synchronize: fix to honor become_user when become_method sudo
SUMMARY
When become_method is sudo, the synchronize module ignores become_user, always running as root. This means one cannot create files as a target user, when they need to get in via a third user and can only sudo via that one. In my case, I'm connecting via a special provisioning user that has sudo privs, but I need to create the files as the become_user. I'm using it to deposit skeleton files, and there should be no reason to run another task with chown; after all, the documentation already describes the desired behavior:
The user and permissions for the synchronize dest are those of the remote_user on the destination host or the become_user if become=yes is active.
This patch takes the running become_user (if it's not None) and adds it to the sudo command with the -u command line option, so the file gets created correctly. I have tested this and it works.
Other become_methods are ignored, but they already were anyways (the code already has a TODO to add other methods, which we don't attempt in this patch)
Fixes#186
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
synchronize
ADDITIONAL INFORMATION
See reproduction in #186.
This appears to have been in place since ansible/ansible@811a906
Reviewed-by: Amin Vakil <info@aminvakil.com>
Reviewed-by: Sumit Jaiswal <sjaiswal@redhat.com>
Restructure integration tests for authorized_key module
SUMMARY
Split the large tasks/main.yml in integration tests to each function block and use import_tasks to import for them.
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
tests/integration/targets/authorized_key/
ADDITIONAL INFORMATION
None
* Address the issue #28
* Modified behavior to set noauto option if boot is 'no' on Linux system
* Modified integration test to use filesize module instead of dd
Signed-off-by: Hideki Saito <saito@fgrep.org>
The synchronize action plugin has a built-in list of connection
plugins that it knows how to handle.
One of those connection plugins is the docker connection plugin. And
because the docker content has been moved around quite a lot, the
docker connection plugin has quite a few names:
- docker in Ansible 2.9,
- community.general.docker for community.general < 2.0.0, and
- community.docker.docker since a few months ago.
And while the synchronize module already knew about the first two
names, the last one was still missing. This commit fixes that omission
and adds a third name into the mix.
* firewalld: add zone target set
Fixes https://github.com/ansible/ansible/issues/49232
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix sanity tests, add example of zone target setting
Signed-off-by: Adam Miller <admiller@redhat.com>
* test different zone/target combination as we're not hitting default settings
Signed-off-by: Adam Miller <admiller@redhat.com>
* fix enabled values for zone operations
Signed-off-by: Adam Miller <admiller@redhat.com>
* Apply suggestions from code review
Co-authored-by: Felix Fontein <felix@fontein.de>
Co-authored-by: Felix Fontein <felix@fontein.de>
