If sudoing to a user other than root, the home directory of the original user is…

If sudoing to a user other than root, the home directory of the original user is very unlikely to be readable by the sudoed to user, so just use tmp. Data will be readable by others (briefly before deletion) but never writeable.

If sudoing to a user other than root, the home directory of the original user is…
If sudoing to a user other than root, the home directory of the original user is very unlikely to be readable by the sudoed to user, so just use tmp. Data will be readable by others (briefly before deletion) but never writeable.
fcdc281c · Michael DeHaan · aa40c5f3 · fcdc281c
Commit fcdc281c authored Jul 27, 2012 by Michael DeHaan
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 0 deletions

lib/ansible/runner/__init__.py
+2 -0

No files found.
--- a/lib/ansible/runner/__init__.py
+++ b/lib/ansible/runner/__init__.py
@@ -641,6 +641,8 @@ class Runner(object):
        basetmp = os.path.join(C.DEFAULT_REMOTE_TMP, basefile)
        if self.remote_user == 'root':
            basetmp = os.path.join('/var/tmp', basefile)
+        elif self.sudo and self.sudo_user != 'root':
+            basetmp = os.path.join('/tmp', basefile)

        cmd = 'mkdir -p %s' % basetmp
        if self.remote_user != 'root':