From 23a0468a4b1078bc94f1b68f6993755c7b48ed3d Mon Sep 17 00:00:00 2001 From: aresch Date: Wed, 5 Mar 2014 16:25:42 -0800 Subject: [PATCH 1/2] Fix respecting remote_tmp when sudo is used --- lib/ansible/runner/__init__.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/ansible/runner/__init__.py b/lib/ansible/runner/__init__.py index 7bbc9e372e..c09670970b 100644 --- a/lib/ansible/runner/__init__.py +++ b/lib/ansible/runner/__init__.py @@ -986,11 +986,11 @@ class Runner(object): basefile = 'ansible-tmp-%s-%s' % (time.time(), random.randint(0, 2**48)) basetmp = os.path.join(C.DEFAULT_REMOTE_TMP, basefile) - if (self.sudo or self.su) and (self.sudo_user != 'root' or self.su != 'root') and basetmp.startswith('$HOME'): + if (self.sudo or self.su) and (self.sudo_user != 'root' or self.su_user != 'root') and basetmp.startswith('$HOME'): basetmp = os.path.join('/tmp', basefile) cmd = 'mkdir -p %s' % basetmp - if self.remote_user != 'root' or ((self.sudo or self.su) and (self.sudo_user != 'root' or self.su != 'root')): + if self.remote_user != 'root' or ((self.sudo or self.su) and (self.sudo_user != 'root' or self.su_user != 'root')): cmd += ' && chmod a+rx %s' % basetmp cmd += ' && echo %s' % basetmp From 4d80019ac8c390f10405609a47a752759afa5d27 Mon Sep 17 00:00:00 2001 From: Andrew Resch Date: Thu, 6 Mar 2014 10:24:16 -0800 Subject: [PATCH 2/2] Fix logic checking for both sudo and su, and their respective users --- lib/ansible/runner/__init__.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/lib/ansible/runner/__init__.py b/lib/ansible/runner/__init__.py index c09670970b..1f2ca7f141 100644 --- a/lib/ansible/runner/__init__.py +++ b/lib/ansible/runner/__init__.py @@ -415,7 +415,7 @@ class Runner(object): environment_string = self._compute_environment_string(inject) - if tmp.find("tmp") != -1 and (self.sudo or self.su) and (self.sudo_user != 'root' or self.su_user != 'root'): + if tmp.find("tmp") != -1 and (self.sudo and self.sudo_user != 'root') or (self.su and self.su_user != 'root'): # deal with possible umask issues once sudo'ed to other user cmd_chmod = "chmod a+r %s" % remote_module_path self._low_level_exec_command(conn, cmd_chmod, tmp, sudoable=False) @@ -444,7 +444,7 @@ class Runner(object): else: argsfile = self._transfer_str(conn, tmp, 'arguments', args) - if (self.sudo or self.su) and (self.sudo_user != 'root' or self.su_user != 'root'): + if (self.sudo and self.sudo_user != 'root') or (self.su and self.su_user != 'root'): # deal with possible umask issues once sudo'ed to other user cmd_args_chmod = "chmod a+r %s" % argsfile self._low_level_exec_command(conn, cmd_args_chmod, tmp, sudoable=False) @@ -486,7 +486,7 @@ class Runner(object): res = self._low_level_exec_command(conn, cmd, tmp, sudoable=sudoable, in_data=in_data) if tmp.find("tmp") != -1 and not C.DEFAULT_KEEP_REMOTE_FILES and not persist_files and delete_remote_tmp: - if (self.sudo or self.su) and (self.sudo_user != 'root' or self.su_user != 'root'): + if (self.sudo and self.sudo_user != 'root') or (self.su and self.su_user != 'root'): # not sudoing to root, so maybe can't delete files as that other user # have to clean up temp files as original user in a second step cmd2 = "rm -rf %s >/dev/null 2>&1" % tmp @@ -986,11 +986,11 @@ class Runner(object): basefile = 'ansible-tmp-%s-%s' % (time.time(), random.randint(0, 2**48)) basetmp = os.path.join(C.DEFAULT_REMOTE_TMP, basefile) - if (self.sudo or self.su) and (self.sudo_user != 'root' or self.su_user != 'root') and basetmp.startswith('$HOME'): + if (self.sudo and self.sudo_user != 'root') or (self.su and self.su_user != 'root') and basetmp.startswith('$HOME'): basetmp = os.path.join('/tmp', basefile) cmd = 'mkdir -p %s' % basetmp - if self.remote_user != 'root' or ((self.sudo or self.su) and (self.sudo_user != 'root' or self.su_user != 'root')): + if self.remote_user != 'root' or ((self.sudo and self.sudo_user != 'root') or (self.su and self.su_user != 'root')): cmd += ' && chmod a+rx %s' % basetmp cmd += ' && echo %s' % basetmp