preliminary privlege escalation unification + pbrun

- become constants inherit existing sudo/su ones - become command line options, marked sudo/su as deprecated and moved sudo/su passwords to runas group - changed method signatures as privlege escalation is collapsed to become - added tests for su and become, diabled su for lack of support in local.py - updated playbook,play and task objects to become - added become to runner - added whoami test for become/sudo/su - added home override dir for plugins - removed useless method from ask pass - forced become pass to always be string also uses to_bytes - fixed fakerunner for tests - corrected reference in synchronize action plugin - added pfexec (needs testing) - removed unused sudo/su in runner init - removed deprecated info - updated pe tests to allow to run under sudo and not need root - normalized become options into a funciton to avoid duplication and inconsistencies - pushed suppored list to connection classs property - updated all connection plugins to latest 'become' pe - includes fixes from feedback (including typos) - added draft docs - stub of become_exe, leaving for future v2 fixes
2026-05-07 05:42:50 +00:00 · 2014-11-24 16:36:31 -05:00
parent 17c710e713
commit 5f6db0e164
45 changed files with 841 additions and 472 deletions
--- a/test/units/TestPlayVarsFiles.py
+++ b/test/units/TestPlayVarsFiles.py
@@ -41,6 +41,9 @@ class FakePlayBook(object):
        self.sudo_user = None
        self.su = None
        self.su_user = None
+        self.become  = None
+        self.become_method  = None
+        self.become_user = None
        self.transport = None
        self.only_tags = None
        self.skip_tags = None
--- a/test/units/TestSynchronize.py
+++ b/test/units/TestSynchronize.py
@@ -18,6 +18,9 @@ class FakeRunner(object):
        self.remote_user = None
        self.private_key_file = None
        self.check = False
+        self.become = False
+        self.become_method = False
+        self.become_user = False

    def _execute_module(self, conn, tmp, module_name, args,
        async_jid=None, async_module=None, async_limit=None, inject=None, 
@@ -76,7 +79,7 @@ class TestSynchronize(unittest.TestCase):
        """ verify the synchronize action plugin unsets and then sets sudo """ 

        runner = FakeRunner()
-        runner.sudo = True
+        runner.become = True
        runner.remote_user = "root"
        runner.transport = "ssh"
        conn = FakeConn()
@@ -97,7 +100,7 @@ class TestSynchronize(unittest.TestCase):
        assert runner.executed_complex_args == {'dest':'root@el6.lab.net:/tmp/bar',
                                                'src':'/tmp/foo',
                                                'rsync_path':'"sudo rsync"'}, "wrong args used"
-        assert runner.sudo == True, "sudo was not reset to True" 
+        assert runner.become == True, "sudo was not reset to True"


    def test_synchronize_action_local(self):
--- a/test/units/TestUtils.py
+++ b/test/units/TestUtils.py
@@ -498,7 +498,7 @@ class TestUtils(unittest.TestCase):
        self.assertEqual(len(cmd), 3)
        self.assertTrue('-u root' in cmd[0])
        self.assertTrue('-p "[sudo via ansible, key=' in cmd[0] and cmd[1].startswith('[sudo via ansible, key'))
-        self.assertTrue('echo SUDO-SUCCESS-' in cmd[0] and cmd[2].startswith('SUDO-SUCCESS-'))
+        self.assertTrue('echo BECOME-SUCCESS-' in cmd[0] and cmd[2].startswith('BECOME-SUCCESS-'))
        self.assertTrue('sudo -k' in cmd[0])

    def test_make_su_cmd(self):
@@ -506,7 +506,7 @@ class TestUtils(unittest.TestCase):
        self.assertTrue(isinstance(cmd, tuple))
        self.assertEqual(len(cmd), 3)
        self.assertTrue('root -c "/bin/sh' in cmd[0] or ' root -c /bin/sh' in cmd[0])
-        self.assertTrue('echo SUDO-SUCCESS-' in cmd[0] and cmd[2].startswith('SUDO-SUCCESS-'))
+        self.assertTrue('echo BECOME-SUCCESS-' in cmd[0] and cmd[2].startswith('BECOME-SUCCESS-'))

    def test_to_unicode(self):
        uni = ansible.utils.unicode.to_unicode(u'ansible')