From 2bd6b1415b9131c3a7cb13724f5d31bb0d33846b Mon Sep 17 00:00:00 2001 From: James Cassell Date: Tue, 4 Dec 2018 18:24:32 -0500 Subject: [PATCH] become_method: make dzdo more like sudo (#47946) dzdo is basically a drop-in replacement for sudo and supports the same command line options. There is no become_flags set for dzdo like there is for sudo, so users will have to set that separately to have exactly the same functionality. --- lib/ansible/constants.py | 2 +- lib/ansible/playbook/play_context.py | 6 +++++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/lib/ansible/constants.py b/lib/ansible/constants.py index 65892e01b9..8167e67f21 100644 --- a/lib/ansible/constants.py +++ b/lib/ansible/constants.py @@ -76,7 +76,7 @@ BECOME_ERROR_STRINGS = { 'pbrun': '', 'pfexec': '', 'doas': 'Permission denied', - 'dzdo': '', + 'dzdo': 'Sorry, try again.', 'ksu': 'Password incorrect', 'pmrun': 'You are not permitted to run this command', 'enable': '', diff --git a/lib/ansible/playbook/play_context.py b/lib/ansible/playbook/play_context.py index de3a702250..3c7c1feb5d 100644 --- a/lib/ansible/playbook/play_context.py +++ b/lib/ansible/playbook/play_context.py @@ -539,11 +539,15 @@ class PlayContext(Base): becomecmd = '%s %s %s -c %s' % (exe, flags, executable, success_cmd) elif self.become_method == 'dzdo': + # If we have a password, we run dzdo with a randomly-generated + # prompt set using -p. Otherwise we run it with -n, if + # requested, which makes it fail if it would have prompted for a + # password. exe = self.become_exe or 'dzdo' if self.become_pass: prompt = '[dzdo via ansible, key=%s] password: ' % randbits - becomecmd = '%s %s -p %s -u %s %s' % (exe, flags, shlex_quote(prompt), self.become_user, command) + becomecmd = '%s %s -p %s -u %s %s' % (exe, flags.replace('-n', ''), shlex_quote(prompt), self.become_user, command) else: becomecmd = '%s %s -u %s %s' % (exe, flags, self.become_user, command)