Fixing bug relating to su without an su_pass

11 years ago · 88e2595a90
parent fac7c6d3fe
commit 88e2595a90
2 changed files with 9 additions and 5 deletions
--- a/lib/ansible/playbook/init.py
+++ b/lib/ansible/playbook/init.py
@ -488,8 +488,11 @@ class PlayBook(object):
            callbacks=self.runner_callbacks,
            sudo=play.sudo,
            sudo_user=play.sudo_user,
-            transport=play.transport,
            sudo_pass=self.sudo_pass,
+            su=play.su,
+            su_user=play.su_user,
+            su_pass=self.su_pass,
+            transport=play.transport,
            is_playbook=True,
            module_vars=play.vars,
            default_vars=play.default_vars,
--- a/lib/ansible/runner/init.py
+++ b/lib/ansible/runner/init.py
@ -393,7 +393,7 @@ class Runner(object):
            sudoable = False

        if self.su:
-            res = self._low_level_exec_command(conn, cmd, tmp, su=sudoable, in_data=in_data)
+            res = self._low_level_exec_command(conn, cmd, tmp, su=True, in_data=in_data)
        else:
            res = self._low_level_exec_command(conn, cmd, tmp, sudoable=sudoable, in_data=in_data)

@ -631,7 +631,8 @@ class Runner(object):
        actual_transport = inject.get('ansible_connection', self.transport)
        actual_private_key_file = inject.get('ansible_ssh_private_key_file', self.private_key_file)
        self.sudo_pass = inject.get('ansible_sudo_pass', self.sudo_pass)
-        self.su = inject.get('ansible_su', self.su_pass)
+        self.su = inject.get('ansible_su', self.su)
+        self.su_user = inject.get('ansible_su_user', self.su_user)
        self.su_pass = inject.get('ansible_su_pass', self.su_pass)

        if actual_private_key_file is not None:
@ -843,7 +844,7 @@ class Runner(object):
        sudo_user = self.sudo_user
        su_user = self.su_user

-        # compare connection user to sudo_user and disable if the same
+        # compare connection user to (su|sudo)_user and disable if the same
        if hasattr(conn, 'user'):
            if conn.user == sudo_user or conn.user == su_user:
                sudoable = False
@ -852,8 +853,8 @@ class Runner(object):
        if su:
            rc, stdin, stdout, stderr = conn.exec_command(cmd,
                                                          tmp,
-                                                          su_user=su_user,
                                                          su=su,
+                                                          su_user=su_user,
                                                          executable=executable,
                                                          in_data=in_data)
        else: