a-c-m
/
community.general
mirror of https://github.com/ansible-collections/community.general.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

normalize docs in become plugins (#9452) 

* normalize docs in become plugins

Normalize doc blocks for plugins

* adjustments
pull/9431/head
Alexei Znamensky 2024-12-30 08:23:59 +13:00 committed by GitHub
parent 0bbc3eccd9
commit 29e3226718
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
10 changed files with 706 additions and 706 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

158
plugins/become/doas.py
View File

@ -5,86 +5,86 @@
from __future__ import (absolute_import, division, print_function) from __future__ import (absolute_import, division, print_function)
__metaclass__ = type __metaclass__ = type
DOCUMENTATION = ''' DOCUMENTATION = r"""
name: doas name: doas
short_description: Do As user short_description: Do As user
description:
- This become plugins allows your remote/login user to execute commands as another user using the C(doas) utility.
author: Ansible Core Team
options:
become_user:
description: User you 'become' to execute the task.
type: string
ini:
- section: privilege_escalation
key: become_user
- section: doas_become_plugin
key: user
vars:
- name: ansible_become_user
- name: ansible_doas_user
env:
- name: ANSIBLE_BECOME_USER
- name: ANSIBLE_DOAS_USER
become_exe:
description: C(doas) executable.
type: string
default: doas
ini:
- section: privilege_escalation
key: become_exe
- section: doas_become_plugin
key: executable
vars:
- name: ansible_become_exe
- name: ansible_doas_exe
env:
- name: ANSIBLE_BECOME_EXE
- name: ANSIBLE_DOAS_EXE
become_flags:
description: Options to pass to C(doas).
type: string
default: ''
ini:
- section: privilege_escalation
key: become_flags
- section: doas_become_plugin
key: flags
vars:
- name: ansible_become_flags
- name: ansible_doas_flags
env:
- name: ANSIBLE_BECOME_FLAGS
- name: ANSIBLE_DOAS_FLAGS
become_pass:
description: Password for C(doas) prompt.
type: string
required: false
vars:
- name: ansible_become_password
- name: ansible_become_pass
- name: ansible_doas_pass
env:
- name: ANSIBLE_BECOME_PASS
- name: ANSIBLE_DOAS_PASS
ini:
- section: doas_become_plugin
key: password
prompt_l10n:
description: description:
- This become plugins allows your remote/login user to execute commands as another user via the doas utility. - List of localized strings to match for prompt detection.
author: Ansible Core Team - If empty we will use the built in one.
options: type: list
become_user: elements: string
description: User you 'become' to execute the task. default: []
type: string ini:
ini: - section: doas_become_plugin
- section: privilege_escalation key: localized_prompts
key: become_user vars:
- section: doas_become_plugin - name: ansible_doas_prompt_l10n
key: user env:
vars: - name: ANSIBLE_DOAS_PROMPT_L10N
- name: ansible_become_user """
- name: ansible_doas_user
env:
- name: ANSIBLE_BECOME_USER
- name: ANSIBLE_DOAS_USER
become_exe:
description: Doas executable.
type: string
default: doas
ini:
- section: privilege_escalation
key: become_exe
- section: doas_become_plugin
key: executable
vars:
- name: ansible_become_exe
- name: ansible_doas_exe
env:
- name: ANSIBLE_BECOME_EXE
- name: ANSIBLE_DOAS_EXE
become_flags:
description: Options to pass to doas.
type: string
default: ''
ini:
- section: privilege_escalation
key: become_flags
- section: doas_become_plugin
key: flags
vars:
- name: ansible_become_flags
- name: ansible_doas_flags
env:
- name: ANSIBLE_BECOME_FLAGS
- name: ANSIBLE_DOAS_FLAGS
become_pass:
description: Password for doas prompt.
type: string
required: false
vars:
- name: ansible_become_password
- name: ansible_become_pass
- name: ansible_doas_pass
env:
- name: ANSIBLE_BECOME_PASS
- name: ANSIBLE_DOAS_PASS
ini:
- section: doas_become_plugin
key: password
prompt_l10n:
description:
- List of localized strings to match for prompt detection.
- If empty we will use the built in one.
type: list
elements: string
default: []
ini:
- section: doas_become_plugin
key: localized_prompts
vars:
- name: ansible_doas_prompt_l10n
env:
- name: ANSIBLE_DOAS_PROMPT_L10N
'''
import re import re

