[PR #9659/06df717b backport][stable-10] lxd_connection: Allow non-root users to connect to an instance #9751
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![patchback[bot]](https://avatars.githubusercontent.com/in/21488?s=60&v=4){kind=small}
* fix: add support for non-root user * fix: show correct info for connection * fix: use build_exec_command to execute as nonroot * unset default user * feat: add options for setting remote user and become method * fix: add root as default remote_user * fix: remove ansible_ssh_user from remote_user vars * fix: use single quotes inside f-string * fix: ensure lxc exec comes first * fix: line length * fix: use -c flag with su * Update plugins/connection/lxd.py Co-authored-by: Felix Fontein <[email protected]> * Update plugins/connection/lxd.py Co-authored-by: Felix Fontein <[email protected]> * Update plugins/connection/lxd.py Co-authored-by: Felix Fontein <[email protected]> * doc: add changelog fragment * fix: use underscore for module name in fragment * Update 9659-lxd_connection-nonroot-user.yml Co-authored-by: Felix Fontein <[email protected]> * fix: add put command * feat: add get_remote_uid_gid placeholder function * feat: complete placeholder _get_remote_uid_gid function * fix: better logging * fix: ensure default values are of type str * fix: use ints for uid and gid * fix: print put command * fix: format * fix: display msg for PUT * fix: add comment about defaults * fix: format * fix: use os module to get uid and gid * Revert "fix: use os module to get uid and gid" This reverts commit bb2ba14. * Update plugins/connection/lxd.py Co-authored-by: Felix Fontein <[email protected]> * fix: omit uid, gid args in lxd file push if root --------- Co-authored-by: Felix Fontein <[email protected]> (cherry picked from commit 06df717)
ansibullbot
added
backport
connection
felixfontein
deleted the
patchback/backports/stable-10/06df717bc62fe3371acb2462b7694828b8e8196e/pr-9659
branch
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a backport of PR #9659 as merged into main (06df717).
SUMMARY
Currently the
lxd_connectiononly supports connecting to an instance as root. This PR extends the plugin to allow a non-root user, configurable via theansible_uservar to connect to the instance. The optionlxd_become_methodcontrols the command used to switch users, (suby default but could also besudo -u). The defaults ensure the old behavior so this should be a non-breaking change.ISSUE TYPE
COMPONENT NAME
lxd_connection
ADDITIONAL INFORMATION
If it is beneficial I would also be happy to add this functionality to the
incus_connectionandlxc_connectionplugins.