Add support for fully qualified collection name in become_method

[jadacyrus]

According to ansible-lint the correct value for become_method su and sudo are the fully qualified names ansible.builtin.su and ansible.builtin.sudo (https://github.com/ansible/ansible-lint/blob/main/src/ansiblelint/schemas/ansible.json#L48)

Making the switch to these fully qualified names while using the Mitogen connection strategy produces the following error :

An exception occurred during task execution. To see the full traceback, use -vvv. The error was: KeyError: 'ansible.builtin.sudo'
fatal: [REDACTED]: FAILED! =>
  msg: 'Unexpected failure during module execution: ''ansible.builtin.sudo'''
  stdout: ''

Here is an example playbook that will reproduce the bug:

# test-playbook.yml
- hosts: localhost
  tasks:
    - name: Run a shell command
      ansible.builtin.command: /bin/echo $(id -un)
      become: true
      become_user: nobody
      become_method: ansible.builtin.sudo

[jadacyrus]

@moreati Anything specifically you want for this?

[dramborleg]

I also ran into this issue, is it possible to merge this or is something else needed? It's pretty small so just curious if it's a problem with the MR or just lack of time. If there's anything that can be done to help move it forward I may be able to contribute depending on what is needed. Thanks!

[jadacyrus]

@moreati Bump.

[jadacyrus]

@moreati very simple change here to fix issue. do you need anything else?

[moreati]

Sorry for the wait.

You need

• Changelog entry
• Regression test in https://github.com/mitogen-hq/mitogen/tree/master/tests/ansible/regression

Optional

• Add yourself to https://github.com/mitogen-hq/mitogen/blob/master/docs/contributors.rst#productivity-lovers
• git rebase down to a single commit on latest master

[jadacyrus]

I am not sure why some of these tests are failing with su ...

[moreati]

I'll take a look, thanks

…

On Tue, 28 Jan 2025 at 18:22, Alexander ***@***.***> wrote: I am not sure why some of these tests are failing with su ... — Reply to this email directly, view it on GitHub <#1072 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AABKS4XMUIY32LJBFRBSUND2M7DGHAVCNFSM6AAAAABSPLFDBGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDMMJZG42DSNJQGI> . You are receiving this because you were mentioned.Message ID: ***@***.***>

[moreati]

After some investigation in #1233 I don't know why the su test is failing and I think I've found a second problem. So far

FQCN su is not supply the password in some Ansible versions, e.g. c481965 in https://github.com/mitogen-hq/mitogen/actions/runs/13016396756/job/36306555275?pr=1072

PLAY [regression/issue_1232__fully_qualified_names_become_method.yml (2/2)] ****

TASK [Run a shell command with su mitogen__user1 _raw_params=whoami] ***********
Tuesday 28 January 2025  18:12:10 +0000 (0:00:00.563)       0:01:45.081 ******* 
fatal: [target-centos6-1]: FAILED! => 
  msg: 'error occurred on host target-centos6-1: su password is required'

FQCN sudo appears to be reusing an old connection, even if a subsquent task specifies a different become_user, e.g. 09b44e4 in https://github.com/mitogen-hq/mitogen/actions/runs/13055004397/job/36423772033

TASK [assert that=["fqcn_sudo_password_whoami.stdout == 'mitogen__pw_required'"], fail_msg=fqcn_sudo_password_whoami={{ fqcn_sudo_password_whoami }}
] ***
task path: /home/runner/work/mitogen/mitogen/tests/ansible/regression/issue_1232__fully_qualified_names_become_method.yml:37
Thursday 30 January 2025  15:03:40 +0000 (0:00:00.074)       0:00:03.625 ****** 
...
fatal: [target-centos7-1]: FAILED! => changed=false 
  assertion: fqcn_sudo_password_whoami.stdout == 'mitogen__pw_required'
  evaluated_to: false
  msg: |-
    fqcn_sudo_password_whoami={'changed': False, 'end': '2025-01-30 15:03:40.281030', 'stdout': 'root', 'cmd': ['whoami'], 'start': '2025-01-30 15:03:40.277352', 'delta': '0:00:00.003678', 'stderr': '', 'rc': 0, 'msg': '', 'stdout_lines': ['root'], 'stderr_lines': [], 'failed': False}

[moreati]

For now my conclusion is that this will require more fundamental changes to ansible_mitogen. Possibly

• moving mitogen_sudo et al from plugins/connections to plugins/become.
• changing how Mitogen intercepts/integrates with Ansible collection loading.

[dramborleg]

Thanks for looking at it @moreati, I doubt I'd have time to help with a larger change but it's nice knowing the next steps in case I ever do get a chance, and I appreciate the time spent investigating.

[pstumpf-wizai]

Hi. Why is this not added for community.general.doas also? I myself ran into this bug with doas.