Add sudo_flags configuration option to alter sudo behaviour
Default to -H to set $HOME appropriately.
This commit is contained in:
Daniel Hokka Zakrisson
parent
133874a577
commit
5268d49bad
4 changed files with 10 additions and 4 deletions
|
|
@ -14,11 +14,12 @@ New modules:
|
|||
|
||||
New config settings:
|
||||
|
||||
* default_sudo_exe parameter can be set in config to use sudo alternatives
|
||||
* added when_failed and when_changed
|
||||
* sudo_exe parameter can be set in config to use sudo alternatives
|
||||
* sudo_flags parameter can alter the flags used with sudo
|
||||
|
||||
New playbook/language features:
|
||||
|
||||
* added when_failed and when_changed
|
||||
* task includes can now be of infinite depth
|
||||
* when_set and when_unset can take more than one var (when_set: $a and $b and $c)
|
||||
* added the with_sequence lookup plugin
|
||||
|
|
|
|||
|
|
@ -76,6 +76,9 @@ remote_port=22
|
|||
|
||||
sudo_exe=sudo
|
||||
|
||||
# the default flags passed to sudo
|
||||
# sudo_flags=-H
|
||||
|
||||
# how to handle hash defined in several places
|
||||
# hash can be merged, or replaced
|
||||
# if you use replace, and have multiple hashes named 'x', the last defined
|
||||
|
|
|
|||
|
|
@ -92,6 +92,7 @@ DEFAULT_MANAGED_STR = get_config(p, DEFAULTS, 'ansible_managed', None,
|
|||
DEFAULT_SYSLOG_FACILITY = get_config(p, DEFAULTS, 'syslog_facility', 'ANSIBLE_SYSLOG_FACILITY', 'LOG_USER')
|
||||
DEFAULT_KEEP_REMOTE_FILES = get_config(p, DEFAULTS, 'keep_remote_files', 'ANSIBLE_KEEP_REMOTE_FILES', '0')
|
||||
DEFAULT_SUDO_EXE = get_config(p, DEFAULTS, 'sudo_exe', 'ANSIBLE_SUDO_EXE', 'sudo')
|
||||
DEFAULT_SUDO_FLAGS = get_config(p, DEFAULTS, 'sudo_flags', 'ANSIBLE_SUDO_FLAGS', '-H')
|
||||
DEFAULT_HASH_BEHAVIOUR = get_config(p, DEFAULTS, 'hash_behaviour', 'ANSIBLE_HASH_BEHAVIOUR', 'replace')
|
||||
|
||||
DEFAULT_ACTION_PLUGIN_PATH = shell_expand_path(get_config(p, DEFAULTS, 'action_plugins', 'ANSIBLE_ACTION_PLUGINS', '/usr/share/ansible_plugins/action_plugins'))
|
||||
|
|
|
|||
|
|
@ -590,6 +590,7 @@ def make_sudo_cmd(sudo_user, executable, cmd):
|
|||
# the -p option.
|
||||
randbits = ''.join(chr(random.randint(ord('a'), ord('z'))) for x in xrange(32))
|
||||
prompt = '[sudo via ansible, key=%s] password: ' % randbits
|
||||
sudocmd = '%s -k && %s -S -p "%s" -u %s %s -c %s' % (
|
||||
C.DEFAULT_SUDO_EXE, C.DEFAULT_SUDO_EXE, prompt, sudo_user, executable or '$SHELL', pipes.quote(cmd))
|
||||
sudocmd = '%s -k && %s %s -S -p "%s" -u %s %s -c %s' % (
|
||||
C.DEFAULT_SUDO_EXE, C.DEFAULT_SUDO_EXE, C.DEFAULT_SUDO_FLAGS,
|
||||
prompt, sudo_user, executable or '$SHELL', pipes.quote(cmd))
|
||||
return ('/bin/sh -c ' + pipes.quote(sudocmd), prompt)
|
||||
|
|
|
|||
Loading…
Reference in a new issue