sshpass, sudopass) = utils.ask_passwords(ask_pass=options.ask_pass, ask_sudo_pass=options.ask_sudo_pass) | ||||||
|         (sshpass, sudopass, su_pass) = utils.ask_passwords(ask_pass=options.ask_pass, ask_sudo_pass=options.ask_sudo_pass, ask_su_pass=options.ask_su_pass) |         if options.sudo_user or options.ask_sudo_pass: | ||||||
|         if options.su_user or options.ask_su_pass: |  | ||||||
|             options.su = True |  | ||||||
|         elif options.sudo_user or options.ask_sudo_pass: |  | ||||||
|             options.sudo = True |             options.sudo = True | ||||||
|         options.sudo_user = options.sudo_user or C.DEFAULT_SUDO_USER |         options.sudo_user = options.sudo_user or C.DEFAULT_SUDO_USER | ||||||
|         options.su_user = options.su_user or C.DEFAULT_SU_USER |  | ||||||
|         if options.tree: |         if options.tree: | ||||||
|             utils.prepare_writeable_dir(options.tree) |             utils.prepare_writeable_dir(options.tree) | ||||||
| 
 | 
 | ||||||
| 
 |  | ||||||
|         runner = Runner( |         runner = Runner( | ||||||
|             module_name=options.module_name, |             module_name=options.module_name, module_path=options.module_path, | ||||||
|             module_path=options.module_path, |  | ||||||
|             module_args=options.module_args, |             module_args=options.module_args, | ||||||
|             remote_user=options.remote_user, |             remote_user=options.remote_user, remote_pass=sshpass, | ||||||
|             remote_pass=sshpass, |             inventory=inventory_manager, timeout=options.timeout, | ||||||
|             inventory=inventory_manager, |  | ||||||
|             timeout=options.timeout, |  | ||||||
|             private_key_file=options.private_key_file, |             private_key_file=options.private_key_file, | ||||||
|             forks=options.forks, |             forks=options.forks, | ||||||
|             pattern=pattern, |             pattern=pattern, | ||||||
|             callbacks=self.callbacks, |             callbacks=self.callbacks, sudo=options.sudo, | ||||||
|             sudo=options.sudo, |             sudo_pass=sudopass,sudo_user=options.sudo_user, | ||||||
|             sudo_pass=sudopass, |             transport=options.connection, subset=options.subset, | ||||||
|             sudo_user=options.sudo_user, |  | ||||||
|             transport=options.connection, |  | ||||||
|             subset=options.subset, |  | ||||||
|             check=options.check, |             check=options.check, | ||||||
|             diff=options.check, |             diff=options.check | ||||||
|             su=options.su, |  | ||||||
|             su_pass=su_pass, |  | ||||||
|             su_user=options.su_user |  | ||||||
|         ) |         ) | ||||||
| 
 | 
 | ||||||
|         if options.seconds: |         if options.seconds: | ||||||
|  |  | ||||||
|  | @ -83,13 +83,6 @@ def main(args): | ||||||
|         parser.print_help(file=sys.stderr) |         parser.print_help(file=sys.stderr) | ||||||
|         return 1 |         return 1 | ||||||
| 
 | 
 | ||||||
|     # su and sudo command line arguments need to be mutually exclusive |  | ||||||
|     if (options.su or options.su_user or options.ask_su_pass) and \ |  | ||||||
|                 (options.sudo or options.sudo_user or options.ask_sudo_pass): |  | ||||||
|             parser.error("Sudo arguments ('--sudo', '--sudo-user', and '--ask-sudo-pass') " |  | ||||||
|                          "and su arguments ('-su', '--su-user', and '--ask-su-pass') are " |  | ||||||
|                          "mutually exclusive") |  | ||||||
| 
 |  | ||||||
|     inventory = ansible.inventory.Inventory(options.inventory) |     inventory = ansible.inventory.Inventory(options.inventory) | ||||||
|     inventory.subset(options.subset) |     inventory.subset(options.subset) | ||||||
|     if len(inventory.list_hosts()) == 0: |     if len(inventory.list_hosts()) == 0: | ||||||
|  | @ -97,18 +90,14 @@ def main(args): | ||||||
| 
 | 
 | ||||||
|     sshpass = None |     sshpass = None | ||||||
|     sudopass = None |     sudopass = None | ||||||
|     su_pass = None |  | ||||||
|     if not options.listhosts and not options.syntax and not options.listtasks: |     if not options.listhosts and not options.syntax and not options.listtasks: | ||||||
|         options.ask_pass = options.ask_pass or C.DEFAULT_ASK_PASS |         options.ask_pass = options.ask_pass or C.DEFAULT_ASK_PASS | ||||||
|         # Never ask for an SSH password when we run with local connection |         # Never ask for an SSH password when we run with local connection | ||||||
|         if options.connection == "local": |         if options.connection == "local": | ||||||
|             options.ask_pass = False |             options.ask_pass = False | ||||||
|         options.ask_sudo_pass = options.ask_sudo_pass or C.DEFAULT_ASK_SUDO_PASS |         options.ask_sudo_pass = options.ask_sudo_pass or C.DEFAULT_ASK_SUDO_PASS | ||||||
|         options.ask_su_pass = options.ask_su_pass or C.DEFAULT_ASK_SU_PASS |         (sshpass, sudopass) = utils.ask_passwords(ask_pass=options.ask_pass, ask_sudo_pass=options.ask_sudo_pass) | ||||||
|         (sshpass, sudopass, su_pass) = utils.ask_passwords(ask_pass=options.ask_pass, ask_sudo_pass=options.ask_sudo_pass, ask_su_pass=options.ask_su_pass) |  | ||||||
|         options.sudo_user = options.sudo_user or C.DEFAULT_SUDO_USER |         options.sudo_user = options.sudo_user or C.DEFAULT_SUDO_USER | ||||||
|         options.su_user = options.su_user or C.DEFAULT_SU_USER |  | ||||||
| 
 |  | ||||||
| 
 | 
 | ||||||
|     extra_vars = {} |     extra_vars = {} | ||||||
|     for extra_vars_opt in options.extra_vars: |     for extra_vars_opt in options.extra_vars: | ||||||
|  | @ -167,10 +156,7 @@ def main(args): | ||||||
|             only_tags=only_tags, |             only_tags=only_tags, | ||||||
|             skip_tags=skip_tags, |             skip_tags=skip_tags, | ||||||
|             check=options.check, |             check=options.check, | ||||||
|             diff=options.diff, |             diff=options.diff | ||||||
|             su=options.su, |  | ||||||
|             su_pass=su_pass, |  | ||||||
|             su_user=options.su_user |  | ||||||
|         ) |         ) | ||||||
| 
 | 
 | ||||||
|         if options.listhosts or options.listtasks or options.syntax: |         if options.listhosts or options.listtasks or options.syntax: | ||||||
|  |  | ||||||
|  | @ -127,11 +127,6 @@ DEFAULT_HASH_BEHAVIOUR    = get_config(p, DEFAULTS, 'hash_behaviour', 'ANSIBLE_H | ||||||
| DEFAULT_LEGACY_PLAYBOOK_VARIABLES = get_config(p, DEFAULTS, 'legacy_playbook_variables', 'ANSIBLE_LEGACY_PLAYBOOK_VARIABLES', True, boolean=True) | DEFAULT_LEGACY_PLAYBOOK_VARIABLES = get_config(p, DEFAULTS, 'legacy_playbook_variables', 'ANSIBLE_LEGACY_PLAYBOOK_VARIABLES', True, boolean=True) | ||||||
| DEFAULT_JINJA2_EXTENSIONS = get_config(p, DEFAULTS, 'jinja2_extensions', 'ANSIBLE_JINJA2_EXTENSIONS', None) | DEFAULT_JINJA2_EXTENSIONS = get_config(p, DEFAULTS, 'jinja2_extensions', 'ANSIBLE_JINJA2_EXTENSIONS', None) | ||||||
| DEFAULT_EXECUTABLE        = get_config(p, DEFAULTS, 'executable', 'ANSIBLE_EXECUTABLE', '/bin/sh') | DEFAULT_EXECUTABLE        = get_config(p, DEFAULTS, 'executable', 'ANSIBLE_EXECUTABLE', '/bin/sh') | ||||||
| DEFAULT_SU_EXE = get_config(p, DEFAULTS, 'su_exe', 'ANSIBLE_SU_EXE', 'su') |  | ||||||
| DEFAULT_SU = get_config(p, DEFAULTS, 'su', 'ANSIBLE_SU', False, boolean=True) |  | ||||||
| DEFAULT_SU_FLAGS = get_config(p, DEFAULTS, 'su_flags', 'ANSIBLE_SU_FLAGS', '') |  | ||||||
| DEFAULT_SU_USER = get_config(p, DEFAULTS, 'su_user', 'ANSIBLE_SU_USER', 'root') |  | ||||||
| DEFAULT_ASK_SU_PASS = get_config(p, DEFAULTS, 'ask_su_pass', 'ANSIBLE_ASK_SU_PASS', False, boolean=True) |  | ||||||
| 
 | 
 | ||||||
| DEFAULT_ACTION_PLUGIN_PATH     = get_config(p, DEFAULTS, 'action_plugins',     'ANSIBLE_ACTION_PLUGINS', '/usr/share/ansible_plugins/action_plugins') | DEFAULT_ACTION_PLUGIN_PATH     = get_config(p, DEFAULTS, 'action_plugins',     'ANSIBLE_ACTION_PLUGINS', '/usr/share/ansible_plugins/action_plugins') | ||||||
| DEFAULT_CALLBACK_PLUGIN_PATH   = get_config(p, DEFAULTS, 'callback_plugins',   'ANSIBLE_CALLBACK_PLUGINS', '/usr/share/ansible_plugins/callback_plugins') | DEFAULT_CALLBACK_PLUGIN_PATH   = get_config(p, DEFAULTS, 'callback_plugins',   'ANSIBLE_CALLBACK_PLUGINS', '/usr/share/ansible_plugins/callback_plugins') | ||||||
|  | @ -166,5 +161,4 @@ DEFAULT_PASSWORD_CHARS = ascii_letters + digits + ".,:-_" | ||||||
| DEFAULT_SUDO_PASS         = None | DEFAULT_SUDO_PASS         = None | ||||||
| DEFAULT_REMOTE_PASS       = None | DEFAULT_REMOTE_PASS       = None | ||||||
| DEFAULT_SUBSET            = None | DEFAULT_SUBSET            = None | ||||||
| DEFAULT_SU_PASS           = None |  | ||||||
| 
 | 
 | ||||||
|  |  | ||||||
|  | @ -68,11 +68,7 @@ class PlayBook(object): | ||||||
|         inventory        = None, |         inventory        = None, | ||||||
|         check            = False, |         check            = False, | ||||||
|         diff             = False, |         diff             = False, | ||||||
|         any_errors_fatal = False, |         any_errors_fatal = False): | ||||||
|         su               = False, |  | ||||||
|         su_user          = False, |  | ||||||
|         su_pass          = False, |  | ||||||
|     ): |  | ||||||
| 
 | 
 | ||||||
|         """ |         """ | ||||||
|         playbook:         path to a playbook file |         playbook:         path to a playbook file | ||||||
|  | @ -126,9 +122,6 @@ class PlayBook(object): | ||||||
|         self.only_tags        = only_tags |         self.only_tags        = only_tags | ||||||
|         self.skip_tags        = skip_tags |         self.skip_tags        = skip_tags | ||||||
|         self.any_errors_fatal = any_errors_fatal |         self.any_errors_fatal = any_errors_fatal | ||||||
|         self.su               = su |  | ||||||
|         self.su_user          = su_user |  | ||||||
|         self.su_pass          = su_pass |  | ||||||
| 
 | 
 | ||||||
|         self.callbacks.playbook = self |         self.callbacks.playbook = self | ||||||
|         self.runner_callbacks.playbook = self |         self.runner_callbacks.playbook = self | ||||||
|  | @ -310,39 +303,20 @@ class PlayBook(object): | ||||||
|         self.inventory.restrict_to(hosts) |         self.inventory.restrict_to(hosts) | ||||||
| 
 | 
 | ||||||
|         runner = ansible.runner.Runner( |         runner = ansible.runner.Runner( | ||||||
|             pattern=task.play.hosts, |             pattern=task.play.hosts, inventory=self.inventory, module_name=task.module_name, | ||||||
|             inventory=self.inventory, |             module_args=task.module_args, forks=self.forks, | ||||||
|             module_name=task.module_name, |             remote_pass=self.remote_pass, module_path=self.module_path, | ||||||
|             module_args=task.module_args, |             timeout=self.timeout, remote_user=task.remote_user, | ||||||
|             forks=self.forks, |             remote_port=task.play.remote_port, module_vars=task.module_vars, | ||||||
|             remote_pass=self.remote_pass, |             default_vars=task.default_vars, private_key_file=self.private_key_file, | ||||||
|             module_path=self.module_path, |             setup_cache=self.SETUP_CACHE, basedir=task.play.basedir, | ||||||
|             timeout=self.timeout, |             conditional=task.when, callbacks=self.runner_callbacks, | ||||||
|             remote_user=task.remote_user, |             sudo=task.sudo, sudo_user=task.sudo_user, | ||||||
|             remote_port=task.play.remote_port, |             transport=task.transport, sudo_pass=task.sudo_pass, is_playbook=True, | ||||||
|             module_vars=task.module_vars, |             check=self.check, diff=self.diff, environment=task.environment, complex_args=task.args, | ||||||
|             default_vars=task.default_vars, |             accelerate=task.play.accelerate, accelerate_port=task.play.accelerate_port, | ||||||
|             private_key_file=self.private_key_file, |  | ||||||
|             setup_cache=self.SETUP_CACHE, |  | ||||||
|             basedir=task.play.basedir, |  | ||||||
|             conditional=task.when, |  | ||||||
|             callbacks=self.runner_callbacks, |  | ||||||
|             sudo=task.sudo, |  | ||||||
|             sudo_user=task.sudo_user, |  | ||||||
|             transport=task.transport, |  | ||||||
|             sudo_pass=task.sudo_pass, |  | ||||||
|             is_playbook=True, |  | ||||||
|             check=self.check, |  | ||||||
|             diff=self.diff, |  | ||||||
|             environment=task.environment, |  | ||||||
|             complex_args=task.args, |  | ||||||
|             accelerate=task.play.accelerate, |  | ||||||
|             accelerate_port=task.play.accelerate_port, |  | ||||||
|             accelerate_ipv6=task.play.accelerate_ipv6, |             accelerate_ipv6=task.play.accelerate_ipv6, | ||||||
|             error_on_undefined_vars=C.DEFAULT_UNDEFINED_VAR_BEHAVIOR, |             error_on_undefined_vars=C.DEFAULT_UNDEFINED_VAR_BEHAVIOR | ||||||
|             su=task.su, |  | ||||||
|             su_user=task.su_user, |  | ||||||
|             su_pass=task.su_pass |  | ||||||
|         ) |         ) | ||||||
| 
 | 
 | ||||||
|         if task.async_seconds == 0: |         if task.async_seconds == 0: | ||||||
|  | @ -472,30 +446,13 @@ class PlayBook(object): | ||||||
| 
 | 
 | ||||||
|         # push any variables down to the system |         # push any variables down to the system | ||||||
|         setup_results = ansible.runner.Runner( |         setup_results = ansible.runner.Runner( | ||||||
|             pattern=play.hosts, |             pattern=play.hosts, module_name='setup', module_args={}, inventory=self.inventory, | ||||||
|             module_name='setup', |             forks=self.forks, module_path=self.module_path, timeout=self.timeout, remote_user=play.remote_user, | ||||||
|             module_args={}, |             remote_pass=self.remote_pass, remote_port=play.remote_port, private_key_file=self.private_key_file, | ||||||
|             inventory=self.inventory, |             setup_cache=self.SETUP_CACHE, callbacks=self.runner_callbacks, sudo=play.sudo, sudo_user=play.sudo_user, | ||||||
|             forks=self.forks, |             transport=play.transport, sudo_pass=self.sudo_pass, is_playbook=True, module_vars=play.vars, | ||||||
|             module_path=self.module_path, |             default_vars=play.default_vars, check=self.check, diff=self.diff, | ||||||
|             timeout=self.timeout, |             accelerate=play.accelerate, accelerate_port=play.accelerate_port, | ||||||
|             remote_user=play.remote_user, |  | ||||||
|             remote_pass=self.remote_pass, |  | ||||||
|             remote_port=play.remote_port, |  | ||||||
|             private_key_file=self.private_key_file, |  | ||||||
|             setup_cache=self.SETUP_CACHE, |  | ||||||
|             callbacks=self.runner_callbacks, |  | ||||||
|             sudo=play.sudo, |  | ||||||
|             sudo_user=play.sudo_user, |  | ||||||
|             transport=play.transport, |  | ||||||
|             sudo_pass=self.sudo_pass, |  | ||||||
|             is_playbook=True, |  | ||||||
|             module_vars=play.vars, |  | ||||||
|             default_vars=play.default_vars, |  | ||||||
|             check=self.check, |  | ||||||
|             diff=self.diff, |  | ||||||
|             accelerate=play.accelerate, |  | ||||||
|             accelerate_port=play.accelerate_port, |  | ||||||
|         ).run() |         ).run() | ||||||
|         self.stats.compute(setup_results, setup=True) |         self.stats.compute(setup_results, setup=True) | ||||||
| 
 | 
 | ||||||
|  |  | ||||||
|  | @ -34,7 +34,7 @@ class Play(object): | ||||||
|        'handlers', 'remote_user', 'remote_port', 'included_roles', 'accelerate', |        'handlers', 'remote_user', 'remote_port', 'included_roles', 'accelerate', | ||||||
|        'accelerate_port', 'accelerate_ipv6', 'sudo', 'sudo_user', 'transport', 'playbook', |        'accelerate_port', 'accelerate_ipv6', 'sudo', 'sudo_user', 'transport', 'playbook', | ||||||
|        'tags', 'gather_facts', 'serial', '_ds', '_handlers', '_tasks', |        'tags', 'gather_facts', 'serial', '_ds', '_handlers', '_tasks', | ||||||
|        'basedir', 'any_errors_fatal', 'roles', 'max_fail_pct', 'su', 'su_user' |        'basedir', 'any_errors_fatal', 'roles', 'max_fail_pct' | ||||||
|     ] |     ] | ||||||
| 
 | 
 | ||||||
|     # to catch typos and so forth -- these are userland names |     # to catch typos and so forth -- these are userland names | ||||||
|  | @ -43,8 +43,7 @@ class Play(object): | ||||||
|        'hosts', 'name', 'vars', 'vars_prompt', 'vars_files', |        'hosts', 'name', 'vars', 'vars_prompt', 'vars_files', | ||||||
|        'tasks', 'handlers', 'remote_user', 'user', 'port', 'include', 'accelerate', 'accelerate_port', 'accelerate_ipv6', |        'tasks', 'handlers', 'remote_user', 'user', 'port', 'include', 'accelerate', 'accelerate_port', 'accelerate_ipv6', | ||||||
|        'sudo', 'sudo_user', 'connection', 'tags', 'gather_facts', 'serial', |        'sudo', 'sudo_user', 'connection', 'tags', 'gather_facts', 'serial', | ||||||
|        'any_errors_fatal', 'roles', 'pre_tasks', 'post_tasks', 'max_fail_percentage', |        'any_errors_fatal', 'roles', 'pre_tasks', 'post_tasks', 'max_fail_percentage'  | ||||||
|        'su', 'su_user' |  | ||||||
|     ] |     ] | ||||||
| 
 | 
 | ||||||
|     # ************************************************* |     # ************************************************* | ||||||
|  | @ -122,8 +121,6 @@ class Play(object): | ||||||
|         self.accelerate_port  = ds.get('accelerate_port', None) |         self.accelerate_port  = ds.get('accelerate_port', None) | ||||||
|         self.accelerate_ipv6  = ds.get('accelerate_ipv6', False) |         self.accelerate_ipv6  = ds.get('accelerate_ipv6', False) | ||||||
|         self.max_fail_pct     = int(ds.get('max_fail_percentage', 100)) |         self.max_fail_pct     = int(ds.get('max_fail_percentage', 100)) | ||||||
|         self.su               = ds.get('su', self.playbook.su) |  | ||||||
|         self.su_user          = ds.get('su_user', self.playbook.su_user) |  | ||||||
| 
 | 
 | ||||||
|         load_vars = {} |         load_vars = {} | ||||||
|         load_vars['playbook_dir'] = self.basedir |         load_vars['playbook_dir'] = self.basedir | ||||||
|  | @ -435,8 +432,7 @@ class Play(object): | ||||||
| 
 | 
 | ||||||
|     # ************************************************* |     # ************************************************* | ||||||
| 
 | 
 | ||||||
|     def _load_tasks(self, tasks, vars=None, default_vars=None, sudo_vars=None, |     def _load_tasks(self, tasks, vars=None, default_vars=None, sudo_vars=None, additional_conditions=None, original_file=None, role_name=None): | ||||||
|                     additional_conditions=None, original_file=None, role_name=None): |  | ||||||
|         ''' handle task and handler include statements ''' |         ''' handle task and handler include statements ''' | ||||||
| 
 | 
 | ||||||
|         results = [] |         results = [] | ||||||
|  | @ -473,7 +469,7 @@ class Play(object): | ||||||
| 
 | 
 | ||||||
|             if 'meta' in x: |             if 'meta' in x: | ||||||
|                 if x['meta'] == 'flush_handlers': |                 if x['meta'] == 'flush_handlers': | ||||||
|                     results.append(Task(self, x)) |                     results.append(Task(self,x)) | ||||||
|                     continue |                     continue | ||||||
| 
 | 
 | ||||||
|             task_vars = self.vars.copy() |             task_vars = self.vars.copy() | ||||||
|  | @ -541,13 +537,7 @@ class Play(object): | ||||||
|                     loaded = self._load_tasks(data, mv, default_vars, included_sudo_vars, list(included_additional_conditions), original_file=include_filename, role_name=new_role) |                     loaded = self._load_tasks(data, mv, default_vars, included_sudo_vars, list(included_additional_conditions), original_file=include_filename, role_name=new_role) | ||||||
|                     results += loaded |                     results += loaded | ||||||
|             elif type(x) == dict: |             elif type(x) == dict: | ||||||
|                 task = Task( |                 task = Task(self,x,module_vars=task_vars,default_vars=default_vars,additional_conditions=list(additional_conditions),role_name=role_name) | ||||||
|                     self, x, |  | ||||||
|                     module_vars=task_vars, |  | ||||||
|                     default_vars=default_vars, |  | ||||||
|                     additional_conditions=list(additional_conditions), |  | ||||||
|                     role_name=role_name |  | ||||||
|                 ) |  | ||||||
|                 results.append(task) |                 results.append(task) | ||||||
|             else: |             else: | ||||||
|                 raise Exception("unexpected task type") |                 raise Exception("unexpected task type") | ||||||
|  |  | ||||||
|  | @ -30,8 +30,7 @@ class Task(object): | ||||||
|         'delegate_to', 'first_available_file', 'ignore_errors', |         'delegate_to', 'first_available_file', 'ignore_errors', | ||||||
|         'local_action', 'transport', 'sudo', 'remote_user', 'sudo_user', 'sudo_pass', |         'local_action', 'transport', 'sudo', 'remote_user', 'sudo_user', 'sudo_pass', | ||||||
|         'items_lookup_plugin', 'items_lookup_terms', 'environment', 'args', |         'items_lookup_plugin', 'items_lookup_terms', 'environment', 'args', | ||||||
|         'any_errors_fatal', 'changed_when', 'failed_when', 'always_run', 'delay', 'retries', 'until', |         'any_errors_fatal', 'changed_when', 'failed_when', 'always_run', 'delay', 'retries', 'until' | ||||||
|         'su', 'su_user', 'su_pass' |  | ||||||
|     ] |     ] | ||||||
| 
 | 
 | ||||||
|     # to prevent typos and such |     # to prevent typos and such | ||||||
|  | @ -40,8 +39,7 @@ class Task(object): | ||||||
|          'first_available_file', 'include', 'tags', 'register', 'ignore_errors', |          'first_available_file', 'include', 'tags', 'register', 'ignore_errors', | ||||||
|          'delegate_to', 'local_action', 'transport', 'remote_user', 'sudo', 'sudo_user', |          'delegate_to', 'local_action', 'transport', 'remote_user', 'sudo', 'sudo_user', | ||||||
|          'sudo_pass', 'when', 'connection', 'environment', 'args', |          'sudo_pass', 'when', 'connection', 'environment', 'args', | ||||||
|          'any_errors_fatal', 'changed_when', 'failed_when', 'always_run', 'delay', 'retries', 'until', |          'any_errors_fatal', 'changed_when', 'failed_when', 'always_run', 'delay', 'retries', 'until' | ||||||
|          'su', 'su_user', 'su_pass' |  | ||||||
|     ] |     ] | ||||||
| 
 | 
 | ||||||
|     def __init__(self, play, ds, module_vars=None, default_vars=None, additional_conditions=None, role_name=None): |     def __init__(self, play, ds, module_vars=None, default_vars=None, additional_conditions=None, role_name=None): | ||||||
|  | @ -119,7 +117,6 @@ class Task(object): | ||||||
|         self.tags         = [ 'all' ] |         self.tags         = [ 'all' ] | ||||||
|         self.register     = ds.get('register', None) |         self.register     = ds.get('register', None) | ||||||
|         self.sudo         = utils.boolean(ds.get('sudo', play.sudo)) |         self.sudo         = utils.boolean(ds.get('sudo', play.sudo)) | ||||||
|         self.su           = utils.boolean(ds.get('sudo', play.su)) |  | ||||||
|         self.environment  = ds.get('environment', {}) |         self.environment  = ds.get('environment', {}) | ||||||
|         self.role_name    = role_name |         self.role_name    = role_name | ||||||
|          |          | ||||||
|  | @ -145,17 +142,12 @@ class Task(object): | ||||||
|         else: |         else: | ||||||
|             self.remote_user      = ds.get('remote_user', play.playbook.remote_user) |             self.remote_user      = ds.get('remote_user', play.playbook.remote_user) | ||||||
| 
 | 
 | ||||||
|         self.sudo_user    = None |  | ||||||
|         self.sudo_pass    = None |  | ||||||
|         self.su_user      = None |  | ||||||
|         self.su_pass      = None |  | ||||||
| 
 |  | ||||||
|         if self.sudo: |         if self.sudo: | ||||||
|             self.sudo_user    = ds.get('sudo_user', play.sudo_user) |             self.sudo_user    = ds.get('sudo_user', play.sudo_user) | ||||||
|             self.sudo_pass    = ds.get('sudo_pass', play.playbook.sudo_pass) |             self.sudo_pass    = ds.get('sudo_pass', play.playbook.sudo_pass) | ||||||
|         elif self.su: |         else: | ||||||
|             self.su_user      = ds.get('su_user', play.su_user) |             self.sudo_user    = None | ||||||
|             self.su_pass      = ds.get('su_pass', play.playbook.su_pass) |             self.sudo_pass    = None | ||||||
|          |          | ||||||
|         # Both are defined |         # Both are defined | ||||||
|         if ('action' in ds) and ('local_action' in ds): |         if ('action' in ds) and ('local_action' in ds): | ||||||
|  |  | ||||||
|  | @ -141,9 +141,6 @@ class Runner(object): | ||||||
|         accelerate=False,                   # use accelerated connection |         accelerate=False,                   # use accelerated connection | ||||||
|         accelerate_ipv6=False,              # accelerated connection w/ IPv6 |         accelerate_ipv6=False,              # accelerated connection w/ IPv6 | ||||||
|         accelerate_port=None,               # port to use with accelerated connection |         accelerate_port=None,               # port to use with accelerated connection | ||||||
|         su=False,                           # Are we running our command via su? |  | ||||||
|         su_user=None,                       # User to su to when running command, ex: 'root' |  | ||||||
|         su_pass=C.DEFAULT_SU_PASS |  | ||||||
|         ): |         ): | ||||||
| 
 | 
 | ||||||
|         # used to lock multiprocess inputs and outputs at various levels |         # used to lock multiprocess inputs and outputs at various levels | ||||||
