using either command or validate on visudo with no stdout is always a fatal result.....

Archives Ansible Project
1
I’m trying to use either lineinfile or blockinfile to make a change to a sudoers.ansible file then copy this back over the sudoers once its validated as correctly formatted.

I can see that the changes go ahead and I can manually run visudo -q -c -f and get no error meaning the file is ok.

Ansible seems to be interpreting to no stderr as an rc:1 failed result and the playbook crashes out… .was told this isnt a bug and is a question so any assistance would be great.

2

Try giving the full path to visudo.

3

I'm trying to use either lineinfile or blockinfile to make a change to a
sudoers.ansible file then copy this back over the sudoers once its
validated as correctly formatted.

I can see that the changes go ahead and I can manually run visudo -q -c -f
and get no error meaning the file is ok.

Since you are using -q no output will be printed, even if there is an error in the file.
You need to check(echo $?) the return code, if it's 1 then the file contains one or more errors.

Ansible seems to be interpreting to no stderr as an rc:1 failed result and
the playbook crashes out... .was told this isnt a bug and is a question so
any assistance would be great.

visudo is returning error code 1 because there is error(s) in the file, that's why Ansible fails.

ACTUAL RESULTS

TASK [Final sudoers file check before copying tmp back] ************************
task path: /Users/<snip>/provision_lab.yml:143
Using module file /Library/Python/2.7/site-packages/ansible/modules/core/commands/command.py
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: <snip>
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo $HOME/.ansible/tmp/ansible-tmp-1491238255.64-78253062874287 `" && echo ansible-tmp-1491238255.64-78253062874287="` echo $HOME/.ansible/tmp/ansible-tmp-1491238255.64-78253062874287 `" ) && sleep 0'
<127.0.0.1> PUT /var/folders/sj/zdn5tb0d51q_20z4gm0myg700000gn/T/tmpqDb6kH TO /Users/<snip>/.ansible/tmp/ansible-tmp-1491238255.64-78253062874287/command.py
<127.0.0.1> EXEC /bin/sh -c 'chmod u+x /Users/<snip>/.ansible/tmp/ansible-tmp-1491238255.64-78253062874287/ /Users/<snip>/.ansible/tmp/ansible-tmp-1491238255.64-78253062874287/command.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'sudo -H -S -p "[sudo via ansible, key=wtmauitocwoynsgcjeydluockganqqnp] password: " -u root /bin/sh -c '"'"'echo BECOME-SUCCESS-wtmauitocwoynsgcjeydluockganqqnp; /usr/bin/python /Users/<snip>/.ansible/tmp/ansible-tmp-1491238255.64-78253062874287/command.py; rm -rf "/Users/<snip>/.ansible/tmp/ansible-tmp-1491238255.64-78253062874287/" > /dev/null 2>&1'"'"' && sleep 0'
fatal: [localhost]: FAILED! => {
    "changed": true,
    "cmd": [
        "visudo",
        "-q",
        "-cf",
        "/etc/sudoers.ansible"
    ],
    "delta": "0:00:00.008161",
    "end": "2017-04-03 17:50:55.807571",
    "failed": true,
    "invocation": {
        "module_args": {
            "_raw_params": "visudo -q -cf /etc/sudoers.ansible",
            "_uses_shell": false,
            "chdir": null,
            "creates": null,
            "executable": null,
            "removes": null,
            "warn": true
        },
        "module_name": "command"
    },
    "rc": 1,

There are one or more errors in the file so visudo reports return code 1.
In Ansible return code >0 is default an error and the task fails.