Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[WIP] [2.8] connection/docker: add support for privilege escalation #56277

Merged
merged 2 commits into from May 21, 2019

Conversation

Projects
None yet
4 participants
@felixfontein
Copy link
Contributor

commented May 9, 2019

SUMMARY

Backport of #55816 and #56288 to stable-2.8. Fixes privilege escalation for docker connection plugin if a passphrase is required.

CC @larsks

ISSUE TYPE
  • Bugfix Pull Request
COMPONENT NAME

lib/ansible/plugins/connection/docker.py

connection/docker: add privilege escalation support (#55816)
As described in #53385 (and #31759), the docker connection driver did
not support privilege escalation. This commit is a shameless
cut-and-paste of the privilege escalation support from the `local`
connection plugin into the `docker` plugin.

Closes: #53385
(cherry picked from commit 61e476b)
@ansibot

This comment has been minimized.

@felixfontein felixfontein changed the title [2.8] connection/docker: add support for privilege escalation [WIP] [2.8] connection/docker: add support for privilege escalation May 9, 2019

@ansibot ansibot added the WIP label May 9, 2019

for key, event in events:
if key.fileobj == p.stdout:
chunk = p.stdout.read()
break

This comment has been minimized.

Copy link
@felixfontein

felixfontein May 9, 2019

Author Contributor

I don't think this break should be there (and I guess I missed it in the original PR). It's not in local.py, either. @larsks where does it come from?

This comment has been minimized.

Copy link
@larsks

larsks May 9, 2019

Contributor

Huh, I haven't the foggiest idea. I didn't do any editing of that content that I recall. Funny that it works. I guess we submit a patch and fix it in the backports? Funny that everything still works. I wish this was all handled in one place...

This comment has been minimized.

Copy link
@felixfontein

felixfontein May 10, 2019

Author Contributor

I've created #56288 and will include it in this backport once it is merged.

Your stable-2.7 does not have this code included though...

@ansibot ansibot added the stale_ci label May 18, 2019

docker connection plugin: make privilege escalation code more similar…
… to local.py (#56288)

* Make more similar to local.py

* Fix typo.

(cherry picked from commit 708bda0)

@ansibot ansibot removed the stale_ci label May 19, 2019

@abadger abadger merged commit 3fbe6e9 into ansible:stable-2.8 May 21, 2019

1 check passed

Shippable Run 123508 status is SUCCESS.
Details
@abadger

This comment has been minimized.

Copy link
Member

commented May 21, 2019

Merged for 2.8.1

@felixfontein felixfontein deleted the felixfontein:backport/2.8/55816 branch May 21, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.