diff --git a/changelogs/fragments/4506-sudo-in-nmap-inv-plugin.yaml b/changelogs/fragments/4506-sudo-in-nmap-inv-plugin.yaml new file mode 100644 index 00000000000..1baded5cd47 --- /dev/null +++ b/changelogs/fragments/4506-sudo-in-nmap-inv-plugin.yaml @@ -0,0 +1,2 @@ +minor_changes: +- nmap inventory plugin - add ``sudo`` option in plugin in order to execute ``sudo nmap`` so that ``nmap`` runs with elevated privileges (https://github.com/ansible-collections/community.general/pull/4506). diff --git a/plugins/inventory/nmap.py b/plugins/inventory/nmap.py index 44d687505ac..6d1779bb481 100644 --- a/plugins/inventory/nmap.py +++ b/plugins/inventory/nmap.py @@ -21,6 +21,11 @@ description: token that ensures this is a source file for the 'nmap' plugin. required: True choices: ['nmap', 'community.general.nmap'] + sudo: + description: Set to C(true) to execute a C(sudo nmap) plugin scan. + version_added: 4.8.0 + default: false + type: boolean address: description: Network IP or range of IPs to scan, you can use a simple range (10.2.2.15-25) or CIDR notation. required: True @@ -49,6 +54,13 @@ plugin: community.general.nmap strict: False address: 192.168.0.0/24 + + +# a sudo nmap scan to fully use nmap scan power. +plugin: community.general.nmap +sudo: true +strict: False +address: 192.168.0.0/24 ''' import os @@ -135,6 +147,10 @@ def parse(self, inventory, loader, path, cache=True): if not user_cache_setting or cache_needs_update: # setup command cmd = [self._nmap] + + if self._options['sudo']: + cmd.insert(0, 'sudo') + if not self._options['ports']: cmd.append('-sP')