Commit SHA: 87b1cf45 that put temp files in `$HOME/.ansible` instead of `/home/<user>/.ansible` was producing a directory literally called `$HOME` (no expansion) with non-sudo remote execution. I'll take the blame for this one, as `ParamikoConnection.exec_command()` was not using the shell for non-sudo commands. This does sudo and non-sudo execution the same way, using the shell, so environment variables should get expanded.
The basic idea is sudo /bin/sh -c 'quoted_command'. We use Paramiko's low-level API to set a timeout, get a pseudo tty, execute sudo and the (shell quoted) command atomically, wait just until sudo is ready to accept the password before sending it down the pipe, and then return the command's stdout and stderr.
This should be faster, as there are no unneeded sleeps. There are no permissions issues reading the output. It will raise socket.timeout if the command takes too long. However, this is a per-read timeout, not a total execution timeout, so as long as the command is writing output and you are reading it, it will not time out.
Local and non-sudo commands remain unchanged, but should probably adopt a similar approach.
Since this is a significant change, it needs a lot of testing. Also, someone smarter than I should double-check the quoting and execution, since it is a security issue.
Merge the SortedOptParser bits and debug attribute commits into
localconnection.
Conflicts:
bin/ansible
lib/ansible/playbook.py
lib/ansible/runner.py
lib/ansible/utils.py
This creates a LocalConnection class for the case when operating on the
localhost. If the host, argument to Connection.connect(), matches
127.0.0.1, localhost, or the name of the host as returned by
os.uname()[1], Connection.connect() will opt to use LocalConnection
instead of ParamikoConnection. LocalConnection implements connect(),
exec_command(), put_file(), and close().