wbrawner/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

If sudoing to a user other than root, the home directory of the original user is very unlikely to be readable by the

Browse source 
sudoed to user, so just use tmp.  Data will be readable by others (briefly before deletion) but never writeable.
This commit is contained in:
Michael DeHaan 2012-07-27 20:53:50 -04:00
parent aa40c5f3b3
commit fcdc281c28
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
lib/ansible/runner/__init__.py
View file

@ -641,6 +641,8 @@ class Runner(object):
basetmp = os.path.join(C.DEFAULT_REMOTE_TMP, basefile)
if self.remote_user == 'root':
basetmp = os.path.join('/var/tmp', basefile)
elif self.sudo and self.sudo_user != 'root':
basetmp = os.path.join('/tmp', basefile)
cmd = 'mkdir -p %s' % basetmp
if self.remote_user != 'root':