I've found the answer elsewhere on the list - Ansible SUDO is not the SUDO you expect.
Basically Ansible SUDO executes a temporary scrip on the fly - something like: ssh '/bin/sh -c "sudo /tmp/ansible-temp-script"' A better approach would have been to place the SUDO command INSIDE the temporary script around each command. This would enable fine-grained SUDO configuration on each of the managed hosts. I assume that the problem is in passing the password through to each command for those that want passwords. Personally I would be happy with a SUDO_COMMAND option that only works for password-less sudo permissioned commands. You can work around the SUDO issues by setting the SUDO permissions and then writing your own modules etc that use SUDO commands, e.g. - command: /usr/bin/sudo /user/bin/apt-get update - command: /usr/bin/sudo /user/bin/apt-get upgrade -y Or you can follow the Ansible recommendations - which effectively give root access to any command, using your password. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/87b97ed5-7982-4b1e-bbcc-9d3bd70fd3ba%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
