Could you please stop updating ansible versions within stable releases? Ansible upgrades are not backwards compatible. After already having to deal with fedora 23 getting ansible 2 in the middle of the release, now I have to deal with https://docs.ansible.com/ansible/become.html#becoming-an-unprivileged-user. This is not what I believe is the accepted behavior in fedora stable releases.
Thanks for the comments, I wasn't aware of the ansible1.9 package. As for the new become syntax, it definitely broke on me before. Is this something that's patched now? As far as I can tell, it would only work if setfacl is installed on the target machine. There's nothing that would require that to happen as far as I can tell.
Well, first it's a security issue, so erroring is better than silently being insecure (IMHO). Also, install setfacl on the target machine is only one of a number of workarounds. You can enable pipelining, you can make the connection as root, or you can set allow_world_readable_tmpfiles in your ansible.cfg. Sorry if this broke things for you, but the eariler versions were insecure here. ;(
This update has been submitted for testing by kevin.
This update has been pushed to testing.
Works fine
no regressions noted
This update has been submitted for stable by bodhi.
Look Good to Me
This update has been pushed to stable.
Could you please stop updating ansible versions within stable releases? Ansible upgrades are not backwards compatible. After already having to deal with fedora 23 getting ansible 2 in the middle of the release, now I have to deal with https://docs.ansible.com/ansible/become.html#becoming-an-unprivileged-user. This is not what I believe is the accepted behavior in fedora stable releases.
karma: -1
Serveral notes:
Thanks for the comments, I wasn't aware of the ansible1.9 package. As for the new become syntax, it definitely broke on me before. Is this something that's patched now? As far as I can tell, it would only work if setfacl is installed on the target machine. There's nothing that would require that to happen as far as I can tell.
Well, first it's a security issue, so erroring is better than silently being insecure (IMHO). Also, install setfacl on the target machine is only one of a number of workarounds. You can enable pipelining, you can make the connection as root, or you can set allow_world_readable_tmpfiles in your ansible.cfg. Sorry if this broke things for you, but the eariler versions were insecure here. ;(