From d4ce85ef284a02b1aa92f899cdd387af2e059b4c Mon Sep 17 00:00:00 2001
From: Matt Saladna <matt@apisnetworks.com>
Date: Tue, 2 Feb 2021 13:57:17 -0600
Subject: [PATCH] Handle condition going from privileged to non-privileged user
 in which the cwd disables descent. Fall back to Mitogen's temporary
 directory. In relation to #636.

---
 ansible_mitogen/runner.py | 9 +++++++--
 docs/changelog.rst        | 2 ++
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/ansible_mitogen/runner.py b/ansible_mitogen/runner.py
index 064023442..417764127 100644
--- a/ansible_mitogen/runner.py
+++ b/ansible_mitogen/runner.py
@@ -378,10 +378,15 @@ def _setup_cwd(self):
         """
         For situations like sudo to a non-privileged account, CWD could be
         $HOME of the old account, which could have mode go=, which means it is
-        impossible to restore the old directory, so don't even try.
+        impossible to restore the old directory. Fallback to a neutral temp if so.
         """
         if self.cwd:
-            os.chdir(self.cwd)
+            try:
+                os.chdir(self.cwd)
+            except OSError:
+                LOG.debug('%r: could not CHDIR to %r',
+                          self, self.cwd)
+                self._revert_cwd()
 
     def _setup_environ(self):
         """
diff --git a/docs/changelog.rst b/docs/changelog.rst
index 99c307985..3205bae7b 100644
--- a/docs/changelog.rst
+++ b/docs/changelog.rst
@@ -23,6 +23,7 @@ v0.3.0 (unreleased)
 This release separates itself from the v0.2.X releases. Ansible's API changed too much to support backwards compatibility so from now on, v0.2.X releases will be for Ansible < 2.10 and v0.3.X will be for Ansible 2.10+.
 `See here for details <https://github.com/dw/mitogen pull/715#issuecomment-750697248>`_.
 
+* :gh:issue:`636` os.chdir fails if the sudo/become user lacks adequate permissions to chdir prior to task
 * :gh:issue:`731` ansible 2.10 support
 * :gh:issue:`652` support for ansible collections import hook
 
@@ -30,6 +31,7 @@ This release separates itself from the v0.2.X releases. Ansible's API changed to
 v0.2.10 (unreleased)
 --------------------
 
+* :gh:issue:`636` os.chdir fails if the sudo/become user lacks adequate permissions to chdir prior to task
 * :gh:issue:`597` mitogen does not support Ansible 2.8 Python interpreter detection
 * :gh:issue:`655` wait_for_connection gives errors
 * :gh:issue:`672` cannot perform relative import error