132
plugins/become/dzdo.py
View File

@ -5,72 +5,72 @@
from __future__ import (absolute_import, division, print_function) from __future__ import (absolute_import, division, print_function)
__metaclass__ = type __metaclass__ = type
DOCUMENTATION = ''' DOCUMENTATION = r"""
name: dzdo name: dzdo
short_description: Centrify's Direct Authorize short_description: Centrify's Direct Authorize
description: description:
- This become plugins allows your remote/login user to execute commands as another user via the dzdo utility. - This become plugins allows your remote/login user to execute commands as another user using the C(dzdo) utility.
author: Ansible Core Team author: Ansible Core Team
options: options:
become_user: become_user:
description: User you 'become' to execute the task. description: User you 'become' to execute the task.
type: string type: string
ini: ini:
- section: privilege_escalation - section: privilege_escalation
key: become_user key: become_user
- section: dzdo_become_plugin - section: dzdo_become_plugin
key: user key: user
vars: vars:
- name: ansible_become_user - name: ansible_become_user
- name: ansible_dzdo_user - name: ansible_dzdo_user
env: env:
- name: ANSIBLE_BECOME_USER - name: ANSIBLE_BECOME_USER
- name: ANSIBLE_DZDO_USER - name: ANSIBLE_DZDO_USER
become_exe: become_exe:
description: Dzdo executable. description: C(dzdo) executable.
type: string type: string
default: dzdo default: dzdo
ini: ini:
- section: privilege_escalation - section: privilege_escalation
key: become_exe key: become_exe
- section: dzdo_become_plugin - section: dzdo_become_plugin
key: executable key: executable
vars: vars:
- name: ansible_become_exe - name: ansible_become_exe
- name: ansible_dzdo_exe - name: ansible_dzdo_exe
env: env:
- name: ANSIBLE_BECOME_EXE - name: ANSIBLE_BECOME_EXE
- name: ANSIBLE_DZDO_EXE - name: ANSIBLE_DZDO_EXE
become_flags: become_flags:
description: Options to pass to dzdo. description: Options to pass to C(dzdo).
type: string type: string
default: -H -S -n default: -H -S -n
ini: ini:
- section: privilege_escalation - section: privilege_escalation
key: become_flags key: become_flags
- section: dzdo_become_plugin - section: dzdo_become_plugin
key: flags key: flags
vars: vars:
- name: ansible_become_flags - name: ansible_become_flags
- name: ansible_dzdo_flags - name: ansible_dzdo_flags
env: env:
- name: ANSIBLE_BECOME_FLAGS - name: ANSIBLE_BECOME_FLAGS
- name: ANSIBLE_DZDO_FLAGS - name: ANSIBLE_DZDO_FLAGS
become_pass: become_pass:
description: Options to pass to dzdo. description: Options to pass to C(dzdo).
type: string type: string
required: false required: false
vars: vars:
- name: ansible_become_password - name: ansible_become_password
- name: ansible_become_pass - name: ansible_become_pass
- name: ansible_dzdo_pass - name: ansible_dzdo_pass
env: env:
- name: ANSIBLE_BECOME_PASS - name: ANSIBLE_BECOME_PASS
- name: ANSIBLE_DZDO_PASS - name: ANSIBLE_DZDO_PASS
ini: ini:
- section: dzdo_become_plugin - section: dzdo_become_plugin
key: password key: password
''' """
from ansible.plugins.become import BecomeBase from ansible.plugins.become import BecomeBase

