diff --git a/lib/ansible/runner/__init__.py b/lib/ansible/runner/__init__.py index a5a978d301..99bc6ae59c 100644 --- a/lib/ansible/runner/__init__.py +++ b/lib/ansible/runner/__init__.py @@ -171,7 +171,8 @@ class Runner(object): self.private_key_file = private_key_file self.background = background self.sudo = sudo - self.sudo_user = sudo_user + self.sudo_user_var = sudo_user + self.sudo_user = None self.sudo_pass = sudo_pass self.is_playbook = is_playbook self.environment = environment @@ -431,10 +432,6 @@ class Runner(object): if self.inventory.src() is not None: inject['inventory_file'] = self.inventory.src() - # late processing of parameterized sudo_user - if self.sudo_user is not None: - self.sudo_user = template.template(self.basedir, self.sudo_user, inject) - # allow with_foo to work in playbooks... items = None items_plugin = self.module_vars.get('items_lookup_plugin', None) @@ -527,6 +524,9 @@ class Runner(object): def _executor_internal_inner(self, host, module_name, module_args, inject, port, is_chained=False, complex_args=None): ''' decides how to invoke a module ''' + # late processing of parameterized sudo_user (with_items,..) + if self.sudo_user_var is not None: + self.sudo_user = template.template(self.basedir, self.sudo_user_var, inject) # allow module args to work as a dictionary # though it is usually a string