Skip to content

sudo: add mitogen_sudo_password_prompt for custom passprompt#1501

Open
jettero wants to merge 1 commit intomitogen-hq:masterfrom
jettero:fix-task-lockups
Open

sudo: add mitogen_sudo_password_prompt for custom passprompt#1501
jettero wants to merge 1 commit intomitogen-hq:masterfrom
jettero:fix-task-lockups

Conversation

@jettero
Copy link
Copy Markdown

@jettero jettero commented Apr 4, 2026
edited by moreati
Loading

@jettero:
I didn't have much to do with this. Just asked claude to fix the problem I was having with mitogen in my ansible setup. The problem turned out to be my custom sudo prompts, which I'm not willing to change, so if I wanna use mitogen, I have to fork... But feel free to reject this if you don't like it. I don't have much skin in the game.

Claude:

Mitogen's PASSWORD_PROMPT_RE matches "password" in dozens of locales, covering any default sudo configuration. But if sudoers defines a custom passprompt (e.g. [sudo] %u@%h:) that omits the word "password", mitogen never recognizes the prompt, never sends the password, and the sudo bootstrap hangs until connect_timeout.

Ansible's own sudo become plugin sidesteps this by always forcing -p, but mitogen matches the prompt on the wire instead. This commit adds a configurable regex pattern via the ansible variable mitogen_sudo_password_prompt. When set, the pattern is compiled and prepended to SetupProtocol.PARTIAL_PATTERNS, with the built-in patterns as fallback.

Configuration (group_vars, host_vars, or play vars):

    mitogen_sudo_password_prompt: '\[sudo\] \w+@[\w.]+:'

Also adds pyproject.toml so pip install -e . works with modern pip.

Thanks for creating a PR! Here's a quick checklist to pay attention to:

  • Please add an entry to docs/changelog.rst as appropriate.

  • Has some new parameter been added or semantics modified somehow? Please
    ensure relevant documentation is updated in docs/ansible.rst and
    docs/api.rst.

  • If it's for new functionality, is there at least a basic test in either
    tests/ or tests/ansible/ covering it?

  • If it's for a new connection method, please try to stub out the
    implementation as in tests/data/stubs/, so that construction can be tested
    without having a working configuration.

@claude
sudo: add mitogen_sudo_password_prompt for custom passprompt
63dffb9 
Mitogen's PASSWORD_PROMPT_RE matches "password" in dozens of locales,
covering any default sudo configuration. But if sudoers defines a custom
passprompt (e.g. `[sudo] %u@%h:`) that omits the word "password",
mitogen never recognizes the prompt, never sends the password, and the
sudo bootstrap hangs until connect_timeout.

Ansible's own sudo become plugin sidesteps this by always forcing -p,
but mitogen matches the prompt on the wire instead. This commit adds a
configurable regex pattern via the ansible variable
`mitogen_sudo_password_prompt`. When set, the pattern is compiled and
prepended to SetupProtocol.PARTIAL_PATTERNS, with the built-in patterns
as fallback.

Configuration (group_vars, host_vars, or play vars):

    mitogen_sudo_password_prompt: '\[sudo\] \w+@[\w.]+:'

Also adds pyproject.toml so `pip install -e .` works with modern pip.
@moreati moreati mentioned this pull request Apr 12, 2026
Open
@moreati
Copy link
Copy Markdown
Member

moreati commented Apr 12, 2026

I agree with the goal, created #1503 as an umbrella for similar issues. I wan't to consider the design more - Ansible's method (set a known prompt) makes a lot of sense and is likely to be more robust.

Regardless, I can't accept this PR with failing tests and no changelog entry or docs updates.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jettero @moreati @claude