|  | @ -191,9 +188,6 @@ class Runner(object): | ||||||
|         self.accelerate_ipv6  = accelerate_ipv6 |         self.accelerate_ipv6  = accelerate_ipv6 | ||||||
|         self.callbacks.runner = self |         self.callbacks.runner = self | ||||||
|         self.original_transport = self.transport |         self.original_transport = self.transport | ||||||
|         self.su               = su |  | ||||||
|         self.su_user          = su_user |  | ||||||
|         self.su_pass          = su_pass |  | ||||||
| 
 | 
 | ||||||
|         if self.transport == 'smart': |         if self.transport == 'smart': | ||||||
|             # if the transport is 'smart' see if SSH can support ControlPersist if not use paramiko |             # if the transport is 'smart' see if SSH can support ControlPersist if not use paramiko | ||||||
|  | @ -317,13 +311,12 @@ class Runner(object): | ||||||
|            or async_jid is not None |            or async_jid is not None | ||||||
|            or not conn.has_pipelining |            or not conn.has_pipelining | ||||||
|            or not C.ANSIBLE_SSH_PIPELINING |            or not C.ANSIBLE_SSH_PIPELINING | ||||||
|            or C.DEFAULT_KEEP_REMOTE_FILES |            or C.DEFAULT_KEEP_REMOTE_FILES): | ||||||
|            or self.su): |  | ||||||
|             self._transfer_str(conn, tmp, module_name, module_data) |             self._transfer_str(conn, tmp, module_name, module_data) | ||||||
| 
 | 
 | ||||||
|         environment_string = self._compute_environment_string(inject) |         environment_string = self._compute_environment_string(inject) | ||||||
| 
 | 
 | ||||||
|         if (self.sudo or self.su) and (self.sudo_user != 'root' or self.su_user != 'root'): |         if tmp.find("tmp") != -1 and self.sudo and self.sudo_user != 'root': | ||||||
|             # deal with possible umask issues once sudo'ed to other user |             # deal with possible umask issues once sudo'ed to other user | ||||||
|             cmd_chmod = "chmod a+r %s" % remote_module_path |             cmd_chmod = "chmod a+r %s" % remote_module_path | ||||||
|             self._low_level_exec_command(conn, cmd_chmod, tmp, sudoable=False) |             self._low_level_exec_command(conn, cmd_chmod, tmp, sudoable=False) | ||||||
|  | @ -350,7 +343,7 @@ class Runner(object): | ||||||
|             else: |             else: | ||||||
|                 argsfile = self._transfer_str(conn, tmp, 'arguments', args) |                 argsfile = self._transfer_str(conn, tmp, 'arguments', args) | ||||||
| 
 | 
 | ||||||
|             if (self.sudo or self.su) and (self.sudo_user != 'root' or self.su_user != 'root'): |             if self.sudo and self.sudo_user != 'root': | ||||||
|                 # deal with possible umask issues once sudo'ed to other user |                 # deal with possible umask issues once sudo'ed to other user | ||||||
|                 cmd_args_chmod = "chmod a+r %s" % argsfile |                 cmd_args_chmod = "chmod a+r %s" % argsfile | ||||||
|                 self._low_level_exec_command(conn, cmd_args_chmod, tmp, sudoable=False) |                 self._low_level_exec_command(conn, cmd_args_chmod, tmp, sudoable=False) | ||||||
|  | @ -361,7 +354,7 @@ class Runner(object): | ||||||
|                 cmd = " ".join([str(x) for x in [remote_module_path, async_jid, async_limit, async_module, argsfile]]) |                 cmd = " ".join([str(x) for x in [remote_module_path, async_jid, async_limit, async_module, argsfile]]) | ||||||
|         else: |         else: | ||||||
|             if async_jid is None: |             if async_jid is None: | ||||||
|                 if conn.has_pipelining and C.ANSIBLE_SSH_PIPELINING and not C.DEFAULT_KEEP_REMOTE_FILES and not self.su: |                 if conn.has_pipelining and C.ANSIBLE_SSH_PIPELINING and not C.DEFAULT_KEEP_REMOTE_FILES: | ||||||
|                     in_data = module_data |                     in_data = module_data | ||||||
|                 else: |                 else: | ||||||
|                     cmd = "%s" % (remote_module_path) |                     cmd = "%s" % (remote_module_path) | ||||||
|  | @ -376,7 +369,7 @@ class Runner(object): | ||||||
|         cmd = cmd.strip() |         cmd = cmd.strip() | ||||||
| 
 | 
 | ||||||
|         if tmp.find("tmp") != -1 and not C.DEFAULT_KEEP_REMOTE_FILES and not persist_files: |         if tmp.find("tmp") != -1 and not C.DEFAULT_KEEP_REMOTE_FILES and not persist_files: | ||||||
|             if not self.sudo or self.su or self.sudo_user == 'root' or self.su_user == 'root': |             if not self.sudo or self.sudo_user == 'root': | ||||||
|                 # not sudoing or sudoing to root, so can cleanup files in the same step |                 # not sudoing or sudoing to root, so can cleanup files in the same step | ||||||
|                 cmd = cmd + "; rm -rf %s >/dev/null 2>&1" % tmp |                 cmd = cmd + "; rm -rf %s >/dev/null 2>&1" % tmp | ||||||
| 
 | 
 | ||||||
|  | @ -386,13 +379,10 @@ class Runner(object): | ||||||
|             # specified in the play, not the sudo_user |             # specified in the play, not the sudo_user | ||||||
|             sudoable = False |             sudoable = False | ||||||
| 
 | 
 | ||||||
|         if self.su: |  | ||||||
|             res = self._low_level_exec_command(conn, cmd, tmp, su=sudoable, in_data=in_data) |  | ||||||
|         else: |  | ||||||
|         res = self._low_level_exec_command(conn, cmd, tmp, sudoable=sudoable, in_data=in_data) |         res = self._low_level_exec_command(conn, cmd, tmp, sudoable=sudoable, in_data=in_data) | ||||||
| 
 | 
 | ||||||
|         if tmp.find("tmp") != -1 and not C.DEFAULT_KEEP_REMOTE_FILES and not persist_files: |         if tmp.find("tmp") != -1 and not C.DEFAULT_KEEP_REMOTE_FILES and not persist_files: | ||||||
|             if (self.sudo or self.su) and (self.sudo_user != 'root' or self.su_user != 'root'): |             if self.sudo and self.sudo_user != 'root': | ||||||
|             # not sudoing to root, so maybe can't delete files as that other user |             # not sudoing to root, so maybe can't delete files as that other user | ||||||
|             # have to clean up temp files as original user in a second step |             # have to clean up temp files as original user in a second step | ||||||
|                 cmd2 = "rm -rf %s >/dev/null 2>&1" % tmp |                 cmd2 = "rm -rf %s >/dev/null 2>&1" % tmp | ||||||
|  | @ -623,9 +613,6 @@ class Runner(object): | ||||||
|         actual_transport = inject.get('ansible_connection', self.transport) |         actual_transport = inject.get('ansible_connection', self.transport) | ||||||
|         actual_private_key_file = inject.get('ansible_ssh_private_key_file', self.private_key_file) |         actual_private_key_file = inject.get('ansible_ssh_private_key_file', self.private_key_file) | ||||||
|         self.sudo_pass = inject.get('ansible_sudo_pass', self.sudo_pass) |         self.sudo_pass = inject.get('ansible_sudo_pass', self.sudo_pass) | ||||||
|         self.su = inject.get('ansible_su', self.su_pass) |  | ||||||
|         self.su_user = inject.get('ansible_su_user', self.su_user) |  | ||||||
|         self.su_pass = inject.get('ansible_su_pass', self.su_pass) |  | ||||||
| 
 | 
 | ||||||
|         if actual_private_key_file is not None: |         if actual_private_key_file is not None: | ||||||
|             actual_private_key_file = os.path.expanduser(actual_private_key_file) |             actual_private_key_file = os.path.expanduser(actual_private_key_file) | ||||||
|  | @ -811,10 +798,7 @@ class Runner(object): | ||||||
|         if tmp.find("tmp") != -1: |         if tmp.find("tmp") != -1: | ||||||
|             # tmp has already been created |             # tmp has already been created | ||||||
|             return False |             return False | ||||||
|         if not conn.has_pipelining or not C.ANSIBLE_SSH_PIPELINING or C.DEFAULT_KEEP_REMOTE_FILES or self.su: |         if not conn.has_pipelining or not C.ANSIBLE_SSH_PIPELINING or C.DEFAULT_KEEP_REMOTE_FILES: | ||||||
|             # tmp is necessary to store module source code |  | ||||||
|             return True |  | ||||||
|         if not conn.has_pipelining: |  | ||||||
|             # tmp is necessary to store the module source code |             # tmp is necessary to store the module source code | ||||||
|             # or we want to keep the files on the target system |             # or we want to keep the files on the target system | ||||||
|             return True |             return True | ||||||
|  | @ -826,36 +810,20 @@ class Runner(object): | ||||||
| 
 | 
 | ||||||
