slight changes to allow for checksum and other commands to work correctly with quoting

10 years ago · a47c132695
parent 23f7538016
commit a47c132695
2 changed files with 12 additions and 14 deletions
--- a/lib/ansible/runner/connection_plugins/ssh.py
+++ b/lib/ansible/runner/connection_plugins/ssh.py
@ -306,7 +306,7 @@ class Connection(object):
        no_prompt_out = ''
        no_prompt_err = ''
-        if self.runner.become and sudoable and self.runner.become_pass:
+        if sudoable and self.runner.become and self.runner.become_pass:
            # several cases are handled for escalated privileges with password
            # * NOPASSWD (tty & no-tty): detect success_key on stdout
            # * without NOPASSWD:
@ -319,11 +319,10 @@ class Connection(object):
            become_output = ''
            become_errput = ''
-            while success_key not in become_output:
+            while True:
-
+                if success_key in become_output or \
-                if prompt and become_output.endswith(prompt):
+                    (prompt and become_output.endswith(prompt)) or \
-                    break
+                    utils.su_prompts.check_su_prompt(become_output):
                if utils.su_prompts.check_su_prompt(become_output):
                    break
                rfd, wfd, efd = select.select([p.stdout, p.stderr], [],
@ -351,12 +350,11 @@ class Connection(object):
                    stdout = p.communicate()
                    raise errors.AnsibleError('ssh connection error while waiting for %s password prompt' % self.runner.become_method)
-            if success_key not in become_output:
+            if success_key in become_output:
                if sudoable:
                    stdin.write(self.runner.become_pass + '\n')
            else:
                no_prompt_out += become_output
                no_prompt_err += become_errput
            elif sudoable:
                stdin.write(self.runner.become_pass + '\n')
        (returncode, stdout, stderr) = self._communicate(p, stdin, in_data, sudoable=sudoable, prompt=prompt)
--- a/lib/ansible/utils/init.py
+++ b/lib/ansible/utils/init.py
@ -1241,8 +1241,8 @@ def make_become_cmd(cmd, user, shell, method, flags=None, exe=None):
        # sudo prompt set with the -p option.
        prompt = '[sudo via ansible, key=%s] password: ' % randbits
        exe = exe or C.DEFAULT_SUDO_EXE
-        becomecmd = '%s -k && %s %s -S -p "%s" -u %s %s -c "%s"' % \
+        becomecmd = '%s -k && %s %s -S -p "%s" -u %s %s -c %s' % \
-            (exe, exe, flags or C.DEFAULT_SUDO_FLAGS, prompt, user, shell, 'echo %s; %s' % (success_key, cmd))
+            (exe, exe, flags or C.DEFAULT_SUDO_FLAGS, prompt, user, shell, pipes.quote('echo %s; %s' % (success_key, cmd)))
    elif method == 'su':
        exe = exe or C.DEFAULT_SU_EXE
@ -1252,13 +1252,13 @@ def make_become_cmd(cmd, user, shell, method, flags=None, exe=None):
    elif method == 'pbrun':
        exe = exe or 'pbrun'
        flags = flags or ''
-        becomecmd = '%s -b -l %s -u %s "%s"' % (exe, flags, user, 'echo %s; %s' % (success_key,cmd))
+        becomecmd = '%s -b -l %s -u %s "%s"' % (exe, flags, user, pipes.quote('echo %s; %s' % (success_key,cmd)))
    elif method == 'pfexec':
        exe = exe or 'pfexec'
        flags = flags or ''
        # No user as it uses it's own exec_attr to figure it out
-        becomecmd = '%s %s "%s"' % (exe, flags, 'echo %s; %s' % (success_key,cmd))
+        becomecmd = '%s %s "%s"' % (exe, flags, pipes.quote('echo %s; %s' % (success_key,cmd)))
    if becomecmd is None:
        raise errors.AnsibleError("Privilege escalation method not found: %s" % method)