ceph-mon: No become during gen mon initial keyring

Since the backing generate_secret() just hands out urandom output,
running as privileged doesn't seem to be required. It's not
desireable to provide sudo in some Ansible runner environments.

Signed-off-by: Jukka Nousiainen <jukka.nousiainen@csc.fi>

diff --git a/roles/ceph-mon/tasks/deploy_monitors.yml b/roles/ceph-mon/tasks/deploy_monitors.yml
index a8d713758bcef7785ad7bd6c11fb028a43259d4b..7e8091fd03d3372be52aa98d1020471319c5f996 100644 (file)
--- a/roles/ceph-mon/tasks/deploy_monitors.yml
+++ b/roles/ceph-mon/tasks/deploy_monitors.yml
@@ -20,6 +20,7 @@
     state: generate_secret
   register: monitor_keyring
   delegate_to: localhost
+  become: false
   run_once: true
   when:
     - initial_mon_key.skipped is defined