160
plugins/become/ksu.py
View File

@ -5,87 +5,87 @@
from __future__ import (absolute_import, division, print_function) from __future__ import (absolute_import, division, print_function)
__metaclass__ = type __metaclass__ = type
DOCUMENTATION = ''' DOCUMENTATION = r"""
name: ksu name: ksu
short_description: Kerberos substitute user short_description: Kerberos substitute user
description:
- This become plugins allows your remote/login user to execute commands as another user using the C(ksu) utility.
author: Ansible Core Team
options:
become_user:
description: User you 'become' to execute the task.
type: string
ini:
- section: privilege_escalation
key: become_user
- section: ksu_become_plugin
key: user
vars:
- name: ansible_become_user
- name: ansible_ksu_user
env:
- name: ANSIBLE_BECOME_USER
- name: ANSIBLE_KSU_USER
required: true
become_exe:
description: C(ksu) executable.
type: string
default: ksu
ini:
- section: privilege_escalation
key: become_exe
- section: ksu_become_plugin
key: executable
vars:
- name: ansible_become_exe
- name: ansible_ksu_exe
env:
- name: ANSIBLE_BECOME_EXE
- name: ANSIBLE_KSU_EXE
become_flags:
description: Options to pass to C(ksu).
type: string
default: ''
ini:
- section: privilege_escalation
key: become_flags
- section: ksu_become_plugin
key: flags
vars:
- name: ansible_become_flags
- name: ansible_ksu_flags
env:
- name: ANSIBLE_BECOME_FLAGS
- name: ANSIBLE_KSU_FLAGS
become_pass:
description: C(ksu) password.
type: string
required: false
vars:
- name: ansible_ksu_pass
- name: ansible_become_pass
- name: ansible_become_password
env:
- name: ANSIBLE_BECOME_PASS
- name: ANSIBLE_KSU_PASS
ini:
- section: ksu_become_plugin
key: password
prompt_l10n:
description: description:
- This become plugins allows your remote/login user to execute commands as another user via the ksu utility. - List of localized strings to match for prompt detection.
author: Ansible Core Team - If empty we will use the built in one.
options: type: list
become_user: elements: string
description: User you 'become' to execute the task. default: []
type: string ini:
ini: - section: ksu_become_plugin
- section: privilege_escalation key: localized_prompts
key: become_user vars:
- section: ksu_become_plugin - name: ansible_ksu_prompt_l10n
key: user env:
vars: - name: ANSIBLE_KSU_PROMPT_L10N
- name: ansible_become_user """
- name: ansible_ksu_user
env:
- name: ANSIBLE_BECOME_USER
- name: ANSIBLE_KSU_USER
required: true
become_exe:
description: Su executable.
type: string
default: ksu
ini:
- section: privilege_escalation
key: become_exe
- section: ksu_become_plugin
key: executable
vars:
- name: ansible_become_exe
- name: ansible_ksu_exe
env:
- name: ANSIBLE_BECOME_EXE
- name: ANSIBLE_KSU_EXE
become_flags:
description: Options to pass to ksu.
type: string
default: ''
ini:
- section: privilege_escalation
key: become_flags
- section: ksu_become_plugin
key: flags
vars:
- name: ansible_become_flags
- name: ansible_ksu_flags
env:
- name: ANSIBLE_BECOME_FLAGS
- name: ANSIBLE_KSU_FLAGS
become_pass:
description: Ksu password.
type: string
required: false
vars:
- name: ansible_ksu_pass
- name: ansible_become_pass
- name: ansible_become_password
env:
- name: ANSIBLE_BECOME_PASS
- name: ANSIBLE_KSU_PASS
ini:
- section: ksu_become_plugin
key: password
prompt_l10n:
description:
- List of localized strings to match for prompt detection.
- If empty we will use the built in one.
type: list
elements: string
default: []
ini:
- section: ksu_become_plugin
key: localized_prompts
vars:
- name: ansible_ksu_prompt_l10n
env:
- name: ANSIBLE_KSU_PROMPT_L10N
'''
import re import re

151
plugins/become/machinectl.py
View File

@ -5,91 +5,90 @@
from __future__ import (absolute_import, division, print_function) from __future__ import (absolute_import, division, print_function)
__metaclass__ = type __metaclass__ = type
DOCUMENTATION = ''' DOCUMENTATION = r"""
name: machinectl name: machinectl
short_description: Systemd's machinectl privilege escalation short_description: Systemd's machinectl privilege escalation
description: description:
- This become plugins allows your remote/login user to execute commands as another user via the machinectl utility. - This become plugins allows your remote/login user to execute commands as another user using the C(machinectl) utility.
author: Ansible Core Team author: Ansible Core Team
options: options:
become_user: become_user:
description: User you 'become' to execute the task. description: User you 'become' to execute the task.
type: string type: string
default: '' default: ''
ini: ini:
- section: privilege_escalation - section: privilege_escalation
key: become_user key: become_user
- section: machinectl_become_plugin - section: machinectl_become_plugin
key: user key: user
vars: vars:
- name: ansible_become_user - name: ansible_become_user
- name: ansible_machinectl_user - name: ansible_machinectl_user
env: env:
- name: ANSIBLE_BECOME_USER - name: ANSIBLE_BECOME_USER
- name: ANSIBLE_MACHINECTL_USER - name: ANSIBLE_MACHINECTL_USER
become_exe: become_exe:
description: Machinectl executable. description: C(machinectl) executable.
type: string type: string
default: machinectl default: machinectl
ini: ini:
- section: privilege_escalation - section: privilege_escalation
key: become_exe key: become_exe
- section: machinectl_become_plugin - section: machinectl_become_plugin
key: executable key: executable
vars: vars:
- name: ansible_become_exe - name: ansible_become_exe
- name: ansible_machinectl_exe - name: ansible_machinectl_exe
env: env:
- name: ANSIBLE_BECOME_EXE - name: ANSIBLE_BECOME_EXE
- name: ANSIBLE_MACHINECTL_EXE - name: ANSIBLE_MACHINECTL_EXE
become_flags: become_flags:
description: Options to pass to machinectl. description: Options to pass to C(machinectl).
type: string type: string
default: '' default: ''
ini: ini:
- section: privilege_escalation - section: privilege_escalation
key: become_flags key: become_flags
- section: machinectl_become_plugin - section: machinectl_become_plugin
key: flags key: flags
vars: vars:
- name: ansible_become_flags - name: ansible_become_flags
- name: ansible_machinectl_flags - name: ansible_machinectl_flags
env: env:
- name: ANSIBLE_BECOME_FLAGS - name: ANSIBLE_BECOME_FLAGS
- name: ANSIBLE_MACHINECTL_FLAGS - name: ANSIBLE_MACHINECTL_FLAGS
become_pass: become_pass:
description: Password for machinectl. description: Password for C(machinectl).
type: string type: string
required: false required: false
vars: vars:
- name: ansible_become_password - name: ansible_become_password
- name: ansible_become_pass - name: ansible_become_pass
- name: ansible_machinectl_pass - name: ansible_machinectl_pass
env: env:
- name: ANSIBLE_BECOME_PASS - name: ANSIBLE_BECOME_PASS
- name: ANSIBLE_MACHINECTL_PASS - name: ANSIBLE_MACHINECTL_PASS
ini: ini:
- section: machinectl_become_plugin - section: machinectl_become_plugin
key: password key: password
notes: notes:
- When not using this plugin with user V(root), it only works correctly with a polkit rule which will alter - When not using this plugin with user V(root), it only works correctly with a polkit rule which will alter the behaviour
the behaviour of machinectl. This rule must alter the prompt behaviour to ask directly for the user credentials, of machinectl. This rule must alter the prompt behaviour to ask directly for the user credentials, if the user is allowed
if the user is allowed to perform the action (take a look at the examples section). to perform the action (take a look at the examples section). If such a rule is not present the plugin only work if it
If such a rule is not present the plugin only work if it is used in context with the root user, is used in context with the root user, because then no further prompt will be shown by machinectl.
because then no further prompt will be shown by machinectl. """
'''
EXAMPLES = r''' EXAMPLES = r"""
# A polkit rule needed to use the module with a non-root user. # A polkit rule needed to use the module with a non-root user.
# See the Notes section for details. # See the Notes section for details.
/etc/polkit-1/rules.d/60-machinectl-fast-user-auth.rules: | /etc/polkit-1/rules.d/60-machinectl-fast-user-auth.rules: |-
polkit.addRule(function(action, subject) { polkit.addRule(function(action, subject) {
if(action.id == "org.freedesktop.machine1.host-shell" && if(action.id == "org.freedesktop.machine1.host-shell" &&
subject.isInGroup("wheel")) { subject.isInGroup("wheel")) {
return polkit.Result.AUTH_SELF_KEEP; return polkit.Result.AUTH_SELF_KEEP;
} }
}); });
''' """
from re import compile as re_compile from re import compile as re_compile

