No: https://docs.ansible.com/ansible/latest/user_guide/become.html#privilege-escalation-must-be-general
On Fri, 29 May 2020 at 12:33, varun mohan <[email protected]> wrote: > > Hi, > Currently ansible uses wrapper scripts(shell/python) for executing commands > as privileged user suing sudo. Due to this its currently not possible to > restrict what commands ansible fires on the remote machine after privilege > escalation. Main reason being ansible required NO PASSWD:ALL or NO > PASSwd:/bin/sh( which is equivalent to NO PASSWD:ALL). Is there any way to > control this. > > Regards > Varun > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/87ce2f5e-c7d6-4f50-b7c3-2b13beb63dd8%40googlegroups.com. -- Dick Visser Trust & Identity Service Operations Manager GÉANT -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAL8fbwO9eg2K4st-HRie91o%3D24A1_dhjCWXgni1m8Bp685BzpQ%40mail.gmail.com.
