1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

Add sudo_flags configuration option to alter sudo behaviour

Default to -H to set $HOME appropriately.
This commit is contained in:
Daniel Hokka Zakrisson 2013-01-28 17:41:43 +01:00
parent 133874a577
commit 5268d49bad
4 changed files with 10 additions and 4 deletions

View file

@ -14,11 +14,12 @@ New modules:
New config settings: New config settings:
* default_sudo_exe parameter can be set in config to use sudo alternatives * sudo_exe parameter can be set in config to use sudo alternatives
* added when_failed and when_changed * sudo_flags parameter can alter the flags used with sudo
New playbook/language features: New playbook/language features:
* added when_failed and when_changed
* task includes can now be of infinite depth * task includes can now be of infinite depth
* when_set and when_unset can take more than one var (when_set: $a and $b and $c) * when_set and when_unset can take more than one var (when_set: $a and $b and $c)
* added the with_sequence lookup plugin * added the with_sequence lookup plugin

View file

@ -76,6 +76,9 @@ remote_port=22
sudo_exe=sudo sudo_exe=sudo
# the default flags passed to sudo
# sudo_flags=-H
# how to handle hash defined in several places # how to handle hash defined in several places
# hash can be merged, or replaced # hash can be merged, or replaced
# if you use replace, and have multiple hashes named 'x', the last defined # if you use replace, and have multiple hashes named 'x', the last defined

View file

@ -92,6 +92,7 @@ DEFAULT_MANAGED_STR = get_config(p, DEFAULTS, 'ansible_managed', None,
DEFAULT_SYSLOG_FACILITY = get_config(p, DEFAULTS, 'syslog_facility', 'ANSIBLE_SYSLOG_FACILITY', 'LOG_USER') DEFAULT_SYSLOG_FACILITY = get_config(p, DEFAULTS, 'syslog_facility', 'ANSIBLE_SYSLOG_FACILITY', 'LOG_USER')
DEFAULT_KEEP_REMOTE_FILES = get_config(p, DEFAULTS, 'keep_remote_files', 'ANSIBLE_KEEP_REMOTE_FILES', '0') DEFAULT_KEEP_REMOTE_FILES = get_config(p, DEFAULTS, 'keep_remote_files', 'ANSIBLE_KEEP_REMOTE_FILES', '0')
DEFAULT_SUDO_EXE = get_config(p, DEFAULTS, 'sudo_exe', 'ANSIBLE_SUDO_EXE', 'sudo') DEFAULT_SUDO_EXE = get_config(p, DEFAULTS, 'sudo_exe', 'ANSIBLE_SUDO_EXE', 'sudo')
DEFAULT_SUDO_FLAGS = get_config(p, DEFAULTS, 'sudo_flags', 'ANSIBLE_SUDO_FLAGS', '-H')
DEFAULT_HASH_BEHAVIOUR = get_config(p, DEFAULTS, 'hash_behaviour', 'ANSIBLE_HASH_BEHAVIOUR', 'replace') DEFAULT_HASH_BEHAVIOUR = get_config(p, DEFAULTS, 'hash_behaviour', 'ANSIBLE_HASH_BEHAVIOUR', 'replace')
DEFAULT_ACTION_PLUGIN_PATH = shell_expand_path(get_config(p, DEFAULTS, 'action_plugins', 'ANSIBLE_ACTION_PLUGINS', '/usr/share/ansible_plugins/action_plugins')) DEFAULT_ACTION_PLUGIN_PATH = shell_expand_path(get_config(p, DEFAULTS, 'action_plugins', 'ANSIBLE_ACTION_PLUGINS', '/usr/share/ansible_plugins/action_plugins'))

View file

@ -590,6 +590,7 @@ def make_sudo_cmd(sudo_user, executable, cmd):
# the -p option. # the -p option.
randbits = ''.join(chr(random.randint(ord('a'), ord('z'))) for x in xrange(32)) randbits = ''.join(chr(random.randint(ord('a'), ord('z'))) for x in xrange(32))
prompt = '[sudo via ansible, key=%s] password: ' % randbits prompt = '[sudo via ansible, key=%s] password: ' % randbits
sudocmd = '%s -k && %s -S -p "%s" -u %s %s -c %s' % ( sudocmd = '%s -k && %s %s -S -p "%s" -u %s %s -c %s' % (
C.DEFAULT_SUDO_EXE, C.DEFAULT_SUDO_EXE, prompt, sudo_user, executable or '$SHELL', pipes.quote(cmd)) C.DEFAULT_SUDO_EXE, C.DEFAULT_SUDO_EXE, C.DEFAULT_SUDO_FLAGS,
prompt, sudo_user, executable or '$SHELL', pipes.quote(cmd))
return ('/bin/sh -c ' + pipes.quote(sudocmd), prompt) return ('/bin/sh -c ' + pipes.quote(sudocmd), prompt)