> sudo -H -S -n -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo
> BECOME-SUCCESS-mukfdpvotlpobkadiwdhuktbihrwsnnr; LANG=en_US.utf8
> LC_ALL=en_US.utf8 LC_MESSAGES=en_US.utf8 /usr/bin/python
> /home/john/.ansible/tmp/ansible-tmp-1474312334.89-150221606981760/setup; rm
> -rf "/home/john/.ansible/tmp/ansible-tmp-1474312334.89-150221606981760/" >
> /dev/null 2>&1'"'"'"'"'"'"'"'"' && sleep 0'"'"''
Ok, I said "something like", because I didn't have a machine to dig up the
details on. But clearly you were able to do that. Look at the command. It's
sudo ... /bin/sh .
So NOPASSWD: for /bin/sh. But really you should just give wildcard NOPASSWD
for running ansible. There's very little difference in NOPASSWD for /bin/sh
and everything. Or input the password using --ask-become-pass
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
To post to this group, send email to firstname.lastname@example.org.
To view this discussion on the web visit
For more options, visit https://groups.google.com/d/optout.