Disable become for repo cloning (2.x method)

author Zack Cerza <zack@redhat.com>

Mon, 27 Jun 2016 18:46:53 +0000 (12:46 -0600)

committer Zack Cerza <zack@redhat.com>

Mon, 27 Jun 2016 22:33:01 +0000 (16:33 -0600)
author Zack Cerza <zack@redhat.com>
Mon, 27 Jun 2016 18:46:53 +0000 (12:46 -0600)
committer Zack Cerza <zack@redhat.com>
Mon, 27 Jun 2016 22:33:01 +0000 (16:33 -0600)
diff --git a/roles/users/tasks/update_keys.yml b/roles/users/tasks/update_keys.yml

index 418b02451f7fc1108b631bfd4246f9b28c593a4c..49cdbf64fc8754d7789e8b70bd91dbe5a4d6e973 100644 (file)
--- a/roles/users/tasks/update_keys.yml
+++ b/roles/users/tasks/update_keys.yml
@@ -3,14 +3,6 @@
    set_fact:
      pubkey_users: "{{ managed_users|list + managed_admin_users|list }}"
  
-# The following set_fact calls are apparently necessary to avoid using sudo on
-# localhost to clone the keys repo.
-- set_fact:
-    ansible_become_orig: "{{ ansible_become }}"
-
-- set_fact:
-    ansible_become: false
-
  - name: Clone the keys repo
    local_action:
      module: git
@@ -19,13 +11,11 @@
      depth: 1
      force: yes
      dest: "{{ keys_repo_path }}"
+  become: false
    when: keys_repo is defined
    connection: local
    run_once: true
  
-- set_fact:
-    ansible_become: "{{ ansible_become_orig }}"
-
  - name: Update authorized_keys using the keys repo
    authorized_key:
      user: "{{ item.name }}"
author	Zack Cerza <zack@redhat.com>
	Mon, 27 Jun 2016 18:46:53 +0000 (12:46 -0600)
committer	Zack Cerza <zack@redhat.com>
	Mon, 27 Jun 2016 22:33:01 +0000 (16:33 -0600)