ansible_mitogen: Template become command arguments (become_flags)

Uses the same fallback for (mitogen_sudo et al) as become_exe (see #1173).

The new `Spec.become_flags()` is not yet explicitly tested. Note that it
returns a string (matching the Ansible option of the same name), whereas
`Spec.sudo_args()` returns a list.

refs #1083
pull/1174/head
Alex Willmer 4 weeks ago
parent 04f7b7a282
commit 66ea10d577

@ -213,6 +213,12 @@ class Spec(with_metaclass(abc.ABCMeta, object)):
:data:`True` if privilege escalation should be active. :data:`True` if privilege escalation should be active.
""" """
@abc.abstractmethod
def become_flags(self):
"""
The command line arguments passed to the become executable.
"""
@abc.abstractmethod @abc.abstractmethod
def become_method(self): def become_method(self):
""" """
@ -290,10 +296,9 @@ class Spec(with_metaclass(abc.ABCMeta, object)):
@abc.abstractmethod @abc.abstractmethod
def sudo_args(self): def sudo_args(self):
""" """
The list of additional arguments that should be included in a become The list of additional arguments that should be included in a sudo
invocation. invocation.
""" """
# TODO: split out into sudo_args/become_args.
@abc.abstractmethod @abc.abstractmethod
def mitogen_via(self): def mitogen_via(self):
@ -431,6 +436,7 @@ class PlayContextSpec(Spec):
fallback_options = { fallback_options = {
'become_exe', 'become_exe',
'become_flags',
} }
if name not in fallback_options: if name not in fallback_options:
raise raise
@ -464,6 +470,9 @@ class PlayContextSpec(Spec):
def become(self): def become(self):
return self._connection.become return self._connection.become
def become_flags(self):
return self._become_option('become_flags')
def become_method(self): def become_method(self):
return self._play_context.become_method return self._play_context.become_method
@ -529,19 +538,7 @@ class PlayContextSpec(Spec):
return self._become_option('become_exe') return self._become_option('become_exe')
def sudo_args(self): def sudo_args(self):
return [ return ansible.utils.shlex.shlex_split(self.become_flags() or '')
mitogen.core.to_text(term)
for term in ansible.utils.shlex.shlex_split(
first_true((
self._play_context.become_flags,
# Ansible <=2.7.
getattr(self._play_context, 'sudo_flags', ''),
# Ansible <=2.3.
getattr(C, 'DEFAULT_BECOME_FLAGS', ''),
getattr(C, 'DEFAULT_SUDO_FLAGS', '')
), default='')
)
]
def mitogen_via(self): def mitogen_via(self):
return self._connection.get_task_var('mitogen_via') return self._connection.get_task_var('mitogen_via')
@ -676,6 +673,9 @@ class MitogenViaSpec(Spec):
def become(self): def become(self):
return bool(self._become_user) return bool(self._become_user)
def become_flags(self):
return self._host_vars.get('ansible_become_flags')
def become_method(self): def become_method(self):
return ( return (
self._become_method or self._become_method or
@ -771,7 +771,7 @@ class MitogenViaSpec(Spec):
mitogen.core.to_text(term) mitogen.core.to_text(term)
for s in ( for s in (
self._host_vars.get('ansible_sudo_flags') or '', self._host_vars.get('ansible_sudo_flags') or '',
self._host_vars.get('ansible_become_flags') or '', self.become_flags() or '',
) )
for term in ansible.utils.shlex.shlex_split(s) for term in ansible.utils.shlex.shlex_split(s)
] ]

@ -23,6 +23,8 @@ In progress (unreleased)
* :gh:issue:`1083` :mod:`ansible_mitogen`: Templated become executable * :gh:issue:`1083` :mod:`ansible_mitogen`: Templated become executable
(e.g. ``become_exe``). (e.g. ``become_exe``).
* :gh:issue:`1083` :mod:`ansible_mitogen`: Templated become executable
arguments (e.g. ``become_flags``).
v0.3.15 (2024-10-28) v0.3.15 (2024-10-28)

@ -34,6 +34,7 @@ ansible_user="{{ lookup('pipe', 'whoami') }}"
[tt_become_by_inv] [tt_become_by_inv]
tt-become-exe ansible_become=true ansible_become_exe="{{ 'sudo' | trim }}" ansible_become_user=root tt-become-exe ansible_become=true ansible_become_exe="{{ 'sudo' | trim }}" ansible_become_user=root
tt-become-flags ansible_become=true ansible_become_flags="{{ '--set-home --stdin --non-interactive' | trim }}" ansible_become_user=root
tt-become-pass ansible_become=true ansible_become_pass="{{ 'pw_required_password' | trim }}" ansible_become_user=mitogen__pw_required tt-become-pass ansible_become=true ansible_become_pass="{{ 'pw_required_password' | trim }}" ansible_become_user=mitogen__pw_required
tt-become-user ansible_become=true ansible_become_user="{{ 'root' | trim }}" tt-become-user ansible_become=true ansible_become_user="{{ 'root' | trim }}"

@ -13,6 +13,7 @@
vars: vars:
expected_become_users: expected_become_users:
tt-become-exe: root tt-become-exe: root
tt-become-flags: root
tt-become-pass: mitogen__pw_required tt-become-pass: mitogen__pw_required
tt-become-user: root tt-become-user: root
command: command:

