- become constants inherit existing sudo/su ones
- become command line options, marked sudo/su as deprecated and moved sudo/su passwords to runas group
- changed method signatures as privlege escalation is collapsed to become
- added tests for su and become, diabled su for lack of support in local.py
- updated playbook,play and task objects to become
- added become to runner
- added whoami test for become/sudo/su
- added home override dir for plugins
- removed useless method from ask pass
- forced become pass to always be string also uses to_bytes
- fixed fakerunner for tests
- corrected reference in synchronize action plugin
- added pfexec (needs testing)
- removed unused sudo/su in runner init
- removed deprecated info
- updated pe tests to allow to run under sudo and not need root
- normalized become options into a funciton to avoid duplication and inconsistencies
- pushed suppored list to connection classs property
- updated all connection plugins to latest 'become' pe
- includes fixes from feedback (including typos)
- added draft docs
- stub of become_exe, leaving for future v2 fixes
When supplying a sudo password to a server that uses passwordless sudo,
we should not throw away useful stdout and stderr. This is particularly
important for modules that perform md5 checks as part of the pre module
execution.
Currently, ansible -vvvv show the following:
hostname EXEC ['ssh', '-C', '-vvv', '-o', 'ControlMaster=auto',
This is not good if someone want to cut and paste it to see if something
is wrong with the command line, so join the dictionnary strings with spaces
to have 1 string in the output.
Addresses multiple issues when using su on freebsd including
* su prompt differs between platforms, so turned that check into a
regex comparison instead of a simple string comparison
* not using '-c' after su causes problems, so added that for all
platforms
* fixed quoting issues due to multiple uses of '-c' introduced by
the above fix
Fixes#7503Fixes#7507
If someone add ssh_args = " " to his .ansible.cfg, it will result into
strange failure later :
<server.example.org> ESTABLISH CONNECTION FOR USER: misc
<server.example.org> REMOTE_MODULE ping
<server.example.org> EXEC ['ssh', '-C', '-tt', '-q', ' ', '-o', 'KbdInteractiveAuthentication=no',
'-o', 'PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey', '-o', 'PasswordAuthentication=no',
'-o', 'ConnectTimeout=10', 'server.example.org', "/bin/sh -c 'mkdir -p /tmp/ansible-tmp-1397947711.21-5932460998838
&& chmod a+rx /tmp/ansible-tmp-1397947711.21-5932460998838 && echo /tmp/ansible-tmp-1397947711.21-5932460998838'"]
server.example.org | FAILED => SSH encountered an unknown error during the connection. We recommend you re-run the
command using -vvvv, which will enable SSH debugging output to help diagnose the issue
The root cause is the empty string between -q and -o, who kinda break mkdir.
Any other module is able to detect a dark host, but raw was treating 255
as a return code from the module execution, rather from the connection
attempt. This change allows 255 to be treated as a connection failure
when using the raw module.
We break the read while loop after waiting "the end of the process" and
the pipes are empty, otherwise we do another select that waits all the
timeout.
In particular, do not rely on the $USER environment variable always existing.
tmux for example seems to clear it, causing lots of invalid messages:
"previous known host file not found"
This broke in commit 80fd22dc, but instead of reverting that commit, we now
fall back to expanding just ~ when $USER is not set.
