Since you can set the ssh user to root, sudo becomes irrelevant (normally root can sudo, even if he doesn’t need to).
A diff use case though:
some machines have sudo NOPASSWD, others don’t, ansible will hang on one or the other depending on -K being used or not.
A patch to enable
ansible_sudo=True/False
in inventory would be accepted.
You should of course always use keys if you get into the scenario Brian mentioned, but it’s safe to do --ask-sudo-pass everywhere if some machines didn’t invoke the sudo code as you propose.
I have the same issue… here is something that works but likely not the best place to put it.
I think the project maintainer should take a look at this since it would de a common issue /once/ ansible becomes popular.
in ansible/lib/ansible/runner/init.py
change function////
def _executor_internal(self, host):
‘’’ executes any module one or more times ‘’’
host_variables = self.inventory.get_variables(host)
#WITH:
if host_variables.get(‘ansible_sudo’, None):
self.sudo = host_variables.get(‘ansible_sudo’, None) == ‘yes’
this allows the host var ansible_sudo to force sudo if its set as yes.
Note: this dont support True and Yes and the other ways to eval to positive.
perhaps use,
if host_variables.get(‘ansible_sudo’, None):
self.sudo = host_variables.get(‘ansible_sudo’, None) == ‘True’
note if the value is set and is anything but True it will assume that value is false.
Steve,
Don’t particularly care for the popularity implication and I’m the one with the previous comment in this thread already 