From eb8759176f55e1a08cc0d763fbb532fa4fb7d4f3 Mon Sep 17 00:00:00 2001 From: Matt Martz Date: Wed, 23 Apr 2014 16:14:48 -0500 Subject: [PATCH] Allow sudo to another user from root --- lib/ansible/runner/__init__.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/ansible/runner/__init__.py b/lib/ansible/runner/__init__.py index f6f50f22b5c..f91fad38ccb 100644 --- a/lib/ansible/runner/__init__.py +++ b/lib/ansible/runner/__init__.py @@ -933,13 +933,13 @@ class Runner(object): # compare connection user to (su|sudo)_user and disable if the same if hasattr(conn, 'user'): - if conn.user == sudo_user or conn.user == su_user: + if (not su and conn.user == sudo_user) or (su and conn.user == su_user): sudoable = False su = False else: # assume connection type is local if no user attribute this_user = getpass.getuser() - if this_user == sudo_user or this_user == su_user: + if (not su and this_user == sudo_user) or (su and this_user == su_user): sudoable = False su = False