Don't rewrite remote paths when remote is secretly local (#40259)

* Don't rewrite remote paths when remote is secretly local

* Remote overriding is configurable in connection

* Use c.DEFAULT_LOCAL_TMP instead of remote_tmp

* Remove remote_is_local from ConnectionBase

* remote_is_local->_remote_is_local

* Add warning signs to _remote_is_local and explanatory comments to its use

lib/ansible/plugins/action/__init__.py

@@ -246,7 +246,13 @@ class ActionBase(with_metaclass(ABCMeta, object)):
         # deal with tmpdir creation
         basefile = 'ansible-tmp-%s-%s' % (time.time(), random.randint(0, 2**48))
         use_system_tmp = bool(self._play_context.become and self._play_context.become_user not in admin_users)
-        tmpdir = self._remote_expand_user(remote_tmp, sudoable=False)
+        # Network connection plugins (network_cli, netconf, etc.) execute on the controller, rather than the remote host.
+        # As such, we want to avoid using remote_user for paths  as remote_user may not line up with the local user
+        # This is a hack and should be solved by more intelligent handling of remote_tmp in 2.7
+        if getattr(self._connection, '_remote_is_local', False):
+            tmpdir = C.DEFAULT_LOCAL_TMP
+        else:
+            tmpdir = self._remote_expand_user(remote_tmp, sudoable=False)
         cmd = self._connection._shell.mkdtemp(basefile=basefile, system=use_system_tmp, tmpdir=tmpdir)
         result = self._low_level_execute_command(cmd, sudoable=False)
 
@@ -568,7 +574,12 @@ class ActionBase(with_metaclass(ABCMeta, object)):
         expand_path = split_path[0]
 
         if expand_path == '~':
-            if sudoable and self._play_context.become and self._play_context.become_user:
+            # Network connection plugins (network_cli, netconf, etc.) execute on the controller, rather than the remote host.
+            # As such, we want to avoid using remote_user for paths  as remote_user may not line up with the local user
+            # This is a hack and should be solved by more intelligent handling of remote_tmp in 2.7
+            if getattr(self._connection, '_remote_is_local', False):
+                pass
+            elif sudoable and self._play_context.become and self._play_context.become_user:
                 expand_path = '~%s' % self._play_context.become_user
             else:
                 # use remote user instead, if none set default to current user

lib/ansible/plugins/connection/netconf.py

@@ -169,6 +169,8 @@ class Connection(ConnectionBase):
     transport = 'netconf'
     has_pipelining = False
     force_persistence = True
+    # Do not use _remote_is_local in other connections
+    _remote_is_local = True
 
     def __init__(self, play_context, new_stdin, *args, **kwargs):
         super(Connection, self).__init__(play_context, new_stdin, *args, **kwargs)

lib/ansible/plugins/connection/network_cli.py

@@ -188,6 +188,8 @@ class Connection(ConnectionBase):
     transport = 'network_cli'
     has_pipelining = True
     force_persistence = True
+    # Do not use _remote_is_local in other connections
+    _remote_is_local = True
 
     def __init__(self, play_context, new_stdin, *args, **kwargs):
         super(Connection, self).__init__(play_context, new_stdin, *args, **kwargs)