From 2cde16a06cf0919c53d12a9fb40c4b114e8c5e83 Mon Sep 17 00:00:00 2001 From: Dan Langille Date: Sat, 16 Jan 2016 14:37:04 -0500 Subject: [PATCH 1/2] Add correct default options for sudo_flags see https://github.com/ansible/ansible/blob/devel/lib/ansible/constants.py#L181 --- docsite/rst/intro_configuration.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docsite/rst/intro_configuration.rst b/docsite/rst/intro_configuration.rst index ccfb456ed9..d36bb6dbd6 100644 --- a/docsite/rst/intro_configuration.rst +++ b/docsite/rst/intro_configuration.rst @@ -591,7 +591,7 @@ Additional flags to pass to sudo when engaging sudo support. The default is '-H of the original user. In some situations you may wish to add or remove flags, but in general most users will not need to change this setting:: - sudo_flags=-H + sudo_flags=-H -S -n .. _sudo_user: From 27657084509edfe2ceebfdfc1dbdef48772ef4a7 Mon Sep 17 00:00:00 2001 From: Dan Langille Date: Sat, 16 Jan 2016 15:28:41 -0500 Subject: [PATCH 2/2] Specify the correct default values for sudo_flags The correct default options for sudo_flags can be found at: https://github.com/ansible/ansible/blob/devel/lib/ansible/constants.py#L181 Slightly alter explanation of '-H' so as not to confuse it with -E, --preserve-env (which preserves existing environment variables). When adding the two other options, include short explanations of those options. Add note about '-n', which did not appear in 1.x I believe, and which bit me. --- docsite/rst/intro_configuration.rst | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/docsite/rst/intro_configuration.rst b/docsite/rst/intro_configuration.rst index d36bb6dbd6..51a1ad1e58 100644 --- a/docsite/rst/intro_configuration.rst +++ b/docsite/rst/intro_configuration.rst @@ -587,9 +587,10 @@ the sudo implementation is matching CLI flags with the standard sudo:: sudo_flags ========== -Additional flags to pass to sudo when engaging sudo support. The default is '-H' which preserves the $HOME environment variable -of the original user. In some situations you may wish to add or remove flags, but in general most users -will not need to change this setting:: +Additional flags to pass to sudo when engaging sudo support. The default is '-H -S -n' which sets the HOME environment +variable, prompts for passwords via STDIN, and avoids prompting the user for input of any kind. Note that '-n' will conflict +with using password-less sudo auth, such as pam_ssh_agent_auth. In some situations you may wish to add or remove flags, but +in general most users will not need to change this setting::: sudo_flags=-H -S -n