fine tuned password handling as we were getting false positives, probably caused by other changes up the stack that now call these functions in more cases.
This commit is contained in:
parent
6fcfebd21d
commit
dbab703265
2 changed files with 28 additions and 10 deletions
|
@ -230,23 +230,29 @@ class Connection(ConnectionBase):
|
||||||
chan.exec_command(cmd)
|
chan.exec_command(cmd)
|
||||||
if self._play_context.prompt:
|
if self._play_context.prompt:
|
||||||
if self._play_context.become and self._play_context.become_pass:
|
if self._play_context.become and self._play_context.become_pass:
|
||||||
|
passprompt = False
|
||||||
while True:
|
while True:
|
||||||
self._display.debug('Waiting for Privilege Escalation input')
|
self._display.debug('Waiting for Privilege Escalation input')
|
||||||
if self.check_become_success(become_output) or self.check_password_prompt(become_output):
|
if self.check_become_success(become_output):
|
||||||
break
|
break
|
||||||
|
elif self.check_password_prompt(become_output):
|
||||||
|
passprompt = True
|
||||||
|
break
|
||||||
|
|
||||||
chunk = chan.recv(bufsize)
|
chunk = chan.recv(bufsize)
|
||||||
self._display.debug("chunk is: %s" % chunk)
|
self._display.debug("chunk is: %s" % chunk)
|
||||||
if not chunk:
|
if not chunk:
|
||||||
if 'unknown user' in become_output:
|
if 'unknown user' in become_output:
|
||||||
raise AnsibleError(
|
raise AnsibleError( 'user %s does not exist' % become_user)
|
||||||
'user %s does not exist' % become_user)
|
|
||||||
else:
|
else:
|
||||||
raise AnsibleError('ssh connection ' +
|
break
|
||||||
'closed waiting for password prompt')
|
#raise AnsibleError('ssh connection closed waiting for password prompt')
|
||||||
become_output += chunk
|
become_output += chunk
|
||||||
if not self.check_become_success(become_output):
|
if passprompt:
|
||||||
if self._play_context.become:
|
if self._play_context.become and self._play_context.become_pass:
|
||||||
chan.sendall(self._play_context.become_pass + '\n')
|
chan.sendall(self._play_context.become_pass + '\n')
|
||||||
|
else:
|
||||||
|
raise AnsibleError("A password is reqired but none was supplied")
|
||||||
else:
|
else:
|
||||||
no_prompt_out += become_output
|
no_prompt_out += become_output
|
||||||
no_prompt_err += become_output
|
no_prompt_err += become_output
|
||||||
|
|
|
@ -371,11 +371,19 @@ class Connection(ConnectionBase):
|
||||||
|
|
||||||
become_output = ''
|
become_output = ''
|
||||||
become_errput = ''
|
become_errput = ''
|
||||||
|
passprompt = False
|
||||||
while True:
|
while True:
|
||||||
self._display.debug('Waiting for Privilege Escalation input')
|
self._display.debug('Waiting for Privilege Escalation input')
|
||||||
if self.check_become_success(become_output + become_errput) or self.check_password_prompt(become_output + become_errput):
|
|
||||||
|
if self.check_become_success(become_output + become_errput):
|
||||||
|
self._display.debug('Succeded!')
|
||||||
|
break
|
||||||
|
elif self.check_password_prompt(become_output) or self.check_password_prompt(become_errput):
|
||||||
|
self._display.debug('Password prompt!')
|
||||||
|
passprompt = True
|
||||||
break
|
break
|
||||||
|
|
||||||
|
self._display.debug('Read next chunks')
|
||||||
rfd, wfd, efd = select.select([p.stdout, p.stderr], [], [p.stdout], self._play_context.timeout)
|
rfd, wfd, efd = select.select([p.stdout, p.stderr], [], [p.stdout], self._play_context.timeout)
|
||||||
if not rfd:
|
if not rfd:
|
||||||
# timeout. wrap up process communication
|
# timeout. wrap up process communication
|
||||||
|
@ -385,16 +393,20 @@ class Connection(ConnectionBase):
|
||||||
elif p.stderr in rfd:
|
elif p.stderr in rfd:
|
||||||
chunk = p.stderr.read()
|
chunk = p.stderr.read()
|
||||||
become_errput += chunk
|
become_errput += chunk
|
||||||
|
self._display.debug('stderr chunk is: %s' % chunk)
|
||||||
self.check_incorrect_password(become_errput)
|
self.check_incorrect_password(become_errput)
|
||||||
|
|
||||||
elif p.stdout in rfd:
|
elif p.stdout in rfd:
|
||||||
chunk = p.stdout.read()
|
chunk = p.stdout.read()
|
||||||
become_output += chunk
|
become_output += chunk
|
||||||
|
self._display.debug('stdout chunk is: %s' % chunk)
|
||||||
|
|
||||||
|
|
||||||
if not chunk:
|
if not chunk:
|
||||||
raise AnsibleError('Connection closed waiting for privilege escalation password prompt: %s ' % become_output)
|
break
|
||||||
|
#raise AnsibleError('Connection closed waiting for privilege escalation password prompt: %s ' % become_output)
|
||||||
|
|
||||||
if not self.check_become_success(become_output + become_errput):
|
if passprompt:
|
||||||
self._display.debug("Sending privilege escalation password.")
|
self._display.debug("Sending privilege escalation password.")
|
||||||
stdin.write(self._play_context.become_pass + '\n')
|
stdin.write(self._play_context.become_pass + '\n')
|
||||||
else:
|
else:
|
||||||
|
|
Loading…
Reference in a new issue