Hi all,
I'm using ansible to set up lxc containers, using delegation to the
container host.
One task looks like this:
- name: add ansible user to sudoers
lineinfile:
dest: "/var/lib/lxc/{{ inventory_hostname }}/rootfs/etc/sudoers"
state: present
regexp: "^ansible"
line: 'ansible ALL=(ALL) NOPASSWD: ALL'
insertafter: '^root'
validate: '/usr/sbin/visudo -cf %s'
delegate_to: "{{ container_host }}"
when: start_container|bool
That has been working fine, until I tried to create a debian bullseye
container on a buster host. Unfortunately, the sudoers format has
changed slightly, so the buster visudo won't accept the bullseye sudoers
file (#includedir is now @includedir).
I tried giving the path to the bullseye visudo, but it's dynamically
linked and doesn't work on the buster system.
I could potentially use the lxc_container module to run a command in the
container, but that means I lose lineinfile, and have to do more stuff
manually.
Or I could use my temporary workaround, and just assume my sudoers file
is ok, and skip validation.
Another option is to add an extra lineinfile task (before that one) to
replace @includedir with #includedir, since it's backwards compatible,
but that seems too hackish.
Any other suggestions?
Cheers,
Richard
--
You received this message because you are subscribed to the Google Groups "Ansible
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/39771264-b079-ff6e-15a6-e018d95dd6fd%40walnut.gen.nz.
