Enable su support in paramkio; disable su support in fireball, local, accelerate, chroot, jail, funcd connection plugins

2024-09-14 20:13:21 +02:00 · 2013-12-26 12:45:41 -06:00 · 2013-12-26 12:45:41 -06:00 · ab6ee1a282
commit ab6ee1a282
parent c95be4ceaa
7 changed files with 36 additions and 14 deletions
--- a/lib/ansible/runner/connection_plugins/accelerate.py
+++ b/lib/ansible/runner/connection_plugins/accelerate.py
@ -159,9 +159,12 @@ class Connection(object):
        except socket.timeout:
            raise errors.AnsibleError("timed out while waiting to receive data")
-    def exec_command(self, cmd, tmp_path, sudo_user, sudoable=False, executable='/bin/sh', in_data=None):
+    def exec_command(self, cmd, tmp_path, sudo_user=None, sudoable=False, executable='/bin/sh', in_data=None, su=None, su_user=None):
        ''' run a command on the remote host '''
        if su or su_user:
            raise errors.AnsibleError("Internal Error: this module does not support running commands via su")
        if in_data:
            raise errors.AnsibleError("Internal Error: this module does not support optimized module pipelining")
--- a/lib/ansible/runner/connection_plugins/chroot.py
+++ b/lib/ansible/runner/connection_plugins/chroot.py
@ -60,9 +60,12 @@ class Connection(object):
        return self
-    def exec_command(self, cmd, tmp_path, sudo_user, sudoable=False, executable='/bin/sh', in_data=None):
+    def exec_command(self, cmd, tmp_path, sudo_user=None, sudoable=False, executable='/bin/sh', in_data=None, su=None, su_user=None):
        ''' run a command on the chroot '''
        if su or su_user:
            raise errors.AnsibleError("Internal Error: this module does not support running commands via su")
        if in_data:
            raise errors.AnsibleError("Internal Error: this module does not support optimized module pipelining")
--- a/lib/ansible/runner/connection_plugins/fireball.py
+++ b/lib/ansible/runner/connection_plugins/fireball.py
@ -68,7 +68,7 @@ class Connection(object):
        return self
-    def exec_command(self, cmd, tmp_path, sudo_user, sudoable=False, executable='/bin/sh', in_data=None):
+    def exec_command(self, cmd, tmp_path, sudo_user, sudoable=False, executable='/bin/sh', in_data=None, su_user=None, su=None):
        ''' run a command on the remote host '''
        if in_data:
@ -76,9 +76,9 @@ class Connection(object):
        vvv("EXEC COMMAND %s" % cmd)
-        if self.runner.sudo and sudoable:
+        if (self.runner.sudo and sudoable) or (self.runner.su and su):
            raise errors.AnsibleError(
-                "When using fireball, do not specify sudo to run your tasks. " +
+                "When using fireball, do not specify sudo or su to run your tasks. " +
                "Instead sudo the fireball action with sudo. " +
                "Task will communicate with the fireball already running in sudo mode."
            )
--- a/lib/ansible/runner/connection_plugins/funcd.py
+++ b/lib/ansible/runner/connection_plugins/funcd.py
@ -53,10 +53,13 @@ class Connection(object):
        self.client = fc.Client(self.host)
        return self
-    def exec_command(self, cmd, tmp_path, sudo_user, sudoable=False,
+    def exec_command(self, cmd, tmp_path, sudo_user=None, sudoable=False,
-                     executable='/bin/sh', in_data=None):
+                     executable='/bin/sh', in_data=None, su=None, su_user=None):
        ''' run a command on the remote minion '''
        if su or su_user:
            raise errors.AnsibleError("Internal Error: this module does not support running commands via su")
        if in_data:
            raise errors.AnsibleError("Internal Error: this module does not support optimized module pipelining")
--- a/lib/ansible/runner/connection_plugins/jail.py
+++ b/lib/ansible/runner/connection_plugins/jail.py
@ -91,9 +91,12 @@ class Connection(object):
            local_cmd = '%s "%s" %s' % (self.jexec_cmd, self.jail, cmd)
        return local_cmd
-    def exec_command(self, cmd, tmp_path, sudo_user, sudoable=False, executable='/bin/sh', in_data=None):
+    def exec_command(self, cmd, tmp_path, sudo_user=None, sudoable=False, executable='/bin/sh', in_data=None, su=None, su_user=None):
        ''' run a command on the chroot '''
        if su or su_user:
            raise errors.AnsibleError("Internal Error: this module does not support running commands via su")
        if in_data:
            raise errors.AnsibleError("Internal Error: this module does not support optimized module pipelining")
--- a/lib/ansible/runner/connection_plugins/local.py
+++ b/lib/ansible/runner/connection_plugins/local.py
@ -41,9 +41,13 @@ class Connection(object):
        return self
-    def exec_command(self, cmd, tmp_path, sudo_user, sudoable=False, executable='/bin/sh', in_data=None):
+    def exec_command(self, cmd, tmp_path, sudo_user=None, sudoable=False, executable='/bin/sh', in_data=None, su=None, su_user=None):
        ''' run a command on the local host '''
        # su requires to be run from a terminal, and therefore isn't supported here (yet?)
        if su or su_user:
            raise errors.AnsibleError("Internal Error: this module does not support running commands via su")
        if in_data:
            raise errors.AnsibleError("Internal Error: this module does not support optimized module pipelining")
--- a/lib/ansible/runner/connection_plugins/paramiko_ssh.py
+++ b/lib/ansible/runner/connection_plugins/paramiko_ssh.py
@ -176,7 +176,7 @@ class Connection(object):
        return ssh
-    def exec_command(self, cmd, tmp_path, sudo_user, sudoable=False, executable='/bin/sh', in_data=None):
+    def exec_command(self, cmd, tmp_path, sudo_user=None, sudoable=False, executable='/bin/sh', in_data=None, su=None, su_user=None):
        ''' run a command on the remote host '''
        if in_data:
@ -191,7 +191,7 @@ class Connection(object):
                msg += ": %s" % str(e)
            raise errors.AnsibleConnectionFailed(msg)
-        if not self.runner.sudo or not sudoable:
+        if not (self.runner.sudo and sudo) and not (self.runner.su and su):
            if executable:
                quoted_command = executable + ' -c ' + pipes.quote(cmd)
            else:
@ -206,12 +206,15 @@ class Connection(object):
                chan.get_pty(term=os.getenv('TERM', 'vt100'),
                             width=int(os.getenv('COLUMNS', 0)),
                             height=int(os.getenv('LINES', 0)))
            if self.runner.sudo or sudoable:
                shcmd, prompt, success_key = utils.make_sudo_cmd(sudo_user, executable, cmd)
            elif self.runner.su or su:
                shcmd, prompt, success_key = utils.make_su_cmd(su_user, executable, cmd)
            vvv("EXEC %s" % shcmd, host=self.host)
            sudo_output = ''
            try:
                chan.exec_command(shcmd)
-                if self.runner.sudo_pass:
+                if self.runner.sudo_pass or self.runner.su_pass:
                    while not sudo_output.endswith(prompt) and success_key not in sudo_output:
                        chunk = chan.recv(bufsize)
                        if not chunk:
@ -223,7 +226,10 @@ class Connection(object):
                                    'closed waiting for password prompt')
                        sudo_output += chunk
                    if success_key not in sudo_output:
                        if sudoable:
                            chan.sendall(self.runner.sudo_pass + '\n')
                        elif su:
                            chan.sendall(self.runner.su_pass + '\n')
            except socket.timeout:
                raise errors.AnsibleError('ssh timed out waiting for sudo.\n' + sudo_output)