Prompt for Sudo Password Only When Needed?

Hello,

I wrote a little playbook to:

1. copy config files over
2. run a check command
3. if check command runs okay, restart a daemon.

The config files are writeable by my local user. (Actually, group write, so a team can manage the configs…)
The check command runs as me.
The daemon restart is sudo: true.

Now, if I run the playbook, and no files have changed, no need to restart the daemon.
If I run the playbook, and files have changed, the check command may print some errors. No need to restart the daemon.

If I run the playbook, files change, check okay, restart the daemon … hang because ansible doesn’t ask for sudo password … (that is a bug, imho.)

I can run the playbook with --ask-sudo-pass, but that adds clumsy typing, and it prompts me for the password each and every time, even if it is not needed.

1. Can I put “ask for sudo password” in the config somewhere instead of entering it on command-line?
2. Can Ansible only ask for sudo password when it needs it?

Thanks,
-danny

You can control whether to ask by default in ansible.cfg with the ask_sudo_pass setting, which I know isn’t exactly what you want, but it’s there. I’d consider just setting up a shell alias if you wish to eliminate typing.

As for hang scenarios, Ansible contains some detection to detect sudo prompts, but it depends what OS you are running from and talking to… let us know along with what version you are using.