|     # ***************************************************** |     # ***************************************************** | ||||||
| 
 | 
 | ||||||
|     def _low_level_exec_command(self, conn, cmd, tmp, sudoable=False, |     def _low_level_exec_command(self, conn, cmd, tmp, sudoable=False, executable=None, in_data=None): | ||||||
|                                 executable=None, su=False, in_data=None): |  | ||||||
|         ''' execute a command string over SSH, return the output ''' |         ''' execute a command string over SSH, return the output ''' | ||||||
| 
 | 
 | ||||||
|         if executable is None: |         if executable is None: | ||||||
|             executable = C.DEFAULT_EXECUTABLE |             executable = C.DEFAULT_EXECUTABLE | ||||||
| 
 | 
 | ||||||
|         sudo_user = self.sudo_user |         sudo_user = self.sudo_user | ||||||
|         su_user = self.su_user |  | ||||||
| 
 | 
 | ||||||
|         # compare connection user to sudo_user and disable if the same |         # compare connection user to sudo_user and disable if the same | ||||||
|         if hasattr(conn, 'user'): |         if hasattr(conn, 'user'): | ||||||
|             if conn.user == sudo_user or conn.user == su_user: |             if conn.user == sudo_user: | ||||||
|                 sudoable = False |                 sudoable = False | ||||||
|                 su = False |  | ||||||
| 
 | 
 | ||||||
|         if su: |         rc, stdin, stdout, stderr = conn.exec_command(cmd, tmp, sudo_user, sudoable=sudoable, executable=executable, in_data=in_data) | ||||||
|             rc, stdin, stdout, stderr = conn.exec_command(cmd, |  | ||||||
|                                                           tmp, |  | ||||||
|                                                           su_user=su_user, |  | ||||||
|                                                           su=su, |  | ||||||
|                                                           executable=executable, |  | ||||||
|                                                           in_data=in_data) |  | ||||||
|         else: |  | ||||||
|             rc, stdin, stdout, stderr = conn.exec_command(cmd, |  | ||||||
|                                                           tmp, |  | ||||||
|                                                           sudo_user, |  | ||||||
|                                                           sudoable=sudoable, |  | ||||||
|                                                           executable=executable, |  | ||||||
|                                                           in_data=in_data) |  | ||||||
| 
 | 
 | ||||||
|         if type(stdout) not in [ str, unicode ]: |         if type(stdout) not in [ str, unicode ]: | ||||||
|             out = ''.join(stdout.readlines()) |             out = ''.join(stdout.readlines()) | ||||||
|  | @ -913,11 +881,11 @@ class Runner(object): | ||||||
| 
 | 
 | ||||||
|         basefile = 'ansible-tmp-%s-%s' % (time.time(), random.randint(0, 2**48)) |         basefile = 'ansible-tmp-%s-%s' % (time.time(), random.randint(0, 2**48)) | ||||||
|         basetmp = os.path.join(C.DEFAULT_REMOTE_TMP, basefile) |         basetmp = os.path.join(C.DEFAULT_REMOTE_TMP, basefile) | ||||||
|         if (self.sudo or self.su) and (self.sudo_user != 'root' or self.su != 'root') and basetmp.startswith('$HOME'): |         if self.sudo and self.sudo_user != 'root' and basetmp.startswith('$HOME'): | ||||||
|             basetmp = os.path.join('/tmp', basefile) |             basetmp = os.path.join('/tmp', basefile) | ||||||
| 
 | 
 | ||||||
|         cmd = 'mkdir -p %s' % basetmp |         cmd = 'mkdir -p %s' % basetmp | ||||||
|         if self.remote_user != 'root' or ((self.sudo or self.su) and (self.sudo_user != 'root' or self.su != 'root')): |         if self.remote_user != 'root' or (self.sudo and self.sudo_user != 'root'): | ||||||
|             cmd += ' && chmod a+rx %s' % basetmp |             cmd += ' && chmod a+rx %s' % basetmp | ||||||
|         cmd += ' && echo %s' % basetmp |         cmd += ' && echo %s' % basetmp | ||||||
| 
 | 
 | ||||||
|  |  | ||||||
|  | @ -159,12 +159,9 @@ class Connection(object): | ||||||
|         except socket.timeout: |         except socket.timeout: | ||||||
|             raise errors.AnsibleError("timed out while waiting to receive data") |             raise errors.AnsibleError("timed out while waiting to receive data") | ||||||
| 
 | 
 | ||||||
|     def exec_command(self, cmd, tmp_path, sudo_user=None, sudoable=False, executable='/bin/sh', in_data=None, su=None, su_user=None): |     def exec_command(self, cmd, tmp_path, sudo_user, sudoable=False, executable='/bin/sh', in_data=None): | ||||||
|         ''' run a command on the remote host ''' |         ''' run a command on the remote host ''' | ||||||
| 
 | 
 | ||||||
|         if su or su_user: |  | ||||||
|             raise errors.AnsibleError("Internal Error: this module does not support running commands via su") |  | ||||||
| 
 |  | ||||||
|         if in_data: |         if in_data: | ||||||
|             raise errors.AnsibleError("Internal Error: this module does not support optimized module pipelining") |             raise errors.AnsibleError("Internal Error: this module does not support optimized module pipelining") | ||||||
| 
 | 
 | ||||||
|  |  | ||||||
|  | @ -60,12 +60,9 @@ class Connection(object): | ||||||
| 
 | 
 | ||||||
|         return self |         return self | ||||||
| 
 | 
 | ||||||
|     def exec_command(self, cmd, tmp_path, sudo_user=None, sudoable=False, executable='/bin/sh', in_data=None, su=None, su_user=None): |     def exec_command(self, cmd, tmp_path, sudo_user, sudoable=False, executable='/bin/sh', in_data=None): | ||||||
|         ''' run a command on the chroot ''' |         ''' run a command on the chroot ''' | ||||||
| 
 | 
 | ||||||
|         if su or su_user: |  | ||||||
|             raise errors.AnsibleError("Internal Error: this module does not support running commands via su") |  | ||||||
| 
 |  | ||||||
|         if in_data: |         if in_data: | ||||||
|             raise errors.AnsibleError("Internal Error: this module does not support optimized module pipelining") |             raise errors.AnsibleError("Internal Error: this module does not support optimized module pipelining") | ||||||
| 
 | 
 | ||||||
|  |  | ||||||
|  | @ -68,7 +68,7 @@ class Connection(object): | ||||||
| 
 | 
 | ||||||
|         return self |         return self | ||||||
| 
 | 
 | ||||||
|     def exec_command(self, cmd, tmp_path, sudo_user, sudoable=False, executable='/bin/sh', in_data=None, su_user=None, su=None): |     def exec_command(self, cmd, tmp_path, sudo_user, sudoable=False, executable='/bin/sh', in_data=None): | ||||||
|         ''' run a command on the remote host ''' |         ''' run a command on the remote host ''' | ||||||
| 
 | 
 | ||||||
|         if in_data: |         if in_data: | ||||||
|  | @ -76,9 +76,9 @@ class Connection(object): | ||||||
| 
 | 
 | ||||||
|         vvv("EXEC COMMAND %s" % cmd) |         vvv("EXEC COMMAND %s" % cmd) | ||||||
| 
 | 
 | ||||||
|         if (self.runner.sudo and sudoable) or (self.runner.su and su): |         if self.runner.sudo and sudoable: | ||||||
|             raise errors.AnsibleError( |             raise errors.AnsibleError( | ||||||
|                 "When using fireball, do not specify sudo or su to run your tasks. " + |                 "When using fireball, do not specify sudo to run your tasks. " + | ||||||
|                 "Instead sudo the fireball action with sudo. " + |                 "Instead sudo the fireball action with sudo. " + | ||||||
|                 "Task will communicate with the fireball already running in sudo mode." |                 "Task will communicate with the fireball already running in sudo mode." | ||||||
|             ) |             ) | ||||||
|  |  | ||||||
|  | @ -53,13 +53,10 @@ class Connection(object): | ||||||
|         self.client = fc.Client(self.host) |         self.client = fc.Client(self.host) | ||||||
|         return self |         return self | ||||||
| 
 | 
 | ||||||
|     def exec_command(self, cmd, tmp_path, sudo_user=None, sudoable=False, |     def exec_command(self, cmd, tmp_path, sudo_user, sudoable=False, | ||||||
|                      executable='/bin/sh', in_data=None, su=None, su_user=None): |                      executable='/bin/sh', in_data=None): | ||||||
|         ''' run a command on the remote minion ''' |         ''' run a command on the remote minion ''' | ||||||
| 
 | 
 | ||||||
|         if su or su_user: |  | ||||||
|             raise errors.AnsibleError("Internal Error: this module does not support running commands via su") |  | ||||||
| 
 |  | ||||||
|         if in_data: |         if in_data: | ||||||
|             raise errors.AnsibleError("Internal Error: this module does not support optimized module pipelining") |             raise errors.AnsibleError("Internal Error: this module does not support optimized module pipelining") | ||||||
| 
 | 
 | ||||||
|  |  | ||||||
|  | @ -91,12 +91,9 @@ class Connection(object): | ||||||
|             local_cmd = '%s "%s" %s' % (self.jexec_cmd, self.jail, cmd) |             local_cmd = '%s "%s" %s' % (self.jexec_cmd, self.jail, cmd) | ||||||
|         return local_cmd |         return local_cmd | ||||||
| 
 | 
 | ||||||
|     def exec_command(self, cmd, tmp_path, sudo_user=None, sudoable=False, executable='/bin/sh', in_data=None, su=None, su_user=None): |     def exec_command(self, cmd, tmp_path, sudo_user, sudoable=False, executable='/bin/sh', in_data=None): | ||||||
|         ''' run a command on the chroot ''' |         ''' run a command on the chroot ''' | ||||||
| 
 | 
 | ||||||
|         if su or su_user: |  | ||||||
|             raise errors.AnsibleError("Internal Error: this module does not support running commands via su") |  | ||||||
| 
 |  | ||||||
|         if in_data: |         if in_data: | ||||||
|             raise errors.AnsibleError("Internal Error: this module does not support optimized module pipelining") |             raise errors.AnsibleError("Internal Error: this module does not support optimized module pipelining") | ||||||
| 
 | 
 | ||||||
|  |  | ||||||
|  | @ -41,13 +41,9 @@ class Connection(object): | ||||||
| 
 | 
 | ||||||
|         return self |         return self | ||||||
| 
 | 
 | ||||||
|     def exec_command(self, cmd, tmp_path, sudo_user=None, sudoable=False, executable='/bin/sh', in_data=None, su=None, su_user=None): |     def exec_command(self, cmd, tmp_path, sudo_user, sudoable=False, executable='/bin/sh', in_data=None): | ||||||
|         ''' run a command on the local host ''' |         ''' run a command on the local host ''' | ||||||
| 
 | 
 | ||||||
|         # su requires to be run from a terminal, and therefore isn't supported here (yet?) |  | ||||||
|         if su or su_user: |  | ||||||
|             raise errors.AnsibleError("Internal Error: this module does not support running commands via su") |  | ||||||
| 
 |  | ||||||
|         if in_data: |         if in_data: | ||||||
|             raise errors.AnsibleError("Internal Error: this module does not support optimized module pipelining") |             raise errors.AnsibleError("Internal Error: this module does not support optimized module pipelining") | ||||||
| 
 | 
 | ||||||
|  |  | ||||||
|  | @ -176,7 +176,7 @@ class Connection(object): | ||||||
| 
 | 
 | ||||||
|         return ssh |         return ssh | ||||||
| 
 | 
 | ||||||
|     def exec_command(self, cmd, tmp_path, sudo_user=None, sudoable=False, executable='/bin/sh', in_data=None, su=None, su_user=None): |     def exec_command(self, cmd, tmp_path, sudo_user, sudoable=False, executable='/bin/sh', in_data=None): | ||||||
|         ''' run a command on the remote host ''' |         ''' run a command on the remote host ''' | ||||||
| 
 | 
 | ||||||
|         if in_data: |         if in_data: | ||||||
|  | @ -191,7 +191,7 @@ class Connection(object): | ||||||
|                 msg += ": %s" % str(e) |                 msg += ": %s" % str(e) | ||||||
|             raise errors.AnsibleConnectionFailed(msg) |             raise errors.AnsibleConnectionFailed(msg) | ||||||
| 
 | 
 | ||||||
|         if not (self.runner.sudo and sudo) and not (self.runner.su and su): |         if not self.runner.sudo or not sudoable: | ||||||
|             if executable: |             if executable: | ||||||
|                 quoted_command = executable + ' -c ' + pipes.quote(cmd) |                 quoted_command = executable + ' -c ' + pipes.quote(cmd) | ||||||
|             else: |             else: | ||||||
|  | @ -206,15 +206,12 @@ class Connection(object): | ||||||
|                 chan.get_pty(term=os.getenv('TERM', 'vt100'), |                 chan.get_pty(term=os.getenv('TERM', 'vt100'), | ||||||
|                              width=int(os.getenv('COLUMNS', 0)), |                              width=int(os.getenv('COLUMNS', 0)), | ||||||
|                              height=int(os.getenv('LINES', 0))) |                              height=int(os.getenv('LINES', 0))) | ||||||
|             if self.runner.sudo or sudoable: |  | ||||||
|             shcmd, prompt, success_key = utils.make_sudo_cmd(sudo_user, executable, cmd) |             shcmd, prompt, success_key = utils.make_sudo_cmd(sudo_user, executable, cmd) | ||||||
|             elif self.runner.su or su: |  | ||||||
|                 shcmd, prompt, success_key = utils.make_su_cmd(su_user, executable, cmd) |  | ||||||
|             vvv("EXEC %s" % shcmd, host=self.host) |             vvv("EXEC %s" % shcmd, host=self.host) | ||||||
|             sudo_output = '' |             sudo_output = '' | ||||||
|             try: |             try: | ||||||
|                 chan.exec_command(shcmd) |                 chan.exec_command(shcmd) | ||||||
|                 if self.runner.sudo_pass or self.runner.su_pass: |                 if self.runner.sudo_pass: | ||||||
|                     while not sudo_output.endswith(prompt) and success_key not in sudo_output: |                     while not sudo_output.endswith(prompt) and success_key not in sudo_output: | ||||||
|                         chunk = chan.recv(bufsize) |                         chunk = chan.recv(bufsize) | ||||||
|                         if not chunk: |                         if not chunk: | ||||||
|  | @ -226,10 +223,7 @@ class Connection(object): | ||||||
|                                     'closed waiting for password prompt') |                                     'closed waiting for password prompt') | ||||||
|                         sudo_output += chunk |                         sudo_output += chunk | ||||||
|                     if success_key not in sudo_output: |                     if success_key not in sudo_output: | ||||||
|                         if sudoable: |  | ||||||
|                         chan.sendall(self.runner.sudo_pass + '\n') |                         chan.sendall(self.runner.sudo_pass + '\n') | ||||||
|                         elif su: |  | ||||||
|                             chan.sendall(self.runner.su_pass + '\n') |  | ||||||
|             except socket.timeout: |             except socket.timeout: | ||||||
|                 raise errors.AnsibleError('ssh timed out waiting for sudo.\n' + sudo_output) |                 raise errors.AnsibleError('ssh timed out waiting for sudo.\n' + sudo_output) | ||||||
| 
 | 
 | ||||||
|  |  | ||||||
|  | @ -145,7 +145,7 @@ class Connection(object): | ||||||
|                     return False |                     return False | ||||||
|         return True |         return True | ||||||
| 
 | 
 | ||||||
|     def exec_command(self, cmd, tmp_path, sudo_user=None, sudoable=False, executable='/bin/sh', in_data=None, su_user=None, su=False): |     def exec_command(self, cmd, tmp_path, sudo_user,sudoable=False, executable='/bin/sh', in_data=None): | ||||||
|         ''' run a command on the remote host ''' |         ''' run a command on the remote host ''' | ||||||
| 
 | 
 | ||||||
|         ssh_cmd = self._password_cmd() |         ssh_cmd = self._password_cmd() | ||||||
|  | @ -165,10 +165,7 @@ class Connection(object): | ||||||
|             ssh_cmd += ['-6'] |             ssh_cmd += ['-6'] | ||||||
|         ssh_cmd += [self.host] |         ssh_cmd += [self.host] | ||||||
| 
 | 
 | ||||||
|         if su and su_user: |         if not self.runner.sudo or not sudoable: | ||||||
|             sudocmd, prompt, success_key = utils.make_su_cmd(su_user, executable, cmd) |  | ||||||
|             ssh_cmd.append(sudocmd) |  | ||||||
|         elif not self.runner.sudo or not sudoable: |  | ||||||
|             if executable: |             if executable: | ||||||
|                 ssh_cmd.append(executable + ' -c ' + pipes.quote(cmd)) |                 ssh_cmd.append(executable + ' -c ' + pipes.quote(cmd)) | ||||||
|             else: |             else: | ||||||
|  | @ -209,8 +206,7 @@ class Connection(object): | ||||||
| 
 | 
 | ||||||
|         self._send_password() |         self._send_password() | ||||||
| 
 | 
 | ||||||
|         if (self.runner.sudo and sudoable and self.runner.sudo_pass) or \ |         if self.runner.sudo and sudoable and self.runner.sudo_pass: | ||||||
|                 (self.runner.su and su and self.runner.su_pass): |  | ||||||
|             # several cases are handled for sudo privileges with password |             # several cases are handled for sudo privileges with password | ||||||
|             # * NOPASSWD (tty & no-tty): detect success_key on stdout |             # * NOPASSWD (tty & no-tty): detect success_key on stdout | ||||||
|             # * without NOPASSWD: |             # * without NOPASSWD: | ||||||
