Open Darguima opened 8 months ago
Hey! Looks like someone found a workaround and a similar issue here. Hope this helps!
https://github.com/mnussbaum/ansible-yay/issues/2#issuecomment-496172670
Hi there! Thank you for your suggestion! I actually implemented something similar in the meantime. I created an aur_builder
user specifically for this purpose and have been using it.
However, the problem I encountered is that, in my specific case, I required a role to handle all these configurations (creating the user and editing the sudoers file), whereas my preferred solution would have allowed me to utilize my default user.
So I wanted to know if is possible to use this package like we do with the pacman
one - just with the password when starting Ansible and nothing more.
Nevertheless, thanks for trying to help!
Of course! Do you currently have your aur_builder
user role add itself to sudoers within the scripts? Because a further (suboptimal) workaround that I had was to have ansible add the default user to sudoers and allow yay
and pacman
to run with no password so that there's no friction. I just run the entire playbook with a password in the very beginning and don't think about it.
Yes. I have a role that creates the aur_builder
user ands add him to the sudoers files after installing `yay.
The problem with using my personal user instead of the aur_builder
is that it opens a door to somebody install everything in my computer, without any problem, if can gain access to it.
Makes sense. Definitely a vulnerability if the permissions aren't removed!
I've just ran for the first time this module. I'm installing some AUR packages with it, but always that it start the task, it request me my sudo password:
I don't know if this is the normal behavior, but it would be nice if I doesn't need insert my password, as long as I pass the
--ask-become-pass
, and if I'm installing something with pacman for example, using thebecome: true
I don't need passwords.Just because I want run something automatized that don't need human interaction.
Is this a bug, or the normal behavior?