mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
If sudoing to a user other than root, the home directory of the original user is very unlikely to be readable by the
sudoed to user, so just use tmp. Data will be readable by others (briefly before deletion) but never writeable.
This commit is contained in:
parent
aa40c5f3b3
commit
fcdc281c28
1 changed files with 2 additions and 0 deletions
|
@ -641,6 +641,8 @@ class Runner(object):
|
||||||
basetmp = os.path.join(C.DEFAULT_REMOTE_TMP, basefile)
|
basetmp = os.path.join(C.DEFAULT_REMOTE_TMP, basefile)
|
||||||
if self.remote_user == 'root':
|
if self.remote_user == 'root':
|
||||||
basetmp = os.path.join('/var/tmp', basefile)
|
basetmp = os.path.join('/var/tmp', basefile)
|
||||||
|
elif self.sudo and self.sudo_user != 'root':
|
||||||
|
basetmp = os.path.join('/tmp', basefile)
|
||||||
|
|
||||||
cmd = 'mkdir -p %s' % basetmp
|
cmd = 'mkdir -p %s' % basetmp
|
||||||
if self.remote_user != 'root':
|
if self.remote_user != 'root':
|
||||||
|
|
Loading…
Reference in a new issue