@ -3,6 +3,7 @@
gather_facts: false gather_facts: false
become: true become: true
become_exe: "{{ 'sudo' | trim }}" become_exe: "{{ 'sudo' | trim }}"
become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}"
become_user: "{{ 'root' | trim }}" become_user: "{{ 'root' | trim }}"
tasks: tasks:
- meta: reset_connection - meta: reset_connection
@ -22,6 +23,7 @@
gather_facts: false gather_facts: false
become: true become: true
become_exe: "{{ 'sudo' | trim }}" become_exe: "{{ 'sudo' | trim }}"
become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}"
become_user: "{{ 'mitogen__pw_required' | trim }}" become_user: "{{ 'mitogen__pw_required' | trim }}"
vars: vars:
ansible_become_pass: "{{ 'pw_required_password' | trim }}" ansible_become_pass: "{{ 'pw_required_password' | trim }}"

@ -4,6 +4,7 @@
vars: vars:
ansible_become: true ansible_become: true
ansible_become_exe: "{{ 'sudo' | trim }}" ansible_become_exe: "{{ 'sudo' | trim }}"
ansible_become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}"
ansible_become_user: "{{ 'root' | trim }}" ansible_become_user: "{{ 'root' | trim }}"
tasks: tasks:
- name: Templated become by play vars, no password - name: Templated become by play vars, no password
@ -22,6 +23,7 @@
vars: vars:
ansible_become: true ansible_become: true
ansible_become_exe: "{{ 'sudo' | trim }}" ansible_become_exe: "{{ 'sudo' | trim }}"
ansible_become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}"
ansible_become_pass: "{{ 'pw_required_password' | trim }}" ansible_become_pass: "{{ 'pw_required_password' | trim }}"
ansible_become_user: "{{ 'mitogen__pw_required' | trim }}" ansible_become_user: "{{ 'mitogen__pw_required' | trim }}"
tasks: tasks:

@ -5,6 +5,7 @@
# https://github.com/mitogen-hq/mitogen/issues/1132 # https://github.com/mitogen-hq/mitogen/issues/1132
become: true become: true
become_exe: "{{ 'sudo' | trim }}" become_exe: "{{ 'sudo' | trim }}"
become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}"
become_user: "{{ 'root' | trim }}" become_user: "{{ 'root' | trim }}"
tasks: tasks:
- name: Reset connection to target that will be delegate_to - name: Reset connection to target that will be delegate_to
@ -17,6 +18,7 @@
- name: Templated become by task keywords, with delegate_to - name: Templated become by task keywords, with delegate_to
become: true become: true
become_exe: "{{ 'sudo' | trim }}" become_exe: "{{ 'sudo' | trim }}"
become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}"
become_user: "{{ 'root' | trim }}" become_user: "{{ 'root' | trim }}"
delegate_to: "{{ groups.tt_become_bare[0] }}" delegate_to: "{{ groups.tt_become_bare[0] }}"
command: command:
@ -36,6 +38,7 @@
# https://github.com/mitogen-hq/mitogen/issues/1132 # https://github.com/mitogen-hq/mitogen/issues/1132
become: true become: true
become_exe: "{{ 'sudo' | trim }}" become_exe: "{{ 'sudo' | trim }}"
become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}"
become_user: "{{ 'mitogen__pw_required' | trim }}" become_user: "{{ 'mitogen__pw_required' | trim }}"
vars: vars:
ansible_become_pass: "{{ 'pw_required_password' | trim }}" ansible_become_pass: "{{ 'pw_required_password' | trim }}"
@ -56,6 +59,7 @@
- name: Templated become by task keywords, with delegate_to - name: Templated become by task keywords, with delegate_to
become: true become: true
become_exe: "{{ 'sudo' | trim }}" become_exe: "{{ 'sudo' | trim }}"
become_flags: "{{ '--set-home --stdin --non-interactive' | trim }}"
become_user: "{{ 'mitogen__pw_required' | trim }}" become_user: "{{ 'mitogen__pw_required' | trim }}"
delegate_to: "{{ groups.tt_become_bare[0] }}" delegate_to: "{{ groups.tt_become_bare[0] }}"
vars: vars:

@ -59,6 +59,7 @@ ansible_user=mitogen__has_sudo_nopw
[tt_become_by_inv] [tt_become_by_inv]
tt-become-exe ansible_become=true ansible_become_exe="{{ '{{' }} 'sudo' | trim {{ '}}' }}" ansible_become_user=root tt-become-exe ansible_become=true ansible_become_exe="{{ '{{' }} 'sudo' | trim {{ '}}' }}" ansible_become_user=root
tt-become-flags ansible_become=true ansible_become_flags="{{ '{{' }} '--set-home --stdin --non-interactive' | trim {{ '}}' }}" ansible_become_user=root
tt-become-pass ansible_become=true ansible_become_pass="{{ '{{' }} 'pw_required_password' | trim {{ '}}' }}" ansible_become_user=mitogen__pw_required tt-become-pass ansible_become=true ansible_become_pass="{{ '{{' }} 'pw_required_password' | trim {{ '}}' }}" ansible_become_user=mitogen__pw_required
tt-become-user ansible_become=true ansible_become_user="{{ '{{' }} 'root' | trim {{ '}}' }}" tt-become-user ansible_become=true ansible_become_user="{{ '{{' }} 'root' | trim {{ '}}' }}"

Loading…
Cancel
Save