From 49eb95e2d100f3409699cd0edb5bead063ddd0ab Mon Sep 17 00:00:00 2001 From: Brian Coca Date: Sat, 15 Aug 2015 12:05:39 -0400 Subject: [PATCH] some fixes to become/sudo * now it uses -n to get immediate error if no password is supplied and one is needed, this should fix the issue with sudo hanging waiting for input. * made -k configurable, this can break changing become_users in play if left out, but opens up the possiblity of OTP support. --- examples/ansible.cfg | 5 +++-- lib/ansible/playbook/play_context.py | 10 +++++++--- 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/examples/ansible.cfg b/examples/ansible.cfg index b6845c0703..4ab8cca172 100644 --- a/examples/ansible.cfg +++ b/examples/ansible.cfg @@ -46,8 +46,9 @@ gathering = implicit # change this for alternative sudo implementations sudo_exe = sudo -# what flags to pass to sudo -#sudo_flags = -H +# What flags to pass to sudo +# WARNING: leaving out the defaults might create unexpected behaviours +#sudo_flags = -H -k # SSH timeout timeout = 10 diff --git a/lib/ansible/playbook/play_context.py b/lib/ansible/playbook/play_context.py index 466f59702c..98a111ae33 100644 --- a/lib/ansible/playbook/play_context.py +++ b/lib/ansible/playbook/play_context.py @@ -346,9 +346,13 @@ class PlayContext(Base): # sudo prompt set with the -p option. prompt = '[sudo via ansible, key=%s] password: ' % randbits exe = self.become_exe or self.sudo_exe or 'sudo' - flags = self.become_flags or self.sudo_flags or '' - becomecmd = '%s -k && %s %s -S -p "%s" -u %s %s -c %s' % \ - (exe, exe, flags or C.DEFAULT_SUDO_FLAGS, prompt, self.become_user, executable, success_cmd) + flags = self.become_flags or self.sudo_flags or C.DEFAULT_SUDO_FLAGS + + # force quick error if password is required but not supplied, should prevent sudo hangs. + if not self.become_pass: + flags += " -n " + + becomecmd = '%s %s -S -p "%s" -u %s %s -c %s' % (exe, flags, prompt, self.become_user, executable, success_cmd) elif self.become_method == 'su':