156
plugins/become/pbrun.py
View File

@ -5,84 +5,84 @@
from __future__ import (absolute_import, division, print_function) from __future__ import (absolute_import, division, print_function)
__metaclass__ = type __metaclass__ = type
DOCUMENTATION = ''' DOCUMENTATION = r"""
name: pbrun name: pbrun
short_description: PowerBroker run short_description: PowerBroker run
description: description:
- This become plugins allows your remote/login user to execute commands as another user via the pbrun utility. - This become plugins allows your remote/login user to execute commands as another user using the C(pbrun) utility.
author: Ansible Core Team author: Ansible Core Team
options: options:
become_user: become_user:
description: User you 'become' to execute the task. description: User you 'become' to execute the task.
type: string type: string
default: '' default: ''
ini: ini:
- section: privilege_escalation - section: privilege_escalation
key: become_user key: become_user
- section: pbrun_become_plugin - section: pbrun_become_plugin
key: user key: user
vars: vars:
- name: ansible_become_user - name: ansible_become_user
- name: ansible_pbrun_user - name: ansible_pbrun_user
env: env:
- name: ANSIBLE_BECOME_USER - name: ANSIBLE_BECOME_USER
- name: ANSIBLE_PBRUN_USER - name: ANSIBLE_PBRUN_USER
become_exe: become_exe:
description: Sudo executable. description: C(pbrun) executable.
type: string type: string
default: pbrun default: pbrun
ini: ini:
- section: privilege_escalation - section: privilege_escalation
key: become_exe key: become_exe
- section: pbrun_become_plugin - section: pbrun_become_plugin
key: executable key: executable
vars: vars:
- name: ansible_become_exe - name: ansible_become_exe
- name: ansible_pbrun_exe - name: ansible_pbrun_exe
env: env:
- name: ANSIBLE_BECOME_EXE - name: ANSIBLE_BECOME_EXE
- name: ANSIBLE_PBRUN_EXE - name: ANSIBLE_PBRUN_EXE
become_flags: become_flags:
description: Options to pass to pbrun. description: Options to pass to C(pbrun).
type: string type: string
default: '' default: ''
ini: ini:
- section: privilege_escalation - section: privilege_escalation
key: become_flags key: become_flags
- section: pbrun_become_plugin - section: pbrun_become_plugin
key: flags key: flags
vars: vars:
- name: ansible_become_flags - name: ansible_become_flags
- name: ansible_pbrun_flags - name: ansible_pbrun_flags
env: env:
- name: ANSIBLE_BECOME_FLAGS - name: ANSIBLE_BECOME_FLAGS
- name: ANSIBLE_PBRUN_FLAGS - name: ANSIBLE_PBRUN_FLAGS
become_pass: become_pass:
description: Password for pbrun. description: Password for C(pbrun).
type: string type: string
required: false required: false
vars: vars:
- name: ansible_become_password - name: ansible_become_password
- name: ansible_become_pass - name: ansible_become_pass
- name: ansible_pbrun_pass - name: ansible_pbrun_pass
env: env:
- name: ANSIBLE_BECOME_PASS - name: ANSIBLE_BECOME_PASS
- name: ANSIBLE_PBRUN_PASS - name: ANSIBLE_PBRUN_PASS
ini: ini:
- section: pbrun_become_plugin - section: pbrun_become_plugin
key: password key: password
wrap_exe: wrap_exe:
description: Toggle to wrap the command pbrun calls in C(shell -c) or not. description: Toggle to wrap the command C(pbrun) calls in C(shell -c) or not.
default: false default: false
type: bool type: bool
ini: ini:
- section: pbrun_become_plugin - section: pbrun_become_plugin
key: wrap_execution key: wrap_execution
vars: vars:
- name: ansible_pbrun_wrap_execution - name: ansible_pbrun_wrap_execution
env: env:
- name: ANSIBLE_PBRUN_WRAP_EXECUTION - name: ANSIBLE_PBRUN_WRAP_EXECUTION
''' """
from ansible.plugins.become import BecomeBase from ansible.plugins.become import BecomeBase

