Merge pull request #5713 from angstwad/su-fix

Disallow su and sudo params in same play/task
This commit is contained in:
jctanner 2014-01-23 13:55:43 -08:00
commit 19e8742005
2 changed files with 12 additions and 0 deletions

View file

@ -125,6 +125,11 @@ class Play(object):
self.su = ds.get('su', self.playbook.su) self.su = ds.get('su', self.playbook.su)
self.su_user = ds.get('su_user', self.playbook.su_user) self.su_user = ds.get('su_user', self.playbook.su_user)
# Fail out if user specifies a sudo param with a su param in a given play
if (ds.get('sudo') or ds.get('sudo_user')) and (ds.get('su') or ds.get('su_user')):
raise errors.AnsibleError('sudo params ("sudo", "sudo_user") and su params '
'("su", "su_user") cannot be used together')
load_vars = {} load_vars = {}
load_vars['playbook_dir'] = self.basedir load_vars['playbook_dir'] = self.basedir
if self.playbook.inventory.basedir() is not None: if self.playbook.inventory.basedir() is not None:

View file

@ -157,6 +157,13 @@ class Task(object):
self.su_user = ds.get('su_user', play.su_user) self.su_user = ds.get('su_user', play.su_user)
self.su_pass = ds.get('su_pass', play.playbook.su_pass) self.su_pass = ds.get('su_pass', play.playbook.su_pass)
# Fail out if user specifies a sudo param with a su param in a given play
if (ds.get('sudo') or ds.get('sudo_user') or ds.get('sudo_pass')) and \
(ds.get('su') or ds.get('su_user') or ds.get('su_pass')):
raise errors.AnsibleError('sudo params ("sudo", "sudo_user", "sudo_pass") '
'and su params "su", "su_user", "su_pass") '
'cannot be used together')
# Both are defined # Both are defined
if ('action' in ds) and ('local_action' in ds): if ('action' in ds) and ('local_action' in ds):
raise errors.AnsibleError("the 'action' and 'local_action' attributes can not be used together") raise errors.AnsibleError("the 'action' and 'local_action' attributes can not be used together")