Conditionals in sudo

Raja1 · January 11, 2015, 3:33am

Hi,
(Originally posted to Ansible Dev by mistake)

Im a newbie trying to automate a few commands across boxes using Ansible.

I would like the sudo command on certain tasks to be conditional, so depending on the node, I’d like to turn on sudo or not. For e.g. I have a development machine (my laptop) and a stage server where I need certain sets of commands to be run. On the dev machine, I dont need any of the commands to be run as sudo but need them to run as sudo on the stage server.

I thought something like

hosts: all
tasks:
name: Execute Command X
command: Command X
sudo: inventory_hostname != ‘localhost’

My Hosts file contains entries like
localhost
demo7 ansible_ssh_host=… ansible_ssh_port=…

would make the task not run as sudo on “localhost” (my dev machine) but would run with sudo on the other nodes. Unfortunately, this doesnt happen and it always treats this as sudo: False.

Is it possible to have conditionals in sudo ?

UPDATE: Looking through the source, this doesn’t seem to be the case. The Expression doesnt seem to be evaluated and sent directly to utils.boolean.
Is there any other way of achieving this goal other than running every task twice – once with sudo and once without.

Thanks
Raja

Tom_Bamford · January 13, 2015, 6:18pm

Hi Raja

I struggled with this, and the approach I settled with is to duplicate the task, having one with the ‘sudo:’ parameter and one without, and each having a ‘when:’ conditional.

command: something
sudo: yes
when: env == ‘development’
command: something
when: env != ‘development’

Hope this helps

Tom

Greg_Andrews · January 14, 2015, 4:29am

I wonder if inventory variables might do what you need. Have a look at the Ansible docs page for them here, especially the part of the page starting with “Host Variables”, but also the descriptions of files in host_vars and group_vars directories starting with “Splitting Out Host and Group Specific Data”. One thing that’s not mentioned in the page is that the “host_vars/all” file will set variables for all hosts.

I haven’t checked to see if the “sudo: yes” flag can be controlled in these ways. If it can, then this approach could be better than running tasks twice.

-Greg

Topic		Replies	Views
Conditionals in sudo Ansible Developer	2	1	January 11, 2015
Conditionally execute some tasks on dev hosts only Ansible Project	1	0	March 26, 2014
Per-host sudo options Ansible Project ansible-project	4	1	April 14, 2013
Help on Conditionals - When Ansible Project	3	0	May 24, 2021
Conditional Statements help Ansible Developer	0	0	January 31, 2019

Conditionals in sudo

Related topics