|  | @ -229,7 +225,7 @@ class Connection(object): | ||||||
|                 if p.stderr in rfd: |                 if p.stderr in rfd: | ||||||
|                     chunk = p.stderr.read() |                     chunk = p.stderr.read() | ||||||
|                     if not chunk: |                     if not chunk: | ||||||
|                         raise errors.AnsibleError('ssh connection closed waiting for sudo or su password prompt') |                         raise errors.AnsibleError('ssh connection closed waiting for sudo password prompt') | ||||||
|                     sudo_errput += chunk |                     sudo_errput += chunk | ||||||
|                     incorrect_password = gettext.dgettext( |                     incorrect_password = gettext.dgettext( | ||||||
|                         "sudo", "Sorry, try again.") |                         "sudo", "Sorry, try again.") | ||||||
|  | @ -241,19 +237,16 @@ class Connection(object): | ||||||
|                 if p.stdout in rfd: |                 if p.stdout in rfd: | ||||||
|                     chunk = p.stdout.read() |                     chunk = p.stdout.read() | ||||||
|                     if not chunk: |                     if not chunk: | ||||||
|                         raise errors.AnsibleError('ssh connection closed waiting for sudo or su password prompt') |                         raise errors.AnsibleError('ssh connection closed waiting for sudo password prompt') | ||||||
|                     sudo_output += chunk |                     sudo_output += chunk | ||||||
| 
 | 
 | ||||||
|                 if not rfd: |                 if not rfd: | ||||||
|                     # timeout. wrap up process communication |                     # timeout. wrap up process communication | ||||||
|                     stdout = p.communicate() |                     stdout = p.communicate() | ||||||
|                     raise errors.AnsibleError('ssh connection error waiting for sudo or su password prompt') |                     raise errors.AnsibleError('ssh connection error waiting for sudo password prompt') | ||||||
| 
 | 
 | ||||||
|             if success_key not in sudo_output: |             if success_key not in sudo_output: | ||||||
|                 if sudoable: |  | ||||||
|                 stdin.write(self.runner.sudo_pass + '\n') |                 stdin.write(self.runner.sudo_pass + '\n') | ||||||
|                 elif su: |  | ||||||
|                     stdin.write(self.runner.su_pass + '\n') |  | ||||||
|             fcntl.fcntl(p.stdout, fcntl.F_SETFL, fcntl.fcntl(p.stdout, fcntl.F_GETFL) & ~os.O_NONBLOCK) |             fcntl.fcntl(p.stdout, fcntl.F_SETFL, fcntl.fcntl(p.stdout, fcntl.F_GETFL) & ~os.O_NONBLOCK) | ||||||
|             fcntl.fcntl(p.stderr, fcntl.F_SETFL, fcntl.fcntl(p.stderr, fcntl.F_GETFL) & ~os.O_NONBLOCK) |             fcntl.fcntl(p.stderr, fcntl.F_SETFL, fcntl.fcntl(p.stderr, fcntl.F_GETFL) & ~os.O_NONBLOCK) | ||||||
|         # We can't use p.communicate here because the ControlMaster may have stdout open as well |         # We can't use p.communicate here because the ControlMaster may have stdout open as well | ||||||
|  | @ -269,19 +262,13 @@ class Connection(object): | ||||||
|         while True: |         while True: | ||||||
|             rfd, wfd, efd = select.select(rpipes, [], rpipes, 1) |             rfd, wfd, efd = select.select(rpipes, [], rpipes, 1) | ||||||
| 
 | 
 | ||||||
|             # fail early if the sudo/su password is wrong |             # fail early if the sudo password is wrong | ||||||
|             if self.runner.sudo and sudoable and self.runner.sudo_pass: |             if self.runner.sudo and sudoable and self.runner.sudo_pass: | ||||||
|                 incorrect_password = gettext.dgettext( |                 incorrect_password = gettext.dgettext( | ||||||
|                     "sudo", "Sorry, try again.") |                     "sudo", "Sorry, try again.") | ||||||
|                 if stdout.endswith("%s\r\n%s" % (incorrect_password, prompt)): |                 if stdout.endswith("%s\r\n%s" % (incorrect_password, prompt)): | ||||||
|                     raise errors.AnsibleError('Incorrect sudo password')  |                     raise errors.AnsibleError('Incorrect sudo password')  | ||||||
| 
 | 
 | ||||||
|             if self.runner.su and su and self.runner.sudo_pass: |  | ||||||
|                 incorrect_password = gettext.dgettext( |  | ||||||
|                     "su", "Sorry") |  | ||||||
|                 if stdout.endswith("%s\r\n%s" % (incorrect_password, prompt)): |  | ||||||
|                     raise errors.AnsibleError('Incorrect su password') |  | ||||||
| 
 |  | ||||||
|             if p.stdout in rfd: |             if p.stdout in rfd: | ||||||
|                 dat = os.read(p.stdout.fileno(), 9000) |                 dat = os.read(p.stdout.fileno(), 9000) | ||||||
|                 stdout += dat |                 stdout += dat | ||||||
|  |  | ||||||
|  | @ -145,7 +145,7 @@ class Connection(object): | ||||||
|                     return False |                     return False | ||||||
|         return True |         return True | ||||||
| 
 | 
 | ||||||
|     def exec_command(self, cmd, tmp_path, sudo_user=None, sudoable=False, executable='/bin/sh', in_data=None, su=False, su_user=None): |     def exec_command(self, cmd, tmp_path, sudo_user,sudoable=False, executable='/bin/sh', in_data=None): | ||||||
|         ''' run a command on the remote host ''' |         ''' run a command on the remote host ''' | ||||||
| 
 | 
 | ||||||
|         if in_data: |         if in_data: | ||||||
|  | @ -163,10 +163,7 @@ class Connection(object): | ||||||
|             ssh_cmd += ['-6'] |             ssh_cmd += ['-6'] | ||||||
|         ssh_cmd += [self.host] |         ssh_cmd += [self.host] | ||||||
| 
 | 
 | ||||||
|         if su and su_user: |         if not self.runner.sudo or not sudoable: | ||||||
|             sudocmd, prompt, success_key = utils.make_su_cmd(su_user, executable, cmd) |  | ||||||
|             ssh_cmd.append(sudocmd) |  | ||||||
|         elif not self.runner.sudo or not sudoable: |  | ||||||
|             if executable: |             if executable: | ||||||
|                 ssh_cmd.append(executable + ' -c ' + pipes.quote(cmd)) |                 ssh_cmd.append(executable + ' -c ' + pipes.quote(cmd)) | ||||||
|             else: |             else: | ||||||
|  | @ -186,6 +183,7 @@ class Connection(object): | ||||||
|             fcntl.lockf(self.runner.output_lockfile, fcntl.LOCK_EX) |             fcntl.lockf(self.runner.output_lockfile, fcntl.LOCK_EX) | ||||||
|          |          | ||||||
| 
 | 
 | ||||||
|  | 
 | ||||||
|         try: |         try: | ||||||
|             # Make sure stdin is a proper (pseudo) pty to avoid: tcgetattr errors |             # Make sure stdin is a proper (pseudo) pty to avoid: tcgetattr errors | ||||||
|             master, slave = pty.openpty() |             master, slave = pty.openpty() | ||||||
|  | @ -200,8 +198,7 @@ class Connection(object): | ||||||
| 
 | 
 | ||||||
|         self._send_password() |         self._send_password() | ||||||
| 
 | 
 | ||||||
|         if (self.runner.sudo and sudoable and self.runner.sudo_pass) or \ |         if self.runner.sudo and sudoable and self.runner.sudo_pass: | ||||||
|                 (self.runner.su and su and self.runner.su_pass): |  | ||||||
|             fcntl.fcntl(p.stdout, fcntl.F_SETFL, |             fcntl.fcntl(p.stdout, fcntl.F_SETFL, | ||||||
|                         fcntl.fcntl(p.stdout, fcntl.F_GETFL) | os.O_NONBLOCK) |                         fcntl.fcntl(p.stdout, fcntl.F_GETFL) | os.O_NONBLOCK) | ||||||
|             sudo_output = '' |             sudo_output = '' | ||||||
|  | @ -211,17 +208,13 @@ class Connection(object): | ||||||
|                 if p.stdout in rfd: |                 if p.stdout in rfd: | ||||||
|                     chunk = p.stdout.read() |                     chunk = p.stdout.read() | ||||||
|                     if not chunk: |                     if not chunk: | ||||||
|                         raise errors.AnsibleError('ssh connection closed waiting for sudo or su password prompt') |                         raise errors.AnsibleError('ssh connection closed waiting for sudo password prompt') | ||||||
|                     sudo_output += chunk |                     sudo_output += chunk | ||||||
|                 else: |                 else: | ||||||
|                     stdout = p.communicate() |                     stdout = p.communicate() | ||||||
|                     raise errors.AnsibleError('ssh connection error waiting for sudo or su password prompt') |                     raise errors.AnsibleError('ssh connection error waiting for sudo password prompt') | ||||||
| 
 |  | ||||||
