I changed remote_tmp to /tmp/.ansible/tmp for performance reasons. The directory is created as follows:
[tmp]$ ls -ld .ansible
drwx------ 3 ec2-user ec2-user 4096 Mar 2 09:47 .ansible
When a different user attempts to write to the directory it fails:
Looks like /tmp/.ansible needs to be 777
If you specify /tmp/.ansible/tmp as the remote_tmp, then you become responsible for ensuring that the correct users have permission to read, write, and search that directory. Ansible deals with permissions below that directory only.
There was a bug in the 2.5 branch (I believe fixed in the latest rc) where ansible was supposed to revert to the system temp directory when remote_user was unprivileged and become_user was also unprivileged. What version of ansible are you using? (ansible --version output). That might tell us if this is related to that bug.
-Toshio
I think the workaround/solution is to set remote_tmp=/tmp. I prefer remote_tmp to be a subdirectory under /tmp but it looks like that means I will have to deal with permissions which I prefer not to. I’m testing now. Thanks.