Refactor pbexpect string matches to submit become password

2024-11-02 01:21:21 +03:00 · 2015-04-03 13:57:33 -04:00 · 2015-04-03 13:57:33 -04:00 · b6e9382273
commit b6e9382273
parent 5ff7558cd3
1 changed files with 41 additions and 15 deletions
--- a/awx/main/tasks.py
+++ b/awx/main/tasks.py
@ -713,6 +713,12 @@ class RunJob(BaseTask):
        d[re.compile(r'^SUDO password.*:\s*?$', re.M)] = 'become_password'
        d[re.compile(r'^su password.*:\s*?$', re.M)] = 'become_password'
        d[re.compile(r'^SU password.*:\s*?$', re.M)] = 'become_password'
+        d[re.compile(r'^PBRUN password.*:\s*?$', re.M)] = 'become_password'
+        d[re.compile(r'^pbrun password.*:\s*?$', re.M)] = 'become_password'
+        d[re.compile(r'^PFEXEC password.*:\s*?$', re.M)] = 'become_password'
+        d[re.compile(r'^pfexec password.*:\s*?$', re.M)] = 'become_password'
+        d[re.compile(r'^RUNAS password.*:\s*?$', re.M)] = 'become_password'
+        d[re.compile(r'^runas password.*:\s*?$', re.M)] = 'become_password'                
        d[re.compile(r'^SSH password:\s*?$', re.M)] = 'ssh_password'
        d[re.compile(r'^Password:\s*?$', re.M)] = 'ssh_password'
        d[re.compile(r'^Vault password:\s*?$', re.M)] = 'vault_password'
@ -1173,7 +1179,7 @@ class RunAdHocCommand(BaseTask):
        passwords = super(RunAdHocCommand, self).build_passwords(ad_hoc_command, **kwargs)
        creds = ad_hoc_command.credential
        if creds:
-            for field in ('ssh_key_unlock', 'ssh_password', 'sudo_password', 'su_password'):
+            for field in ('ssh_key_unlock', 'ssh_password', 'become_password'):
                if field == 'ssh_password':
                    value = kwargs.get(field, decrypt_field(creds, 'password'))
                else:
@ -1221,8 +1227,11 @@ class RunAdHocCommand(BaseTask):
        ssh_username, sudo_username, su_username = '', '', ''
        if creds:
            ssh_username = kwargs.get('username', creds.username)
-            sudo_username = kwargs.get('sudo_username', creds.sudo_username)
-            su_username = kwargs.get('su_username', creds.su_username)
+            become_method = kwargs.get('become_method', creds.become_method)
+            become_username = kwargs.get('become_username', creds.become_username)
+        else:
+            become_method = None
+            become_username = ""
        # Always specify the normal SSH user as root by default.  Since this
        # task is normally running in the background under a service account,
        # it doesn't make sense to rely on ansible's default of using the
@ -1238,14 +1247,25 @@ class RunAdHocCommand(BaseTask):
            args.append('--ask-pass')
        # We only specify sudo/su user and password if explicitly given by the
        # credential.  Credential should never specify both sudo and su.
-        if su_username:
-            args.extend(['-R', su_username])
-        if 'su_password' in kwargs.get('passwords', {}):
-            args.append('--ask-su-pass')
-        if sudo_username:
-            args.extend(['-U', sudo_username])
-        if 'sudo_password' in kwargs.get('passwords', {}):
-            args.append('--ask-sudo-pass')
+        try:
+            if Version(kwargs['ansible_version']) < Version('1.9'):
+                if become_method and become_method == "sudo" and become_username != "":
+                    args.extend(['-U', become_username])
+                if become_method and become_method == "sudo" and "become_password" in kwargs.get("passwords", {}):
+                    args.append("--ask-sudo-pass")
+                if become_method and become_method == "su" and become_username != "":
+                    args.extend(['-R', become_username])
+                if become_method and become_method == "su" and "become_password" in kwargs.get("passwords", {}):
+                    args.append("--ask-su-pass")
+            else:
+                if become_method:
+                    args.extend(['--become-method', become_method])
+                if become_username:
+                    args.extend(['--become-user', become_username])
+                if 'become_password' in kwargs.get('passwords', {}):
+                    args.append('--ask-become-pass')
+        except ValueError:
+            pass
        if ad_hoc_command.privilege_escalation == 'sudo':
            args.append('--sudo')
        elif ad_hoc_command.privilege_escalation == 'su':
@ -1276,10 +1296,16 @@ class RunAdHocCommand(BaseTask):
        d = super(RunAdHocCommand, self).get_password_prompts()
        d[re.compile(r'^Enter passphrase for .*:\s*?$', re.M)] = 'ssh_key_unlock'
        d[re.compile(r'^Bad passphrase, try again for .*:\s*?$', re.M)] = ''
-        d[re.compile(r'^sudo password.*:\s*?$', re.M)] = 'sudo_password'
-        d[re.compile(r'^SUDO password.*:\s*?$', re.M)] = 'sudo_password'
-        d[re.compile(r'^su password.*:\s*?$', re.M)] = 'su_password'
-        d[re.compile(r'^SU password.*:\s*?$', re.M)] = 'su_password'
+        d[re.compile(r'^sudo password.*:\s*?$', re.M)] = 'become_password'
+        d[re.compile(r'^SUDO password.*:\s*?$', re.M)] = 'become_password'
+        d[re.compile(r'^su password.*:\s*?$', re.M)] = 'become_password'
+        d[re.compile(r'^SU password.*:\s*?$', re.M)] = 'become_password'
+        d[re.compile(r'^PBRUN password.*:\s*?$', re.M)] = 'become_password'
+        d[re.compile(r'^pbrun password.*:\s*?$', re.M)] = 'become_password'
+        d[re.compile(r'^PFEXEC password.*:\s*?$', re.M)] = 'become_password'
+        d[re.compile(r'^pfexec password.*:\s*?$', re.M)] = 'become_password'
+        d[re.compile(r'^RUNAS password.*:\s*?$', re.M)] = 'become_password'
+        d[re.compile(r'^runas password.*:\s*?$', re.M)] = 'become_password'                
        d[re.compile(r'^SSH password:\s*?$', re.M)] = 'ssh_password'
        d[re.compile(r'^Password:\s*?$', re.M)] = 'ssh_password'
        return d