ansible-playbook [core 2.17.13rc1] config file = None configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.12/site-packages/ansible ansible collection location = /tmp/collections-LiP executable location = /usr/local/bin/ansible-playbook python version = 3.12.11 (main, Jun 4 2025, 00:00:00) [GCC 14.2.1 20250110 (Red Hat 14.2.1-8)] (/usr/bin/python3.12) jinja version = 3.1.6 libyaml = True No config file found; using defaults running playbook inside collection fedora.linux_system_roles Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'jsonl', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: tests_role_applied.yml *********************************************** 1 plays in /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/tests/sudo/tests_role_applied.yml PLAY [Test rewrite default sudoers and remove unauthorized files] ************** TASK [Gathering Facts] ********************************************************* task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/tests/sudo/tests_role_applied.yml:2 Saturday 12 July 2025 19:28:45 -0400 (0:00:00.044) 0:00:00.044 ********* [WARNING]: Platform linux on host managed-node1 is using the discovered Python interpreter at /usr/bin/python3.12, but future installation of another Python interpreter could change the meaning of that path. See https://docs.ansible.com/ansible- core/2.17/reference_appendices/interpreter_discovery.html for more information. ok: [managed-node1] TASK [Test setup] ************************************************************** task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/tests/sudo/tests_role_applied.yml:7 Saturday 12 July 2025 19:28:46 -0400 (0:00:01.183) 0:00:01.228 ********* included: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/tests/sudo/tasks/setup.yml for managed-node1 TASK [Create temp test directory] ********************************************** task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/tests/sudo/tasks/setup.yml:3 Saturday 12 July 2025 19:28:46 -0400 (0:00:00.031) 0:00:01.259 ********* changed: [managed-node1] => { "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/var/tmp/sudo_0ru18ibs", "secontext": "unconfined_u:object_r:user_tmp_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [Backup sudoers] ********************************************************** task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/tests/sudo/tasks/setup.yml:10 Saturday 12 July 2025 19:28:46 -0400 (0:00:00.475) 0:00:01.735 ********* changed: [managed-node1] => { "changed": true, "checksum": "e7f68410087808d301bd81bc78423b1227123bf2", "dest": "/var/tmp/sudo_0ru18ibs/sudoers", "gid": 0, "group": "root", "md5sum": "e46a568fe9aa73104a1781f414ca6baf", "mode": "0644", "owner": "root", "secontext": "system_u:object_r:etc_t:s0", "size": 771, "src": "/etc/sudoers", "state": "file", "uid": 0 } TASK [Backup sudoers.d] ******************************************************** task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/tests/sudo/tasks/setup.yml:19 Saturday 12 July 2025 19:28:47 -0400 (0:00:00.431) 0:00:02.166 ********* changed: [managed-node1] => { "changed": true, "checksum": null, "dest": "/var/tmp/sudo_0ru18ibs/sudoers.d", "gid": 0, "group": "root", "md5sum": null, "mode": "0644", "owner": "root", "secontext": "unconfined_u:object_r:user_tmp_t:s0", "size": 23, "src": "/etc/sudoers.d", "state": "directory", "uid": 0 } TASK [Run the role] ************************************************************ task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/tests/sudo/tests_role_applied.yml:10 Saturday 12 July 2025 19:28:47 -0400 (0:00:00.351) 0:00:02.517 ********* included: fedora.linux_system_roles.sudo for managed-node1 TASK [fedora.linux_system_roles.sudo : Set version specific variables] ********* task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/main.yml:2 