slight changes to allow for checksum and other commands to work correctly with quoting

lib/ansible/runner/connection_plugins/ssh.py

@@ -306,7 +306,7 @@ class Connection(object):
 
         no_prompt_out = ''
         no_prompt_err = ''
-        if self.runner.become and sudoable and self.runner.become_pass:
+        if sudoable and self.runner.become and self.runner.become_pass:
             # several cases are handled for escalated privileges with password
             # * NOPASSWD (tty & no-tty): detect success_key on stdout
             # * without NOPASSWD:
@@ -319,11 +319,10 @@ class Connection(object):
             become_output = ''
             become_errput = ''
 
-            while success_key not in become_output:
+            while True:
-
+                if success_key in become_output or \
-                if prompt and become_output.endswith(prompt):
+                    (prompt and become_output.endswith(prompt)) or \
-                    break
+                    utils.su_prompts.check_su_prompt(become_output):
-                if utils.su_prompts.check_su_prompt(become_output):
                     break
 
                 rfd, wfd, efd = select.select([p.stdout, p.stderr], [],
@@ -351,12 +350,11 @@ class Connection(object):
                     stdout = p.communicate()
                     raise errors.AnsibleError('ssh connection error while waiting for %s password prompt' % self.runner.become_method)
 
-            if success_key not in become_output:
+            if success_key in become_output:
-                if sudoable:
-                    stdin.write(self.runner.become_pass + '\n')
-            else:
                 no_prompt_out += become_output
                 no_prompt_err += become_errput
+            elif sudoable:
+                stdin.write(self.runner.become_pass + '\n')
 
         (returncode, stdout, stderr) = self._communicate(p, stdin, in_data, sudoable=sudoable, prompt=prompt)
 

lib/ansible/utils/__init__.py

@@ -1241,8 +1241,8 @@ def make_become_cmd(cmd, user, shell, method, flags=None, exe=None):
         # sudo prompt set with the -p option.
         prompt = '[sudo via ansible, key=%s] password: ' % randbits
         exe = exe or C.DEFAULT_SUDO_EXE
-        becomecmd = '%s -k && %s %s -S -p "%s" -u %s %s -c "%s"' % \
+        becomecmd = '%s -k && %s %s -S -p "%s" -u %s %s -c %s' % \
-            (exe, exe, flags or C.DEFAULT_SUDO_FLAGS, prompt, user, shell, 'echo %s; %s' % (success_key, cmd))
+            (exe, exe, flags or C.DEFAULT_SUDO_FLAGS, prompt, user, shell, pipes.quote('echo %s; %s' % (success_key, cmd)))
 
     elif method == 'su':
         exe = exe or C.DEFAULT_SU_EXE
@@ -1252,13 +1252,13 @@ def make_become_cmd(cmd, user, shell, method, flags=None, exe=None):
     elif method == 'pbrun':
         exe = exe or 'pbrun'
         flags = flags or ''
-        becomecmd = '%s -b -l %s -u %s "%s"' % (exe, flags, user, 'echo %s; %s' % (success_key,cmd))
+        becomecmd = '%s -b -l %s -u %s "%s"' % (exe, flags, user, pipes.quote('echo %s; %s' % (success_key,cmd)))
 
     elif method == 'pfexec':
         exe = exe or 'pfexec'
         flags = flags or ''
         # No user as it uses it's own exec_attr to figure it out
-        becomecmd = '%s %s "%s"' % (exe, flags, 'echo %s; %s' % (success_key,cmd))
+        becomecmd = '%s %s "%s"' % (exe, flags, pipes.quote('echo %s; %s' % (success_key,cmd)))
 
     if becomecmd is None:
         raise errors.AnsibleError("Privilege escalation method not found: %s" % method)