|             if success_key not in sudo_output: |             if success_key not in sudo_output: | ||||||
|                 if sudoable: |  | ||||||
|                 stdin.write(self.runner.sudo_pass + '\n') |                 stdin.write(self.runner.sudo_pass + '\n') | ||||||
|                 elif su: |  | ||||||
|                     stdin.write(self.runner.su_pass + '\n') |  | ||||||
|             fcntl.fcntl(p.stdout, fcntl.F_SETFL, fcntl.fcntl(p.stdout, fcntl.F_GETFL) & ~os.O_NONBLOCK) |             fcntl.fcntl(p.stdout, fcntl.F_SETFL, fcntl.fcntl(p.stdout, fcntl.F_GETFL) & ~os.O_NONBLOCK) | ||||||
| 
 | 
 | ||||||
|         # We can't use p.communicate here because the ControlMaster may have stdout open as well |         # We can't use p.communicate here because the ControlMaster may have stdout open as well | ||||||
|  | @ -231,19 +224,13 @@ class Connection(object): | ||||||
|         while True: |         while True: | ||||||
|             rfd, wfd, efd = select.select(rpipes, [], rpipes, 1) |             rfd, wfd, efd = select.select(rpipes, [], rpipes, 1) | ||||||
| 
 | 
 | ||||||
|             # fail early if the sudo/su password is wrong |             # fail early if the sudo password is wrong | ||||||
|             if self.runner.sudo and sudoable and self.runner.sudo_pass: |             if self.runner.sudo and sudoable and self.runner.sudo_pass: | ||||||
|                 incorrect_password = gettext.dgettext( |                 incorrect_password = gettext.dgettext( | ||||||
|                     "sudo", "Sorry, try again.") |                     "sudo", "Sorry, try again.") | ||||||
|                 if stdout.endswith("%s\r\n%s" % (incorrect_password, prompt)): |                 if stdout.endswith("%s\r\n%s" % (incorrect_password, prompt)): | ||||||
|                     raise errors.AnsibleError('Incorrect sudo password')  |                     raise errors.AnsibleError('Incorrect sudo password')  | ||||||
| 
 | 
 | ||||||
|             if self.runner.su and su and self.runner.su_pass: |  | ||||||
|                 incorrect_password = gettext.dgettext( |  | ||||||
|                     "su", "su: Authentication failure") |  | ||||||
|                 if stdout.endswith("%s\r\n%s" % (incorrect_password, prompt)): |  | ||||||
|                     raise errors.AnsibleError('Incorrect su password') |  | ||||||
| 
 |  | ||||||
|             if p.stdout in rfd: |             if p.stdout in rfd: | ||||||
|                 dat = os.read(p.stdout.fileno(), 9000) |                 dat = os.read(p.stdout.fileno(), 9000) | ||||||
|                 stdout += dat |                 stdout += dat | ||||||
|  |  | ||||||
|  | @ -645,8 +645,6 @@ def base_parser(constants=C, usage="", output_opts=False, runas_opts=False, | ||||||
|         help='use this file to authenticate the connection') |         help='use this file to authenticate the connection') | ||||||
|     parser.add_option('-K', '--ask-sudo-pass', default=False, dest='ask_sudo_pass', action='store_true', |     parser.add_option('-K', '--ask-sudo-pass', default=False, dest='ask_sudo_pass', action='store_true', | ||||||
|         help='ask for sudo password') |         help='ask for sudo password') | ||||||
|     parser.add_option('--ask-su-pass', default=False, dest='ask_su_pass', |  | ||||||
|                       action='store_true', help='ask for su password') |  | ||||||
|     parser.add_option('--list-hosts', dest='listhosts', action='store_true', |     parser.add_option('--list-hosts', dest='listhosts', action='store_true', | ||||||
|         help='outputs a list of matching hosts; does not execute anything else') |         help='outputs a list of matching hosts; does not execute anything else') | ||||||
|     parser.add_option('-M', '--module-path', dest='module_path', |     parser.add_option('-M', '--module-path', dest='module_path', | ||||||
|  | @ -670,15 +668,11 @@ def base_parser(constants=C, usage="", output_opts=False, runas_opts=False, | ||||||
|     if runas_opts: |     if runas_opts: | ||||||
|         parser.add_option("-s", "--sudo", default=constants.DEFAULT_SUDO, action="store_true", |         parser.add_option("-s", "--sudo", default=constants.DEFAULT_SUDO, action="store_true", | ||||||
|             dest='sudo', help="run operations with sudo (nopasswd)") |             dest='sudo', help="run operations with sudo (nopasswd)") | ||||||
|         parser.add_option('-U', '--sudo-user', dest='sudo_user', default=None, |         parser.add_option('-U', '--sudo-user', dest='sudo_user', help='desired sudo user (default=root)', | ||||||
|                           help='desired sudo user (default=root)')  # Can't default to root because we need to detect when this option was given |             default=None)   # Can't default to root because we need to detect when this option was given | ||||||
|         parser.add_option('-u', '--user', default=constants.DEFAULT_REMOTE_USER, |         parser.add_option('-u', '--user', default=constants.DEFAULT_REMOTE_USER, | ||||||
|             dest='remote_user', help='connect as this user (default=%s)' % constants.DEFAULT_REMOTE_USER) |             dest='remote_user', | ||||||
| 
 |             help='connect as this user (default=%s)' % constants.DEFAULT_REMOTE_USER) | ||||||
|         parser.add_option('-S', '--su', default=constants.DEFAULT_SU, |  | ||||||
|                           action='store_true', help='run operations with su') |  | ||||||
|         parser.add_option('-R', '--su-user', help='run operations with su as this ' |  | ||||||
|                                                   'user (default=%s)' % constants.DEFAULT_SU_USER) |  | ||||||
| 
 | 
 | ||||||
|     if connect_opts: |     if connect_opts: | ||||||
|         parser.add_option('-c', '--connection', dest='connection', |         parser.add_option('-c', '--connection', dest='connection', | ||||||
|  | @ -705,12 +699,10 @@ def base_parser(constants=C, usage="", output_opts=False, runas_opts=False, | ||||||
| 
 | 
 | ||||||
|     return parser |     return parser | ||||||
| 
 | 
 | ||||||
| def ask_passwords(ask_pass=False, ask_sudo_pass=False, ask_su_pass=False): | def ask_passwords(ask_pass=False, ask_sudo_pass=False): | ||||||
|     sshpass = None |     sshpass = None | ||||||
|     sudopass = None |     sudopass = None | ||||||
|     su_pass = None |  | ||||||
|     sudo_prompt = "sudo password: " |     sudo_prompt = "sudo password: " | ||||||
|     su_prompt = "su password: " |  | ||||||
| 
 | 
 | ||||||
|     if ask_pass: |     if ask_pass: | ||||||
|         sshpass = getpass.getpass(prompt="SSH password: ") |         sshpass = getpass.getpass(prompt="SSH password: ") | ||||||
|  | @ -721,10 +713,7 @@ def ask_passwords(ask_pass=False, ask_sudo_pass=False, ask_su_pass=False): | ||||||
|         if ask_pass and sudopass == '': |         if ask_pass and sudopass == '': | ||||||
|             sudopass = sshpass |             sudopass = sshpass | ||||||
| 
 | 
 | ||||||
|     if ask_su_pass: |     return (sshpass, sudopass) | ||||||
|         su_pass = getpass.getpass(prompt=su_prompt) |  | ||||||
| 
 |  | ||||||
|     return (sshpass, sudopass, su_pass) |  | ||||||
| 
 | 
 | ||||||
| def do_encrypt(result, encrypt, salt_size=None, salt=None): | def do_encrypt(result, encrypt, salt_size=None, salt=None): | ||||||
|     if PASSLIB_AVAILABLE: |     if PASSLIB_AVAILABLE: | ||||||
|  | @ -797,21 +786,6 @@ def make_sudo_cmd(sudo_user, executable, cmd): | ||||||
|         prompt, sudo_user, executable or '$SHELL', pipes.quote('echo %s; %s' % (success_key, cmd))) |         prompt, sudo_user, executable or '$SHELL', pipes.quote('echo %s; %s' % (success_key, cmd))) | ||||||
|     return ('/bin/sh -c ' + pipes.quote(sudocmd), prompt, success_key) |     return ('/bin/sh -c ' + pipes.quote(sudocmd), prompt, success_key) | ||||||
| 
 | 
 | ||||||
| 
 |  | ||||||
| def make_su_cmd(su_user, executable, cmd): |  | ||||||
|     """ |  | ||||||
|     Helper function for connection plugins to create direct su commands |  | ||||||
|     """ |  | ||||||
|     # TODO: work on this function |  | ||||||
|     randbits = ''.join(chr(random.randint(ord('a'), ord('z'))) for x in xrange(32)) |  | ||||||
|     prompt = 'assword: ' |  | ||||||
|     success_key = 'SUDO-SUCCESS-%s' % randbits |  | ||||||
|     sudocmd = '%s %s %s %s -c %s' % ( |  | ||||||
|         C.DEFAULT_SU_EXE, C.DEFAULT_SU_FLAGS, su_user, executable or '$SHELL', |  | ||||||
|         pipes.quote('echo %s; %s' % (success_key, cmd)) |  | ||||||
|     ) |  | ||||||
|     return ('/bin/sh -c ' + pipes.quote(sudocmd), prompt, success_key) |  | ||||||
| 
 |  | ||||||
| _TO_UNICODE_TYPES = (unicode, type(None)) | _TO_UNICODE_TYPES = (unicode, type(None)) | ||||||
| 
 | 
 | ||||||
| def to_unicode(value): | def to_unicode(value): | ||||||
|  |  | ||||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue