ansible.cfg become_ask_pass not working

Question

I am using Ansible 2.5.1., and I do not want to use the flag -K all the time (I think it will be deprecated soon). I know there is a directive of become_ask_pass in the ansible.cfg file.

I set this to be a true value i.e. become_ask_pass = True, but running a playbook with this true value, gave me an error message and Ansible did not ask for a password.

When I set the deprecated ask_sudo_pass t be the true value, then Ansible asked for the password, but printed deprecation information.

I tried to install version 2.6.4 and the behaviour is still the same.

Why become_ask_pass and ask_sudo_pass, don't work in the same way? Am I missing something?

score 4 · Answer 1 · edited Sep 16 '18 at 16:46

I consulted the official docs many times before finding a solution.

ask_sudo_pass works out of the box when placed inside ansible.cfg in your repo, because in a simple configuration file (you have a simple config when you are an apprentice) the only section you probably have is [defaults].

[defaults]
some_stuff = ...
ask_sudo_pass = True

And this works... because ask_sudo_pass should be in the defaults section. But become_ask_pass should be in the privilege_escalation section, not defaults:

[privilege_escalation]
become_ask_pass = True

Please pay attention to "Ini section" too, it is as much important as the "Ini value". https://docs.ansible.com/ansible/latest/reference_appendices/config.html.

ansible.cfg become_ask_pass not working

1 Answers1