From 9597b7c1109f0f16048d0ec9a3d12e3693d10619 Mon Sep 17 00:00:00 2001 From: "patchback[bot]" <45432694+patchback[bot]@users.noreply.github.com> Date: Sun, 21 Jul 2024 22:15:40 +0200 Subject: [PATCH] [PR #8623/a24ee93f backport][stable-9] Type options of become plugins (#8659) Type options of become plugins (#8623) Type options of become plugins. (cherry picked from commit a24ee93f23f4653a9b5271107c2cc1c4b9489804) Co-authored-by: Felix Fontein --- changelogs/fragments/8623-become-types.yml | 2 ++ plugins/become/doas.py | 18 ++++++++++++------ plugins/become/dzdo.py | 12 ++++++++---- plugins/become/ksu.py | 18 ++++++++++++------ plugins/become/machinectl.py | 12 ++++++++---- plugins/become/pbrun.py | 14 +++++++++----- plugins/become/pfexec.py | 16 ++++++++++------ plugins/become/pmrun.py | 7 +++++-- plugins/become/sesu.py | 12 ++++++++---- plugins/become/sudosu.py | 3 +++ 10 files changed, 77 insertions(+), 37 deletions(-) create mode 100644 changelogs/fragments/8623-become-types.yml diff --git a/changelogs/fragments/8623-become-types.yml b/changelogs/fragments/8623-become-types.yml new file mode 100644 index 0000000000..c38e67eca1 --- /dev/null +++ b/changelogs/fragments/8623-become-types.yml @@ -0,0 +1,2 @@ +minor_changes: + - "doas, dzdo, ksu, machinectl, pbrun, pfexec, pmrun, sesu, sudosu become plugins - make sure that all options are typed (https://github.com/ansible-collections/community.general/pull/8623)." diff --git a/plugins/become/doas.py b/plugins/become/doas.py index 69e730aad4..761e5e1e95 100644 --- a/plugins/become/doas.py +++ b/plugins/become/doas.py @@ -13,7 +13,8 @@ DOCUMENTATION = ''' author: Ansible Core Team options: become_user: - description: User you 'become' to execute the task + description: User you 'become' to execute the task. + type: string ini: - section: privilege_escalation key: become_user @@ -26,7 +27,8 @@ DOCUMENTATION = ''' - name: ANSIBLE_BECOME_USER - name: ANSIBLE_DOAS_USER become_exe: - description: Doas executable + description: Doas executable. + type: string default: doas ini: - section: privilege_escalation @@ -40,7 +42,8 @@ DOCUMENTATION = ''' - name: ANSIBLE_BECOME_EXE - name: ANSIBLE_DOAS_EXE become_flags: - description: Options to pass to doas + description: Options to pass to doas. + type: string default: '' ini: - section: privilege_escalation @@ -54,7 +57,8 @@ DOCUMENTATION = ''' - name: ANSIBLE_BECOME_FLAGS - name: ANSIBLE_DOAS_FLAGS become_pass: - description: password for doas prompt + description: Password for doas prompt. + type: string required: false vars: - name: ansible_become_password @@ -68,8 +72,10 @@ DOCUMENTATION = ''' key: password prompt_l10n: description: - - List of localized strings to match for prompt detection - - If empty we'll use the built in one + - List of localized strings to match for prompt detection. + - If empty we will use the built in one. + type: list + elements: string default: [] ini: - section: doas_become_plugin diff --git a/plugins/become/dzdo.py b/plugins/become/dzdo.py index a358e84e39..d94c684d1f 100644 --- a/plugins/become/dzdo.py +++ b/plugins/become/dzdo.py @@ -13,7 +13,8 @@ DOCUMENTATION = ''' author: Ansible Core Team options: become_user: - description: User you 'become' to execute the task + description: User you 'become' to execute the task. + type: string ini: - section: privilege_escalation key: become_user @@ -26,7 +27,8 @@ DOCUMENTATION = ''' - name: ANSIBLE_BECOME_USER - name: ANSIBLE_DZDO_USER become_exe: - description: Dzdo executable + description: Dzdo executable. + type: string default: dzdo ini: - section: privilege_escalation @@ -40,7 +42,8 @@ DOCUMENTATION = ''' - name: ANSIBLE_BECOME_EXE - name: ANSIBLE_DZDO_EXE become_flags: - description: Options to pass to dzdo + description: Options to pass to dzdo. + type: string default: -H -S -n ini: - section: privilege_escalation @@ -54,7 +57,8 @@ DOCUMENTATION = ''' - name: ANSIBLE_BECOME_FLAGS - name: ANSIBLE_DZDO_FLAGS become_pass: - description: Options to pass to dzdo + description: Options to pass to dzdo. + type: string required: false vars: - name: ansible_become_password diff --git a/plugins/become/ksu.py b/plugins/become/ksu.py index fa2f66864a..2be1832dc2 100644 --- a/plugins/become/ksu.py +++ b/plugins/become/ksu.py @@ -13,7 +13,8 @@ DOCUMENTATION = ''' author: Ansible Core Team options: become_user: - description: User you 'become' to execute the task + description: User you 'become' to execute the task. + type: string ini: - section: privilege_escalation key: become_user @@ -27,7 +28,8 @@ DOCUMENTATION = ''' - name: ANSIBLE_KSU_USER required: true become_exe: - description: Su executable + description: Su executable. + type: string default: ksu ini: - section: privilege_escalation @@ -41,7 +43,8 @@ DOCUMENTATION = ''' - name: ANSIBLE_BECOME_EXE - name: ANSIBLE_KSU_EXE become_flags: - description: Options to pass to ksu + description: Options to pass to ksu. + type: string default: '' ini: - section: privilege_escalation @@ -55,7 +58,8 @@ DOCUMENTATION = ''' - name: ANSIBLE_BECOME_FLAGS - name: ANSIBLE_KSU_FLAGS become_pass: - description: ksu password + description: Ksu password. + type: string required: false vars: - name: ansible_ksu_pass @@ -69,8 +73,10 @@ DOCUMENTATION = ''' key: password prompt_l10n: description: - - List of localized strings to match for prompt detection - - If empty we'll use the built in one + - List of localized strings to match for prompt detection. + - If empty we will use the built in one. + type: list + elements: string default: [] ini: - section: ksu_become_plugin diff --git a/plugins/become/machinectl.py b/plugins/become/machinectl.py index e2773ed6a5..a0467c2c36 100644 --- a/plugins/become/machinectl.py +++ b/plugins/become/machinectl.py @@ -13,7 +13,8 @@ DOCUMENTATION = ''' author: Ansible Core Team options: become_user: - description: User you 'become' to execute the task + description: User you 'become' to execute the task. + type: string default: '' ini: - section: privilege_escalation @@ -27,7 +28,8 @@ DOCUMENTATION = ''' - name: ANSIBLE_BECOME_USER - name: ANSIBLE_MACHINECTL_USER become_exe: - description: Machinectl executable + description: Machinectl executable. + type: string default: machinectl ini: - section: privilege_escalation @@ -41,7 +43,8 @@ DOCUMENTATION = ''' - name: ANSIBLE_BECOME_EXE - name: ANSIBLE_MACHINECTL_EXE become_flags: - description: Options to pass to machinectl + description: Options to pass to machinectl. + type: string default: '' ini: - section: privilege_escalation @@ -55,7 +58,8 @@ DOCUMENTATION = ''' - name: ANSIBLE_BECOME_FLAGS - name: ANSIBLE_MACHINECTL_FLAGS become_pass: - description: Password for machinectl + description: Password for machinectl. + type: string required: false vars: - name: ansible_become_password diff --git a/plugins/become/pbrun.py b/plugins/become/pbrun.py index 7d1437191e..8a96b75797 100644 --- a/plugins/become/pbrun.py +++ b/plugins/become/pbrun.py @@ -13,7 +13,8 @@ DOCUMENTATION = ''' author: Ansible Core Team options: become_user: - description: User you 'become' to execute the task + description: User you 'become' to execute the task. + type: string default: '' ini: - section: privilege_escalation @@ -27,7 +28,8 @@ DOCUMENTATION = ''' - name: ANSIBLE_BECOME_USER - name: ANSIBLE_PBRUN_USER become_exe: - description: Sudo executable + description: Sudo executable. + type: string default: pbrun ini: - section: privilege_escalation @@ -41,7 +43,8 @@ DOCUMENTATION = ''' - name: ANSIBLE_BECOME_EXE - name: ANSIBLE_PBRUN_EXE become_flags: - description: Options to pass to pbrun + description: Options to pass to pbrun. + type: string default: '' ini: - section: privilege_escalation @@ -55,7 +58,8 @@ DOCUMENTATION = ''' - name: ANSIBLE_BECOME_FLAGS - name: ANSIBLE_PBRUN_FLAGS become_pass: - description: Password for pbrun + description: Password for pbrun. + type: string required: false vars: - name: ansible_become_password @@ -68,7 +72,7 @@ DOCUMENTATION = ''' - section: pbrun_become_plugin key: password wrap_exe: - description: Toggle to wrap the command pbrun calls in 'shell -c' or not + description: Toggle to wrap the command pbrun calls in C(shell -c) or not. default: false type: bool ini: diff --git a/plugins/become/pfexec.py b/plugins/become/pfexec.py index 2468a28a94..d48d622713 100644 --- a/plugins/become/pfexec.py +++ b/plugins/become/pfexec.py @@ -14,9 +14,10 @@ DOCUMENTATION = ''' options: become_user: description: - - User you 'become' to execute the task + - User you 'become' to execute the task. - This plugin