164
plugins/become/pfexec.py
View File

@ -5,89 +5,89 @@
from __future__ import (absolute_import, division, print_function) from __future__ import (absolute_import, division, print_function)
__metaclass__ = type __metaclass__ = type
DOCUMENTATION = ''' DOCUMENTATION = r"""
name: pfexec name: pfexec
short_description: profile based execution short_description: profile based execution
description:
- This become plugins allows your remote/login user to execute commands as another user using the C(pfexec) utility.
author: Ansible Core Team
options:
become_user:
description: description:
- This become plugins allows your remote/login user to execute commands as another user via the pfexec utility. - User you 'become' to execute the task.
author: Ansible Core Team - This plugin ignores this setting as pfexec uses its own C(exec_attr) to figure this out, but it is supplied here
options: for Ansible to make decisions needed for the task execution, like file permissions.
become_user: type: string
description: default: root
- User you 'become' to execute the task. ini:
- This plugin ignores this setting as pfexec uses its own C(exec_attr) to figure this out, - section: privilege_escalation
but it is supplied here for Ansible to make decisions needed for the task execution, like file permissions. key: become_user
type: string - section: pfexec_become_plugin
default: root key: user
ini: vars:
- section: privilege_escalation - name: ansible_become_user
key: become_user - name: ansible_pfexec_user
- section: pfexec_become_plugin env:
key: user - name: ANSIBLE_BECOME_USER
vars: - name: ANSIBLE_PFEXEC_USER
- name: ansible_become_user become_exe:
- name: ansible_pfexec_user description: C(pfexec) executable.
env: type: string
- name: ANSIBLE_BECOME_USER default: pfexec
- name: ANSIBLE_PFEXEC_USER ini:
become_exe: - section: privilege_escalation
description: Sudo executable. key: become_exe
type: string - section: pfexec_become_plugin
default: pfexec key: executable
ini: vars:
- section: privilege_escalation - name: ansible_become_exe
key: become_exe - name: ansible_pfexec_exe
- section: pfexec_become_plugin env:
key: executable - name: ANSIBLE_BECOME_EXE
vars: - name: ANSIBLE_PFEXEC_EXE
- name: ansible_become_exe become_flags:
- name: ansible_pfexec_exe description: Options to pass to C(pfexec).
env: type: string
- name: ANSIBLE_BECOME_EXE default: -H -S -n
- name: ANSIBLE_PFEXEC_EXE ini:
become_flags: - section: privilege_escalation
description: Options to pass to pfexec. key: become_flags
type: string - section: pfexec_become_plugin
default: -H -S -n key: flags
ini: vars:
- section: privilege_escalation - name: ansible_become_flags
key: become_flags - name: ansible_pfexec_flags
- section: pfexec_become_plugin env:
key: flags - name: ANSIBLE_BECOME_FLAGS
vars: - name: ANSIBLE_PFEXEC_FLAGS
- name: ansible_become_flags become_pass:
- name: ansible_pfexec_flags description: C(pfexec) password.
env: type: string
- name: ANSIBLE_BECOME_FLAGS required: false
- name: ANSIBLE_PFEXEC_FLAGS vars:
become_pass: - name: ansible_become_password
description: pfexec password. - name: ansible_become_pass
type: string - name: ansible_pfexec_pass
required: false env:
vars: - name: ANSIBLE_BECOME_PASS
- name: ansible_become_password - name: ANSIBLE_PFEXEC_PASS
- name: ansible_become_pass ini:
- name: ansible_pfexec_pass - section: pfexec_become_plugin
env: key: password
- name: ANSIBLE_BECOME_PASS wrap_exe:
- name: ANSIBLE_PFEXEC_PASS description: Toggle to wrap the command C(pfexec) calls in C(shell -c) or not.
ini: default: false
- section: pfexec_become_plugin type: bool
key: password ini:
wrap_exe: - section: pfexec_become_plugin
description: Toggle to wrap the command pfexec calls in C(shell -c) or not. key: wrap_execution
default: false vars:
type: bool - name: ansible_pfexec_wrap_execution
ini: env:
- section: pfexec_become_plugin - name: ANSIBLE_PFEXEC_WRAP_EXECUTION
key: wrap_execution notes:
vars: - This plugin ignores O(become_user) as pfexec uses its own C(exec_attr) to figure this out.
- name: ansible_pfexec_wrap_execution """
env:
- name: ANSIBLE_PFEXEC_WRAP_EXECUTION
notes:
- This plugin ignores O(become_user) as pfexec uses its own C(exec_attr) to figure this out.
'''
from ansible.plugins.become import BecomeBase from ansible.plugins.become import BecomeBase

