host.privilege¶

Posix privilege-elevation mixin.

Shared by the posix-shell hosts (UnixHost, LocalHost, DockerContainerHost). Implements the _elevate hook (run(sudo=True)) plus switch_user / as_user.

sudo auto-answers the password prompt through the Expect channel (run(expects=[...])) — the response is written directly by the session machinery and is never logged.

su sends the password via send(..., log=False) so it is delivered to stdin without being emitted to the console or log file.

The mixin carries no fields and declares __slots__ = () so it composes with the @dataclass(slots=True) hosts. Password sourcing is host-specific: _sudo_password / _user_password default to None (passwordless) and UnixHost overrides them from creds.

class otto.host.privilege.PosixPrivilege¶

Bases: object

Mixin: sudo/su elevation for posix-shell hosts.

async switch_user(user: str = '', password: str | None = None) → None¶

su the persistent session to user (default root).

Sends su [user] and auto-answers the password prompt (from password, else _user_password). Mutates session state — affects subsequent run calls until the user exits back.

as_user(user: str = 'root', password: str | None = None) → AsyncIterator[PosixPrivilege]¶

Run a block as user, returning to the original user on exit.

async with host.as_user(“root”):

await host.run(“systemctl restart foo”)