ignores this setting as pfexec uses it's own C(exec_attr) to figure this out, but it is supplied here for Ansible to make decisions needed for the task execution, like file permissions. + type: string default: root ini: - section: privilege_escalation @@ -30,7 +31,8 @@ DOCUMENTATION = ''' - name: ANSIBLE_BECOME_USER - name: ANSIBLE_PFEXEC_USER become_exe: - description: Sudo executable + description: Sudo executable. + type: string default: pfexec ini: - section: privilege_escalation @@ -44,7 +46,8 @@ DOCUMENTATION = ''' - name: ANSIBLE_BECOME_EXE - name: ANSIBLE_PFEXEC_EXE become_flags: - description: Options to pass to pfexec + description: Options to pass to pfexec. + type: string default: -H -S -n ini: - section: privilege_escalation @@ -58,7 +61,8 @@ DOCUMENTATION = ''' - name: ANSIBLE_BECOME_FLAGS - name: ANSIBLE_PFEXEC_FLAGS become_pass: - description: pfexec password + description: pfexec password. + type: string required: false vars: - name: ansible_become_password @@ -71,7 +75,7 @@ DOCUMENTATION = ''' - section: pfexec_become_plugin key: password wrap_exe: - description: Toggle to wrap the command pfexec calls in 'shell -c' or not + description: Toggle to wrap the command pfexec calls in C(shell -c) or not. default: false type: bool ini: @@ -82,7 +86,7 @@ DOCUMENTATION = ''' env: - name: ANSIBLE_PFEXEC_WRAP_EXECUTION notes: - - This plugin ignores O(become_user) as pfexec uses it's own C(exec_attr) to figure this out. + - This plugin ignores O(become_user) as pfexec uses its own C(exec_attr) to figure this out. ''' from ansible.plugins.become import BecomeBase diff --git a/plugins/become/pmrun.py b/plugins/become/pmrun.py index 74b633f09a..908c5e759d 100644 --- a/plugins/become/pmrun.py +++ b/plugins/become/pmrun.py @@ -14,6 +14,7 @@ DOCUMENTATION = ''' options: become_exe: description: Sudo executable + type: string default: pmrun ini: - section: privilege_escalation @@ -27,7 +28,8 @@ DOCUMENTATION = ''' - name: ANSIBLE_BECOME_EXE - name: ANSIBLE_PMRUN_EXE become_flags: - description: Options to pass to pmrun + description: Options to pass to pmrun. + type: string default: '' ini: - section: privilege_escalation @@ -41,7 +43,8 @@ DOCUMENTATION = ''' - name: ANSIBLE_BECOME_FLAGS - name: ANSIBLE_PMRUN_FLAGS become_pass: - description: pmrun password + description: pmrun password. + type: string required: false vars: - name: ansible_become_password diff --git a/plugins/become/sesu.py b/plugins/become/sesu.py index 5958c1bfca..4dcb837e70 100644 --- a/plugins/become/sesu.py +++ b/plugins/become/sesu.py @@ -13,7 +13,8 @@ DOCUMENTATION = ''' author: ansible (@nekonyuu) options: become_user: - description: User you 'become' to execute the task + description: User you 'become' to execute the task. + type: string default: '' ini: - section: privilege_escalation @@ -27,7 +28,8 @@ DOCUMENTATION = ''' - name: ANSIBLE_BECOME_USER - name: ANSIBLE_SESU_USER become_exe: - description: sesu executable + description: sesu executable. + type: string default: sesu ini: - section: privilege_escalation @@ -41,7 +43,8 @@ DOCUMENTATION = ''' - name: ANSIBLE_BECOME_EXE - name: ANSIBLE_SESU_EXE become_flags: - description: Options to pass to sesu + description: Options to pass to sesu. + type: string default: -H -S -n ini: - section: privilege_escalation @@ -55,7 +58,8 @@ DOCUMENTATION = ''' - name: ANSIBLE_BECOME_FLAGS - name: ANSIBLE_SESU_FLAGS become_pass: - description: Password to pass to sesu + description: Password to pass to sesu. + type: string required: false vars: - name: ansible_become_password diff --git a/plugins/become/sudosu.py b/plugins/become/sudosu.py index 2b009db4b7..5454fd2316 100644 --- a/plugins/become/sudosu.py +++ b/plugins/become/sudosu.py @@ -16,6 +16,7 @@ DOCUMENTATION = """ options: become_user: description: User you 'become' to execute the task. + type: string default: root ini: - section: privilege_escalation @@ -30,6 +31,7 @@ DOCUMENTATION = """ - name: ANSIBLE_SUDO_USER become_flags: description: Options to pass to C(sudo). + type: string default: -H -S -n ini: - section: privilege_escalation @@ -44,6 +46,7 @@ DOCUMENTATION = """ - name: ANSIBLE_SUDO_FLAGS become_pass: description: Password to pass to C(sudo). + type: string required: false vars: - name: ansible_become_password