adds privilege escalation method for pmrun(Unix Privilege Manager 6.0)
This commit is contained in:
parent
f9b836a901
commit
04073dfa9b
4 changed files with 14 additions and 6 deletions
|
@ -276,7 +276,8 @@ BECOME_ERROR_STRINGS = {
|
|||
'pfexec': '',
|
||||
'doas': 'Permission denied',
|
||||
'dzdo': '',
|
||||
'ksu': 'Password incorrect'
|
||||
'ksu': 'Password incorrect',
|
||||
'pmrun': 'You are not permitted to run this command'
|
||||
} # FIXME: deal with i18n
|
||||
BECOME_MISSING_STRINGS = {
|
||||
'sudo': 'sorry, a password is required to run sudo',
|
||||
|
@ -285,9 +286,10 @@ BECOME_MISSING_STRINGS = {
|
|||
'pfexec': '',
|
||||
'doas': 'Authorization required',
|
||||
'dzdo': '',
|
||||
'ksu': 'No password given'
|
||||
'ksu': 'No password given',
|
||||
'pmrun': ''
|
||||
} # FIXME: deal with i18n
|
||||
BECOME_METHODS = ['sudo', 'su', 'pbrun', 'pfexec', 'doas', 'dzdo', 'ksu', 'runas']
|
||||
BECOME_METHODS = ['sudo', 'su', 'pbrun', 'pfexec', 'doas', 'dzdo', 'ksu', 'runas', 'pmrun']
|
||||
BECOME_ALLOW_SAME_USER = get_config(p, 'privilege_escalation', 'become_allow_same_user', 'ANSIBLE_BECOME_ALLOW_SAME_USER', False, value_type='boolean')
|
||||
DEFAULT_BECOME_METHOD = get_config(p, 'privilege_escalation', 'become_method', 'ANSIBLE_BECOME_METHOD',
|
||||
'sudo' if DEFAULT_SUDO else 'su' if DEFAULT_SU else 'sudo').lower()
|
||||
|
@ -297,7 +299,6 @@ DEFAULT_BECOME_EXE = get_config(p, 'privilege_escalation', 'become_exe', 'ANSIBL
|
|||
DEFAULT_BECOME_FLAGS = get_config(p, 'privilege_escalation', 'become_flags', 'ANSIBLE_BECOME_FLAGS', None)
|
||||
DEFAULT_BECOME_ASK_PASS = get_config(p, 'privilege_escalation', 'become_ask_pass', 'ANSIBLE_BECOME_ASK_PASS', False, value_type='boolean')
|
||||
|
||||
|
||||
# PLUGINS
|
||||
|
||||
# Modules that can optimize with_items loops into a single call. Currently
|
||||
|
|
|
@ -119,7 +119,7 @@ def check_command(commandline):
|
|||
'mount': 'mount', 'rpm': 'yum, dnf or zypper', 'yum': 'yum', 'apt-get': 'apt',
|
||||
'tar': 'unarchive', 'unzip': 'unarchive', 'sed': 'template or lineinfile',
|
||||
'dnf': 'dnf', 'zypper': 'zypper' }
|
||||
become = [ 'sudo', 'su', 'pbrun', 'pfexec', 'runas' ]
|
||||
become = [ 'sudo', 'su', 'pbrun', 'pfexec', 'runas', 'pmrun' ]
|
||||
warnings = list()
|
||||
command = os.path.basename(commandline.split()[0])
|
||||
if command in arguments:
|
||||
|
|
|
@ -125,7 +125,7 @@ options:
|
|||
description:
|
||||
- Become method to Use for privledge escalation.
|
||||
required: False
|
||||
choices: ["None", "sudo", "su", "pbrun", "pfexec"]
|
||||
choices: ["None", "sudo", "su", "pbrun", "pfexec", "pmrun"]
|
||||
default: "None"
|
||||
become_username:
|
||||
description:
|
||||
|
|
|
@ -587,6 +587,13 @@ class PlayContext(Base):
|
|||
else:
|
||||
becomecmd = '%s -u %s %s' % (exe, self.become_user, command)
|
||||
|
||||
elif self.become_method == 'pmrun':
|
||||
|
||||
exe = self.become_exe or 'pmrun'
|
||||
|
||||
prompt='Enter UPM user password:'
|
||||
becomecmd = '%s %s %s' % (exe, flags, shlex_quote(command))
|
||||
|
||||
else:
|
||||
raise AnsibleError("Privilege escalation method not found: %s" % self.become_method)
|
||||
|
||||
|
|
Loading…
Reference in a new issue