From 9fcc0b307afff7eac3883396d45ea20557eed084 Mon Sep 17 00:00:00 2001 From: udesilva Date: Sat, 27 Feb 2016 20:23:36 +0000 Subject: [PATCH 1/2] Update playbooks_lookups.rst Added a warning regarding attempting to create a local password file when the user the playbook is running as cannot create it... causes Ansible to loop at that task. --- docsite/rst/playbooks_lookups.rst | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docsite/rst/playbooks_lookups.rst b/docsite/rst/playbooks_lookups.rst index 454036b41f..81fa834e51 100644 --- a/docsite/rst/playbooks_lookups.rst +++ b/docsite/rst/playbooks_lookups.rst @@ -69,6 +69,8 @@ This length can be changed by passing an extra parameter:: .. note:: If the file already exists, no data will be written to it. If the file has contents, those contents will be read in as the password. Empty files cause the password to return as an empty string +Caution: Because this runs on the ansible host as the user running the playbook, if the file does not exist, and is not writeable by that user, the playbook will just loop. + Starting in version 1.4, password accepts a "chars" parameter to allow defining a custom character set in the generated passwords. It accepts comma separated list of names that are either string module attributes (ascii_letters,digits, etc) or are used literally:: --- From fd28103c2877d940d259d2436a67ca33bf971182 Mon Sep 17 00:00:00 2001 From: udesilva Date: Fri, 4 Mar 2016 00:04:54 +0000 Subject: [PATCH 2/2] Update playbooks_lookups.rst --- docsite/rst/playbooks_lookups.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docsite/rst/playbooks_lookups.rst b/docsite/rst/playbooks_lookups.rst index 81fa834e51..41c676d578 100644 --- a/docsite/rst/playbooks_lookups.rst +++ b/docsite/rst/playbooks_lookups.rst @@ -67,9 +67,9 @@ This length can be changed by passing an extra parameter:: (...) -.. note:: If the file already exists, no data will be written to it. If the file has contents, those contents will be read in as the password. Empty files cause the password to return as an empty string +.. note:: If the file already exists, no data will be written to it. If the file has contents, those contents will be read in as the password. Empty files cause the password to return as an empty string. -Caution: Because this runs on the ansible host as the user running the playbook, if the file does not exist, and is not writeable by that user, the playbook will just loop. +Caution: Since this runs on the ansible host as the user running the playbook, and "become" does not apply, the target file must be readable by the playbook user, or, if it does not exist, the playbook user must have sufficient privileges to create it. (So, for example, attempts to write into areas such as /etc will fail unless the entire playbook is being run as root). Starting in version 1.4, password accepts a "chars" parameter to allow defining a custom character set in the generated passwords. It accepts comma separated list of names that are either string module attributes (ascii_letters,digits, etc) or are used literally::