From 177343f86bbd4041448a5c1235bedba7fa1603c5 Mon Sep 17 00:00:00 2001
From: Chris Hines <chris.hines@monash.edu>
Date: Fri, 22 Apr 2016 00:49:51 +0000
Subject: [PATCH] allow the ssh certs directory to be a symlink without
 throwing errors. Also update sudo to become inline with ansible2

---
 roles/ldapclient/tasks/configLdapClient.yml | 29 ++++++++++++++-------
 1 file changed, 19 insertions(+), 10 deletions(-)

diff --git a/roles/ldapclient/tasks/configLdapClient.yml b/roles/ldapclient/tasks/configLdapClient.yml
index 4b91158e..5b667f2e 100644
--- a/roles/ldapclient/tasks/configLdapClient.yml
+++ b/roles/ldapclient/tasks/configLdapClient.yml
@@ -4,39 +4,47 @@
   with_items:
     - pam_ldap.conf
     - nsswitch.conf
-  sudo: true
+  become: true
+  become_user: root
 
 - name: "make basedir"
-  file: path="{{ ldapCaCertFile | dirname }}" state=directory owner=root
-  sudo: true
+  file: path="{{ ldapCaCertFile | dirname }}" state=directory owner=root follow=yes
+  become: true
+  become_user: root
   ignore_errors: true
 
 - name: "Copy the CA cert"
   copy: src={{ ldapCaCertSrc }} dest={{ ldapCaCertFile }} owner=root mode=644
-  sudo: true
+  become: true
+  become_user: root
   when: ldapCaCertSrc is defined
 
 - name: "Template CA cert"
   template: src=ldapCaCert.j2 dest={{ ldapCaCertFile }} owner=root mode=644
-  sudo: true
+  become: true
+  become_user: root
   when: ldapCaCertContents is defined
 
 - name: "Copy system auth"
   template: src=system-auth.j2 dest=/etc/pam.d/system-auth
-  sudo: true
+  become: true
+  become_user: root
 
 - name: "Copy password auth"
   template: src=password-auth.j2 dest=/etc/pam.d/password-auth
-  sudo: true
+  become: true
+  become_user: root
 
 - name: "Add LDAP server IP address to /etc/hosts"
   lineinfile: dest=/etc/hosts line="{{ ldapServerHostIpLine }}" state=present insertafter=EOF
-  sudo: true
+  become: true
+  become_user: root
   when: ldapServerHostIpLine is defined
 
 - name: "Copy sssd.conf to ldap client"
   template: src=sssd.j2 dest=/etc/sssd/sssd.conf owner=root group=root mode=600
-  sudo: true
+  become: true
+  become_user: root
   notify: restart sssd
 
 - name: "Make the cache a tmpfs"
@@ -46,4 +54,5 @@
 
 - name: "start sssd"
   service: name=sssd state=started enabled=yes
-  sudo: true
+  become: true
+  become_user: root
-- 
GitLab