108
plugins/become/pmrun.py
View File

@ -5,60 +5,60 @@
from __future__ import (absolute_import, division, print_function) from __future__ import (absolute_import, division, print_function)
__metaclass__ = type __metaclass__ = type
DOCUMENTATION = ''' DOCUMENTATION = r"""
name: pmrun name: pmrun
short_description: Privilege Manager run short_description: Privilege Manager run
description: description:
- This become plugins allows your remote/login user to execute commands as another user via the pmrun utility. - This become plugins allows your remote/login user to execute commands as another user using the C(pmrun) utility.
author: Ansible Core Team author: Ansible Core Team
options: options:
become_exe: become_exe:
description: Sudo executable description: C(pmrun) executable.
type: string type: string
default: pmrun default: pmrun
ini: ini:
- section: privilege_escalation - section: privilege_escalation
key: become_exe key: become_exe
- section: pmrun_become_plugin - section: pmrun_become_plugin
key: executable key: executable
vars: vars:
- name: ansible_become_exe - name: ansible_become_exe
- name: ansible_pmrun_exe - name: ansible_pmrun_exe
env: env:
- name: ANSIBLE_BECOME_EXE - name: ANSIBLE_BECOME_EXE
- name: ANSIBLE_PMRUN_EXE - name: ANSIBLE_PMRUN_EXE
become_flags: become_flags:
description: Options to pass to pmrun. description: Options to pass to C(pmrun).
type: string type: string
default: '' default: ''
ini: ini:
- section: privilege_escalation - section: privilege_escalation
key: become_flags key: become_flags
- section: pmrun_become_plugin - section: pmrun_become_plugin
key: flags key: flags
vars: vars:
- name: ansible_become_flags - name: ansible_become_flags
- name: ansible_pmrun_flags - name: ansible_pmrun_flags
env: env:
- name: ANSIBLE_BECOME_FLAGS - name: ANSIBLE_BECOME_FLAGS
- name: ANSIBLE_PMRUN_FLAGS - name: ANSIBLE_PMRUN_FLAGS
become_pass: become_pass:
description: pmrun password. description: C(pmrun) password.
type: string type: string
required: false required: false
vars: vars:
- name: ansible_become_password - name: ansible_become_password
- name: ansible_become_pass - name: ansible_become_pass
- name: ansible_pmrun_pass - name: ansible_pmrun_pass
env: env:
- name: ANSIBLE_BECOME_PASS - name: ANSIBLE_BECOME_PASS
- name: ANSIBLE_PMRUN_PASS - name: ANSIBLE_PMRUN_PASS
ini: ini:
- section: pmrun_become_plugin - section: pmrun_become_plugin
key: password key: password
notes: notes:
- This plugin ignores the become_user supplied and uses pmrun's own configuration to select the user. - This plugin ignores the C(become_user) supplied and uses C(pmrun)'s own configuration to select the user.
''' """
from ansible.plugins.become import BecomeBase from ansible.plugins.become import BecomeBase
from ansible.module_utils.six.moves import shlex_quote from ansible.module_utils.six.moves import shlex_quote

