summaryrefslogtreecommitdiffstats
path: root/ansible_collections/community/general/plugins/become/sudosu.py
diff options
context:
space:
mode:
Diffstat (limited to 'ansible_collections/community/general/plugins/become/sudosu.py')
-rw-r--r--ansible_collections/community/general/plugins/become/sudosu.py92
1 files changed, 92 insertions, 0 deletions
diff --git a/ansible_collections/community/general/plugins/become/sudosu.py b/ansible_collections/community/general/plugins/become/sudosu.py
new file mode 100644
index 000000000..60bb2aa51
--- /dev/null
+++ b/ansible_collections/community/general/plugins/become/sudosu.py
@@ -0,0 +1,92 @@
+# -*- coding: utf-8 -*-
+# Copyright (c) 2021, Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+DOCUMENTATION = """
+ name: sudosu
+ short_description: Run tasks using sudo su -
+ description:
+ - This become plugin allows your remote/login user to execute commands as another user via the C(sudo) and C(su) utilities combined.
+ author:
+ - Dag Wieers (@dagwieers)
+ version_added: 2.4.0
+ options:
+ become_user:
+ description: User you 'become' to execute the task.
+ default: root
+ ini:
+ - section: privilege_escalation
+ key: become_user
+ - section: sudo_become_plugin
+ key: user
+ vars:
+ - name: ansible_become_user
+ - name: ansible_sudo_user
+ env:
+ - name: ANSIBLE_BECOME_USER
+ - name: ANSIBLE_SUDO_USER
+ become_flags:
+ description: Options to pass to C(sudo).
+ default: -H -S -n
+ ini:
+ - section: privilege_escalation
+ key: become_flags
+ - section: sudo_become_plugin
+ key: flags
+ vars:
+ - name: ansible_become_flags
+ - name: ansible_sudo_flags
+ env:
+ - name: ANSIBLE_BECOME_FLAGS
+ - name: ANSIBLE_SUDO_FLAGS
+ become_pass:
+ description: Password to pass to C(sudo).
+ required: false
+ vars:
+ - name: ansible_become_password
+ - name: ansible_become_pass
+ - name: ansible_sudo_pass
+ env:
+ - name: ANSIBLE_BECOME_PASS
+ - name: ANSIBLE_SUDO_PASS
+ ini:
+ - section: sudo_become_plugin
+ key: password
+"""
+
+
+from ansible.plugins.become import BecomeBase
+
+
+class BecomeModule(BecomeBase):
+
+ name = 'community.general.sudosu'
+
+ # messages for detecting prompted password issues
+ fail = ('Sorry, try again.',)
+ missing = ('Sorry, a password is required to run sudo', 'sudo: a password is required')
+
+ def build_become_command(self, cmd, shell):
+ super(BecomeModule, self).build_become_command(cmd, shell)
+
+ if not cmd:
+ return cmd
+
+ becomecmd = 'sudo'
+
+ flags = self.get_option('become_flags') or ''
+ prompt = ''
+ if self.get_option('become_pass'):
+ self.prompt = '[sudo via ansible, key=%s] password:' % self._id
+ if flags: # this could be simplified, but kept as is for now for backwards string matching
+ flags = flags.replace('-n', '')
+ prompt = '-p "%s"' % (self.prompt)
+
+ user = self.get_option('become_user') or ''
+ if user:
+ user = '%s' % (user)
+
+ return ' '.join([becomecmd, flags, prompt, 'su -l', user, self._build_success_command(cmd, shell)])