1
0
mirror of https://github.com/ansible/awx.git synced 2024-10-31 23:51:09 +03:00

Fix to only specify sudo user if explicitly given by the credentials, so as not to force the playbook to require sudo privileges to run.

This commit is contained in:
Chris Church 2013-06-17 19:48:09 -04:00
parent 0dbb737f20
commit c9da8294df
2 changed files with 10 additions and 2 deletions

View File

@ -103,8 +103,11 @@ class RunJob(Task):
if creds:
ssh_username = kwargs.get('ssh_username', creds.ssh_username)
sudo_username = kwargs.get('sudo_username', creds.sudo_username)
# Always specify the normal SSH user as root by default. Since this
# task is normally running in the background under a service account,
# it doesn't make sense to rely on ansible-playbook's default of using
# the current user.
ssh_username = ssh_username or 'root'
sudo_username = sudo_username or 'root'
inventory_script = self.get_path_to('management', 'commands',
'acom_inventory.py')
args = ['ansible-playbook', '-i', inventory_script]
@ -113,6 +116,10 @@ class RunJob(Task):
args.extend(['-u', ssh_username])
if 'ssh_password' in kwargs.get('passwords', {}):
args.append('--ask-pass')
# However, we should only specify sudo user if explicitly given by the
# credentials, otherwise, the playbook will be forced to run using
# sudo, which may not always be the desired behavior.
if sudo_username:
args.extend(['-U', sudo_username])
if 'sudo_password' in kwargs.get('passwords', {}):
args.append('--ask-sudo-pass')

View File

@ -192,6 +192,7 @@ class RunJobTest(BaseCeleryTest):
def check_job_result(self, job, expected='successful', expect_stdout=True,
expect_traceback=False):
msg = 'job status is %s, expected %s' % (job.status, expected)
msg = '%s\nargs:\n%s' % (msg, job.job_args)
if job.result_traceback:
msg = '%s\ngot traceback:\n%s' % (msg, job.result_traceback)
if job.result_stdout: