I’ve a few old server in maintenance with older versions of sudo.
Since upgrading to ansible 2.0 (and 2.01) these servers are erroring out on sudo/become calls with:
sudo: illegal option `-n’
Checking these servers, I do see that the sudo versions do not support “-n”.
Is there a workaround for this?
You can set the sudo flags in ansible.cfg, env var or in
ansible_sudo_flags inventory variable. The default is "-H -s -n". I
recommend you keep -H and -s.
Thanks!
In my situations, an inventory variable makes the most sense.
For others reference, here is the needed synax in inventory.
[oes10managed:vars]
ansible_sudo_flags=‘-H’
Note that the case is lowercase (unlike the environmental variable).
This just “grandfathers in” the (newly) broken sudo clients without effecting other clients.
I could not get the " -s " flag to work. I received errors like:
/bin/sh: /bin/sh: cannot execute binary file
Which I take to be further changes in sudo syntax.
That said, since I’m running the commands, I’m reasonably happy here that no problematic shell will be triggered.
As near as I can tell, this is most likely to avoid malicious playbooks.