]> git-server-git.apps.pok.os.sepia.ceph.com Git - ceph-ansible.git/commitdiff
projects / ceph-ansible.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 17c4744)
ceph-mon: No become during gen mon initial keyring
authorJukka Nousiainen <jukka.nousiainen@csc.fi>
Wed, 2 Dec 2020 09:07:25 +0000 (11:07 +0200)
committerDimitri Savineau <savineau.dimitri@gmail.com>
Mon, 7 Dec 2020 14:24:37 +0000 (09:24 -0500)
Since the backing generate_secret() just hands out urandom output,
running as privileged doesn't seem to be required. It's not
desireable to provide sudo in some Ansible runner environments.

Signed-off-by: Jukka Nousiainen <jukka.nousiainen@csc.fi>
(cherry picked from commit eb7473491b25c5f899a110f6ae1076ef5096d6d5)

roles/ceph-mon/tasks/deploy_monitors.yml patch | blob | history

diff --git a/roles/ceph-mon/tasks/deploy_monitors.yml b/roles/ceph-mon/tasks/deploy_monitors.yml
index ea93734a383194231c1f155334110039cdcda13b..2067ef67a7f35c96286dc1126c1d9070eb18bfc3 100644 (file)
--- a/roles/ceph-mon/tasks/deploy_monitors.yml
+++ b/roles/ceph-mon/tasks/deploy_monitors.yml
@@ -19,6 +19,7 @@
     state: generate_secret
   register: monitor_keyring
   delegate_to: localhost
+  become: false
   run_once: true
   when:
     - initial_mon_key.skipped is defined
Unnamed repository; edit this file 'description' to name the repository.