114
plugins/become/run0.py
View File

@ -7,68 +7,68 @@ from __future__ import absolute_import, division, print_function
__metaclass__ = type __metaclass__ = type
DOCUMENTATION = """ DOCUMENTATION = r"""
name: run0 name: run0
short_description: Systemd's run0 short_description: Systemd's run0
description: description:
- This become plugins allows your remote/login user to execute commands as another user via the C(run0) utility. - This become plugins allows your remote/login user to execute commands as another user using the C(run0) utility.
author: author:
- Thomas Sjögren (@konstruktoid) - Thomas Sjögren (@konstruktoid)
version_added: '9.0.0' version_added: '9.0.0'
options: options:
become_user: become_user:
description: User you 'become' to execute the task. description: User you 'become' to execute the task.
default: root default: root
ini: ini:
- section: privilege_escalation - section: privilege_escalation
key: become_user key: become_user
- section: run0_become_plugin - section: run0_become_plugin
key: user key: user
vars: vars:
- name: ansible_become_user - name: ansible_become_user
- name: ansible_run0_user - name: ansible_run0_user
env: env:
- name: ANSIBLE_BECOME_USER - name: ANSIBLE_BECOME_USER
- name: ANSIBLE_RUN0_USER - name: ANSIBLE_RUN0_USER
type: string type: string
become_exe: become_exe:
description: The C(run0) executable. description: C(run0) executable.
default: run0 default: run0
ini: ini:
- section: privilege_escalation - section: privilege_escalation
key: become_exe key: become_exe
- section: run0_become_plugin - section: run0_become_plugin
key: executable key: executable
vars: vars:
- name: ansible_become_exe - name: ansible_become_exe
- name: ansible_run0_exe - name: ansible_run0_exe
env: env:
- name: ANSIBLE_BECOME_EXE - name: ANSIBLE_BECOME_EXE
- name: ANSIBLE_RUN0_EXE - name: ANSIBLE_RUN0_EXE
type: string type: string
become_flags: become_flags:
description: Options to pass to run0. description: Options to pass to C(run0).
default: '' default: ''
ini: ini:
- section: privilege_escalation - section: privilege_escalation
key: become_flags key: become_flags
- section: run0_become_plugin - section: run0_become_plugin
key: flags key: flags
vars: vars:
- name: ansible_become_flags - name: ansible_become_flags
- name: ansible_run0_flags - name: ansible_run0_flags
env: env:
- name: ANSIBLE_BECOME_FLAGS - name: ANSIBLE_BECOME_FLAGS
- name: ANSIBLE_RUN0_FLAGS - name: ANSIBLE_RUN0_FLAGS
type: string type: string
notes: notes:
- This plugin will only work when a polkit rule is in place. - This plugin will only work when a C(polkit) rule is in place.
""" """
EXAMPLES = r""" EXAMPLES = r"""
# An example polkit rule that allows the user 'ansible' in the 'wheel' group # An example polkit rule that allows the user 'ansible' in the 'wheel' group
# to execute commands using run0 without authentication. # to execute commands using run0 without authentication.
/etc/polkit-1/rules.d/60-run0-fast-user-auth.rules: | /etc/polkit-1/rules.d/60-run0-fast-user-auth.rules: |-
polkit.addRule(function(action, subject) { polkit.addRule(function(action, subject) {
if(action.id == "org.freedesktop.systemd1.manage-units" && if(action.id == "org.freedesktop.systemd1.manage-units" &&
subject.isInGroup("wheel") && subject.isInGroup("wheel") &&

134
plugins/become/sesu.py
View File

@ -5,73 +5,73 @@
from __future__ import (absolute_import, division, print_function) from __future__ import (absolute_import, division, print_function)
__metaclass__ = type __metaclass__ = type
DOCUMENTATION = ''' DOCUMENTATION = r"""
name: sesu name: sesu
short_description: CA Privileged Access Manager short_description: CA Privileged Access Manager
description: description:
- This become plugins allows your remote/login user to execute commands as another user via the sesu utility. - This become plugins allows your remote/login user to execute commands as another user using the C(sesu) utility.
author: ansible (@nekonyuu) author: ansible (@nekonyuu)
options: options:
become_user: become_user:
description: User you 'become' to execute the task. description: User you 'become' to execute the task.
type: string type: string
default: '' default: ''
ini: ini:
- section: privilege_escalation - section: privilege_escalation
key: become_user key: become_user
- section: sesu_become_plugin - section: sesu_become_plugin
key: user key: user
vars: vars:
- name: ansible_become_user - name: ansible_become_user
- name: ansible_sesu_user - name: ansible_sesu_user
env: env:
- name: ANSIBLE_BECOME_USER - name: ANSIBLE_BECOME_USER
- name: ANSIBLE_SESU_USER - name: ANSIBLE_SESU_USER
become_exe: become_exe:
description: sesu executable. description: C(sesu) executable.
type: string type: string
default: sesu default: sesu
ini: ini:
- section: privilege_escalation - section: privilege_escalation
key: become_exe key: become_exe
- section: sesu_become_plugin - section: sesu_become_plugin
key: executable key: executable
vars: vars:
- name: ansible_become_exe - name: ansible_become_exe
- name: ansible_sesu_exe - name: ansible_sesu_exe
env: env:
- name: ANSIBLE_BECOME_EXE - name: ANSIBLE_BECOME_EXE
- name: ANSIBLE_SESU_EXE - name: ANSIBLE_SESU_EXE
become_flags: become_flags:
description: Options to pass to sesu. description: Options to pass to C(sesu).
type: string type: string
default: -H -S -n default: -H -S -n
ini: ini:
- section: privilege_escalation - section: privilege_escalation
key: become_flags key: become_flags
- section: sesu_become_plugin - section: sesu_become_plugin
key: flags key: flags
vars: vars:
- name: ansible_become_flags - name: ansible_become_flags
- name: ansible_sesu_flags - name: ansible_sesu_flags
env: env:
- name: ANSIBLE_BECOME_FLAGS - name: ANSIBLE_BECOME_FLAGS
- name: ANSIBLE_SESU_FLAGS - name: ANSIBLE_SESU_FLAGS
become_pass: become_pass:
description: Password to pass to sesu. description: Password to pass to C(sesu).
type: string type: string
required: false required: false
vars: vars:
- name: ansible_become_password - name: ansible_become_password
- name: ansible_become_pass - name: ansible_become_pass
- name: ansible_sesu_pass - name: ansible_sesu_pass
env: env:
- name: ANSIBLE_BECOME_PASS - name: ANSIBLE_BECOME_PASS
- name: ANSIBLE_SESU_PASS - name: ANSIBLE_SESU_PASS
ini: ini:
- section: sesu_become_plugin - section: sesu_become_plugin
key: password key: password
''' """
from ansible.plugins.become import BecomeBase from ansible.plugins.become import BecomeBase

