some fixes to become/sudo

* now it uses -n to get immediate error if no password is supplied and one is needed,
   this should fix the issue with sudo hanging waiting for input.
 * made -k configurable, this can break changing become_users in play if left out,
   but opens up the possiblity of OTP support.
This commit is contained in:
Brian Coca 2015-08-15 12:05:39 -04:00
parent 4836641683
commit 49eb95e2d1
2 changed files with 10 additions and 5 deletions

View file

@ -46,8 +46,9 @@ gathering = implicit
# change this for alternative sudo implementations # change this for alternative sudo implementations
sudo_exe = sudo sudo_exe = sudo
# what flags to pass to sudo # What flags to pass to sudo
#sudo_flags = -H # WARNING: leaving out the defaults might create unexpected behaviours
#sudo_flags = -H -k
# SSH timeout # SSH timeout
timeout = 10 timeout = 10

View file

@ -346,9 +346,13 @@ class PlayContext(Base):
# sudo prompt set with the -p option. # sudo prompt set with the -p option.
prompt = '[sudo via ansible, key=%s] password: ' % randbits prompt = '[sudo via ansible, key=%s] password: ' % randbits
exe = self.become_exe or self.sudo_exe or 'sudo' exe = self.become_exe or self.sudo_exe or 'sudo'
flags = self.become_flags or self.sudo_flags or '' flags = self.become_flags or self.sudo_flags or C.DEFAULT_SUDO_FLAGS
becomecmd = '%s -k && %s %s -S -p "%s" -u %s %s -c %s' % \
(exe, exe, flags or C.DEFAULT_SUDO_FLAGS, prompt, self.become_user, executable, success_cmd) # force quick error if password is required but not supplied, should prevent sudo hangs.
if not self.become_pass:
flags += " -n "
becomecmd = '%s %s -S -p "%s" -u %s %s -c %s' % (exe, flags, prompt, self.become_user, executable, success_cmd)
elif self.become_method == 'su': elif self.become_method == 'su':