mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
Add sudo_flags configuration option to alter sudo behaviour
Default to -H to set $HOME appropriately.
This commit is contained in:
parent
133874a577
commit
5268d49bad
4 changed files with 10 additions and 4 deletions
|
@ -14,11 +14,12 @@ New modules:
|
||||||
|
|
||||||
New config settings:
|
New config settings:
|
||||||
|
|
||||||
* default_sudo_exe parameter can be set in config to use sudo alternatives
|
* sudo_exe parameter can be set in config to use sudo alternatives
|
||||||
* added when_failed and when_changed
|
* sudo_flags parameter can alter the flags used with sudo
|
||||||
|
|
||||||
New playbook/language features:
|
New playbook/language features:
|
||||||
|
|
||||||
|
* added when_failed and when_changed
|
||||||
* task includes can now be of infinite depth
|
* task includes can now be of infinite depth
|
||||||
* when_set and when_unset can take more than one var (when_set: $a and $b and $c)
|
* when_set and when_unset can take more than one var (when_set: $a and $b and $c)
|
||||||
* added the with_sequence lookup plugin
|
* added the with_sequence lookup plugin
|
||||||
|
|
|
@ -76,6 +76,9 @@ remote_port=22
|
||||||
|
|
||||||
sudo_exe=sudo
|
sudo_exe=sudo
|
||||||
|
|
||||||
|
# the default flags passed to sudo
|
||||||
|
# sudo_flags=-H
|
||||||
|
|
||||||
# how to handle hash defined in several places
|
# how to handle hash defined in several places
|
||||||
# hash can be merged, or replaced
|
# hash can be merged, or replaced
|
||||||
# if you use replace, and have multiple hashes named 'x', the last defined
|
# if you use replace, and have multiple hashes named 'x', the last defined
|
||||||
|
|
|
@ -92,6 +92,7 @@ DEFAULT_MANAGED_STR = get_config(p, DEFAULTS, 'ansible_managed', None,
|
||||||
DEFAULT_SYSLOG_FACILITY = get_config(p, DEFAULTS, 'syslog_facility', 'ANSIBLE_SYSLOG_FACILITY', 'LOG_USER')
|
DEFAULT_SYSLOG_FACILITY = get_config(p, DEFAULTS, 'syslog_facility', 'ANSIBLE_SYSLOG_FACILITY', 'LOG_USER')
|
||||||
DEFAULT_KEEP_REMOTE_FILES = get_config(p, DEFAULTS, 'keep_remote_files', 'ANSIBLE_KEEP_REMOTE_FILES', '0')
|
DEFAULT_KEEP_REMOTE_FILES = get_config(p, DEFAULTS, 'keep_remote_files', 'ANSIBLE_KEEP_REMOTE_FILES', '0')
|
||||||
DEFAULT_SUDO_EXE = get_config(p, DEFAULTS, 'sudo_exe', 'ANSIBLE_SUDO_EXE', 'sudo')
|
DEFAULT_SUDO_EXE = get_config(p, DEFAULTS, 'sudo_exe', 'ANSIBLE_SUDO_EXE', 'sudo')
|
||||||
|
DEFAULT_SUDO_FLAGS = get_config(p, DEFAULTS, 'sudo_flags', 'ANSIBLE_SUDO_FLAGS', '-H')
|
||||||
DEFAULT_HASH_BEHAVIOUR = get_config(p, DEFAULTS, 'hash_behaviour', 'ANSIBLE_HASH_BEHAVIOUR', 'replace')
|
DEFAULT_HASH_BEHAVIOUR = get_config(p, DEFAULTS, 'hash_behaviour', 'ANSIBLE_HASH_BEHAVIOUR', 'replace')
|
||||||
|
|
||||||
DEFAULT_ACTION_PLUGIN_PATH = shell_expand_path(get_config(p, DEFAULTS, 'action_plugins', 'ANSIBLE_ACTION_PLUGINS', '/usr/share/ansible_plugins/action_plugins'))
|
DEFAULT_ACTION_PLUGIN_PATH = shell_expand_path(get_config(p, DEFAULTS, 'action_plugins', 'ANSIBLE_ACTION_PLUGINS', '/usr/share/ansible_plugins/action_plugins'))
|
||||||
|
|
|
@ -590,6 +590,7 @@ def make_sudo_cmd(sudo_user, executable, cmd):
|
||||||
# the -p option.
|
# the -p option.
|
||||||
randbits = ''.join(chr(random.randint(ord('a'), ord('z'))) for x in xrange(32))
|
randbits = ''.join(chr(random.randint(ord('a'), ord('z'))) for x in xrange(32))
|
||||||
prompt = '[sudo via ansible, key=%s] password: ' % randbits
|
prompt = '[sudo via ansible, key=%s] password: ' % randbits
|
||||||
sudocmd = '%s -k && %s -S -p "%s" -u %s %s -c %s' % (
|
sudocmd = '%s -k && %s %s -S -p "%s" -u %s %s -c %s' % (
|
||||||
C.DEFAULT_SUDO_EXE, C.DEFAULT_SUDO_EXE, prompt, sudo_user, executable or '$SHELL', pipes.quote(cmd))
|
C.DEFAULT_SUDO_EXE, C.DEFAULT_SUDO_EXE, C.DEFAULT_SUDO_FLAGS,
|
||||||
|
prompt, sudo_user, executable or '$SHELL', pipes.quote(cmd))
|
||||||
return ('/bin/sh -c ' + pipes.quote(sudocmd), prompt)
|
return ('/bin/sh -c ' + pipes.quote(sudocmd), prompt)
|
||||||
|
|
Loading…
Reference in a new issue