diff --git a/lib/ansible/runner/connection_plugins/ssh.py b/lib/ansible/runner/connection_plugins/ssh.py index 25a330dcef..a7a57a01cf 100644 --- a/lib/ansible/runner/connection_plugins/ssh.py +++ b/lib/ansible/runner/connection_plugins/ssh.py @@ -306,7 +306,7 @@ class Connection(object): no_prompt_out = '' no_prompt_err = '' - if self.runner.become and sudoable and self.runner.become_pass: + if sudoable and self.runner.become and self.runner.become_pass: # several cases are handled for escalated privileges with password # * NOPASSWD (tty & no-tty): detect success_key on stdout # * without NOPASSWD: @@ -319,11 +319,10 @@ class Connection(object): become_output = '' become_errput = '' - while success_key not in become_output: - - if prompt and become_output.endswith(prompt): - break - if utils.su_prompts.check_su_prompt(become_output): + while True: + if success_key in become_output or \ + (prompt and become_output.endswith(prompt)) or \ + utils.su_prompts.check_su_prompt(become_output): break rfd, wfd, efd = select.select([p.stdout, p.stderr], [], @@ -351,12 +350,11 @@ class Connection(object): stdout = p.communicate() raise errors.AnsibleError('ssh connection error while waiting for %s password prompt' % self.runner.become_method) - if success_key not in become_output: - if sudoable: - stdin.write(self.runner.become_pass + '\n') - else: + if success_key in become_output: no_prompt_out += become_output no_prompt_err += become_errput + elif sudoable: + stdin.write(self.runner.become_pass + '\n') (returncode, stdout, stderr) = self._communicate(p, stdin, in_data, sudoable=sudoable, prompt=prompt) diff --git a/lib/ansible/utils/__init__.py b/lib/ansible/utils/__init__.py index 3745f0d430..f164b25bd4 100644 --- a/lib/ansible/utils/__init__.py +++ b/lib/ansible/utils/__init__.py @@ -1241,8 +1241,8 @@ def make_become_cmd(cmd, user, shell, method, flags=None, exe=None): # sudo prompt set with the -p option. prompt = '[sudo via ansible, key=%s] password: ' % randbits exe = exe or C.DEFAULT_SUDO_EXE - becomecmd = '%s -k && %s %s -S -p "%s" -u %s %s -c "%s"' % \ - (exe, exe, flags or C.DEFAULT_SUDO_FLAGS, prompt, user, shell, 'echo %s; %s' % (success_key, cmd)) + becomecmd = '%s -k && %s %s -S -p "%s" -u %s %s -c %s' % \ + (exe, exe, flags or C.DEFAULT_SUDO_FLAGS, prompt, user, shell, pipes.quote('echo %s; %s' % (success_key, cmd))) elif method == 'su': exe = exe or C.DEFAULT_SU_EXE @@ -1252,13 +1252,13 @@ def make_become_cmd(cmd, user, shell, method, flags=None, exe=None): elif method == 'pbrun': exe = exe or 'pbrun' flags = flags or '' - becomecmd = '%s -b -l %s -u %s "%s"' % (exe, flags, user, 'echo %s; %s' % (success_key,cmd)) + becomecmd = '%s -b -l %s -u %s "%s"' % (exe, flags, user, pipes.quote('echo %s; %s' % (success_key,cmd))) elif method == 'pfexec': exe = exe or 'pfexec' flags = flags or '' # No user as it uses it's own exec_attr to figure it out - becomecmd = '%s %s "%s"' % (exe, flags, 'echo %s; %s' % (success_key,cmd)) + becomecmd = '%s %s "%s"' % (exe, flags, pipes.quote('echo %s; %s' % (success_key,cmd))) if becomecmd is None: raise errors.AnsibleError("Privilege escalation method not found: %s" % method)