135
plugins/become/sudosu.py
View File

@ -5,74 +5,75 @@
from __future__ import (absolute_import, division, print_function) from __future__ import (absolute_import, division, print_function)
__metaclass__ = type __metaclass__ = type
DOCUMENTATION = """ DOCUMENTATION = r"""
name: sudosu name: sudosu
short_description: Run tasks using sudo su - short_description: Run tasks using sudo su -
description:
- This become plugin allows your remote/login user to execute commands as another user using the C(sudo) and C(su) utilities
combined.
author:
- Dag Wieers (@dagwieers)
version_added: 2.4.0
options:
become_user:
description: User you 'become' to execute the task.
type: string
default: root
ini:
- section: privilege_escalation
key: become_user
- section: sudo_become_plugin
key: user
vars:
- name: ansible_become_user
- name: ansible_sudo_user
env:
- name: ANSIBLE_BECOME_USER
- name: ANSIBLE_SUDO_USER
become_flags:
description: Options to pass to C(sudo).
type: string
default: -H -S -n
ini:
- section: privilege_escalation
key: become_flags
- section: sudo_become_plugin
key: flags
vars:
- name: ansible_become_flags
- name: ansible_sudo_flags
env:
- name: ANSIBLE_BECOME_FLAGS
- name: ANSIBLE_SUDO_FLAGS
become_pass:
description: Password to pass to C(sudo).
type: string
required: false
vars:
- name: ansible_become_password
- name: ansible_become_pass
- name: ansible_sudo_pass
env:
- name: ANSIBLE_BECOME_PASS
- name: ANSIBLE_SUDO_PASS
ini:
- section: sudo_become_plugin
key: password
alt_method:
description: description:
- This become plugin allows your remote/login user to execute commands as another user via the C(sudo) and C(su) utilities combined. - Whether to use an alternative method to call C(su). Instead of running C(su -l user /path/to/shell -c command), it
author: runs C(su -l user -c command).
- Dag Wieers (@dagwieers) - Use this when the default one is not working on your system.
version_added: 2.4.0 required: false
options: type: boolean
become_user: ini:
description: User you 'become' to execute the task. - section: community.general.sudosu
type: string key: alternative_method
default: root vars:
ini: - name: ansible_sudosu_alt_method
- section: privilege_escalation env:
key: become_user - name: ANSIBLE_SUDOSU_ALT_METHOD
- section: sudo_become_plugin version_added: 9.2.0
key: user
vars:
- name: ansible_become_user
- name: ansible_sudo_user
env:
- name: ANSIBLE_BECOME_USER
- name: ANSIBLE_SUDO_USER
become_flags:
description: Options to pass to C(sudo).
type: string
default: -H -S -n
ini:
- section: privilege_escalation
key: become_flags
- section: sudo_become_plugin
key: flags
vars:
- name: ansible_become_flags
- name: ansible_sudo_flags
env:
- name: ANSIBLE_BECOME_FLAGS
- name: ANSIBLE_SUDO_FLAGS
become_pass:
description: Password to pass to C(sudo).
type: string
required: false
vars:
- name: ansible_become_password
- name: ansible_become_pass
- name: ansible_sudo_pass
env:
- name: ANSIBLE_BECOME_PASS
- name: ANSIBLE_SUDO_PASS
ini:
- section: sudo_become_plugin
key: password
alt_method:
description:
- Whether to use an alternative method to call C(su). Instead of running C(su -l user /path/to/shell -c command),
it runs C(su -l user -c command).
- Use this when the default one is not working on your system.
required: false
type: boolean
ini:
- section: community.general.sudosu
key: alternative_method
vars:
- name: ansible_sudosu_alt_method
env:
- name: ANSIBLE_SUDOSU_ALT_METHOD
version_added: 9.2.0
""" """