search

devops-coop / ansible-haproxy

Installs and configure HAProxy
Apache License 2.0
96 stars 97 forks source link

sudo shouldn't be used #71

Closed onitake closed 7 years ago

onitake commented 7 years ago

Ansible warns about the sudo: yes flag in install.yml:

[DEPRECATION WARNING]: Instead of sudo/sudo_user, use become/become_user and make sure become_method is 'sudo' 
(default).
This feature will be removed in a future release.

I think it is safe to assume the haproxy role is run with superuser rights, so it doesn't make much sense to have the flag there.

benwebber commented 7 years ago

This is actually a deprecation warning. When Ansible 1.9 added new privilege escalation backends, they changed sudo to become. We simply need to rename the parameter.

benwebber commented 7 years ago

@onitake Sorry for misunderstanding your original point. Yes, the user should set become at the playbook level. The role shoudn't elevate permissions itself.

onitake commented 7 years ago

Sorry that I wasn't more clear, but thanks anyway! :)