Warn on use of sudo, etc. in shell/command.

This commit is contained in:
Bill Nottingham 2015-07-27 11:02:24 -04:00 committed by Matt Clay
parent ba9ba7d0f5
commit d4069a8a8a

View file

@ -144,12 +144,15 @@ def check_command(commandline):
'mount': 'mount', 'rpm': 'yum', 'yum': 'yum', 'apt-get': 'apt-get', 'mount': 'mount', 'rpm': 'yum', 'yum': 'yum', 'apt-get': 'apt-get',
'tar': 'unarchive', 'unzip': 'unarchive', 'sed': 'template or lineinfile', 'tar': 'unarchive', 'unzip': 'unarchive', 'sed': 'template or lineinfile',
'rsync': 'synchronize' } 'rsync': 'synchronize' }
become = [ 'sudo', 'su', 'pbrun', 'pfexec', 'runas' ]
warnings = list() warnings = list()
command = os.path.basename(commandline.split()[0]) command = os.path.basename(commandline.split()[0])
if command in arguments: if command in arguments:
warnings.append("Consider using file module with %s rather than running %s" % (arguments[command], command)) warnings.append("Consider using file module with %s rather than running %s" % (arguments[command], command))
if command in commands: if command in commands:
warnings.append("Consider using %s module rather than running %s" % (commands[command], command)) warnings.append("Consider using %s module rather than running %s" % (commands[command], command))
if command in become:
warnings.append("Consider using 'become', 'become_method', and 'become_user' rather than running %s" % (command,))
return warnings return warnings