Saturday 12 July 2025 19:28:47 -0400 (0:00:00.035) 0:00:02.553 ********* included: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/set_vars.yml for managed-node1 TASK [fedora.linux_system_roles.sudo : Ensure ansible_facts used by role] ****** task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/set_vars.yml:2 Saturday 12 July 2025 19:28:47 -0400 (0:00:00.021) 0:00:02.574 ********* skipping: [managed-node1] => { "changed": false, "false_condition": "__sudo_required_facts | difference(ansible_facts.keys() | list) | length > 0", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.sudo : Check if system is ostree] ************** task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/set_vars.yml:10 Saturday 12 July 2025 19:28:47 -0400 (0:00:00.034) 0:00:02.608 ********* ok: [managed-node1] => { "changed": false, "stat": { "exists": false } } TASK [fedora.linux_system_roles.sudo : Set flag to indicate system is ostree] *** task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/set_vars.yml:15 Saturday 12 July 2025 19:28:48 -0400 (0:00:00.482) 0:00:03.091 ********* ok: [managed-node1] => { "ansible_facts": { "__sudo_is_ostree": false }, "changed": false } TASK [fedora.linux_system_roles.sudo : Check if transactional-update exists in /sbin] *** task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/set_vars.yml:22 Saturday 12 July 2025 19:28:48 -0400 (0:00:00.022) 0:00:03.114 ********* ok: [managed-node1] => { "changed": false, "stat": { "exists": false } } TASK [fedora.linux_system_roles.sudo : Set flag if transactional-update exists] *** task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/set_vars.yml:27 Saturday 12 July 2025 19:28:48 -0400 (0:00:00.349) 0:00:03.464 ********* ok: [managed-node1] => { "ansible_facts": { "__sudo_is_transactional": false }, "changed": false } TASK [fedora.linux_system_roles.sudo : Set platform/version specific variables] *** task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/set_vars.yml:31 Saturday 12 July 2025 19:28:48 -0400 (0:00:00.031) 0:00:03.495 ********* skipping: [managed-node1] => (item=RedHat.yml) => { "ansible_loop_var": "item", "changed": false, "false_condition": "__vars_file is file", "item": "RedHat.yml", "skip_reason": "Conditional result was False" } skipping: [managed-node1] => (item=CentOS.yml) => { "ansible_loop_var": "item", "changed": false, "false_condition": "__vars_file is file", "item": "CentOS.yml", "skip_reason": "Conditional result was False" } skipping: [managed-node1] => (item=CentOS_10.yml) => { "ansible_loop_var": "item", "changed": false, "false_condition": "__vars_file is file", "item": "CentOS_10.yml", "skip_reason": "Conditional result was False" } skipping: [managed-node1] => (item=CentOS_10.yml) => { "ansible_loop_var": "item", "changed": false, "false_condition": "__vars_file is file", "item": "CentOS_10.yml", "skip_reason": "Conditional result was False" } skipping: [managed-node1] => { "changed": false } MSG: All items skipped TASK [fedora.linux_system_roles.sudo : Scan sudoers] *************************** task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/main.yml:5 Saturday 12 July 2025 19:28:48 -0400 (0:00:00.032) 0:00:03.527 ********* ok: [managed-node1] => { "ansible_facts": { "sudoers": { "all_scanned_files": [ "/etc/sudoers.d/pingers", "/etc/sudoers.d/root", "/etc/sudoers" ], "sudoers_files": [ { "defaults": [ "!visiblepw", "always_set_home", "match_group_by_gid", "always_query_group_plugin", "env_reset", { "secure_path": [ "/sbin", "/bin", "/usr/sbin", "/usr/bin" ] }, { "env_keep": [ "COLORS", "DISPLAY", "HOSTNAME", "HISTSIZE", "KDEDIR", "LS_COLORS", "MAIL", "PS1", "PS2", "QTDIR", "USERNAME", "LANG", "LC_ADDRESS", "LC_CTYPE", "LC_COLLATE", "LC_IDENTIFICATION", "LC_MEASUREMENT", "LC_MESSAGES", "LC_MONETARY", "LC_NAME", "LC_NUMERIC", "LC_PAPER", "LC_TELEPHONE", "LC_TIME", "LC_ALL", "LANGUAGE", "LINGUAS", "_XKB_CHARSET", "XAUTHORITY" ] } ], "include_directories": [ "/etc/sudoers.d" ], "include_files": [ "/etc/sudoers.d/pingers", "/etc/sudoers.d/root" ], "path": "/etc/sudoers", "user_specifications": [ { "commands": [ "ALL" ], "hosts": [ "ALL" ], "operators": [ "ALL" ], "users": [ "root" ] }, { "commands": [ "ALL" ], "hosts": [ "ALL" ], "operators": [ "ALL" ], "users": [ "%wheel" ] } ] }, { "path": "/etc/sudoers.d/pingers", "user_specifications": [ {} ] }, { "defaults": [ "syslog=auth" ], "path": "/etc/sudoers.d/root", "user_specifications": [ {} ] } ] } }, "changed": false } TASK [fedora.linux_system_roles.sudo : Sudo is already configured - skip rest of role] *** task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/main.yml:12 Saturday 12 July 2025 19:28:49 -0400 (0:00:00.433) 0:00:03.960 ********* META: end_host conditional evaluated to False, continuing execution for managed-node1 skipping: [managed-node1] => { "skip_reason": "end_host conditional evaluated to False, continuing execution for managed-node1" } MSG: end_host conditional evaluated to false, continuing execution for managed-node1 TASK [fedora.linux_system_roles.sudo : Ensure sudo is installed] *************** task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/main.yml:20 Saturday 12 July 2025 19:28:49 -0400 (0:00:00.029) 0:00:03.989 ********* ok: [managed-node1] => { "changed": false, "rc": 0, "results": [] } MSG: Nothing to do lsrpackages: sudo TASK [fedora.linux_system_roles.sudo : Notify user that reboot is needed to apply changes] *** task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/main.yml:32 Saturday 12 July 2025 19:28:49 -0400 (0:00:00.866) 0:00:04.856 ********* skipping: [managed-node1] => { "false_condition": "__sudo_is_transactional | d(false)" } TASK [fedora.linux_system_roles.sudo : Reboot transactional update systems] **** task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/main.yml:37 Saturday 12 July 2025 19:28:49 -0400 (0:00:00.014) 0:00:04.871 ********* skipping: [managed-node1] => { "changed": false, "false_condition": "__sudo_is_transactional | d(false)", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.sudo : Fail if reboot is needed and not set] *** task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/main.yml:42 Saturday 12 July 2025 19:28:49 -0400 (0:00:00.014) 0:00:04.885 ********* skipping: [managed-node1] => { "changed": false, "false_condition": "__sudo_is_transactional | d(false)", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.sudo : Set include directories variable] ******* task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/main.yml:50 Saturday 12 July 2025 19:28:49 -0400 (0:00:00.013) 0:00:04.899 ********* ok: [managed-node1] => { "ansible_facts": { "sudo_include_dirs": [ "/etc/sudoers.d" ] }, "changed": false } TASK [fedora.linux_system_roles.sudo : Set sudoer file paths variable] ********* task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/main.yml:54 Saturday 12 July 2025 19:28:50 -0400 (0:00:00.019) 0:00:04.918 ********* ok: [managed-node1] => { "ansible_facts": { "sudo_file_paths": [ "/etc/sudoers" ] }, "changed": false } TASK [fedora.linux_system_roles.sudo : Ensure include directories are created] *** task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/main.yml:58 Saturday 12 July 2025 19:28:50 -0400 (0:00:00.020) 0:00:04.938 ********* ok: [managed-node1] => (item=/etc/sudoers.d) => { "ansible_loop_var": "item", "changed": false, "gid": 0, "group": "root", "item": "/etc/sudoers.d", "mode": "0750", "owner": "root", "path": "/etc/sudoers.d", "secontext": "system_u:object_r:etc_t:s0", "size": 50, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.sudo : Ensure sudoers include files are configured] *** task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/main.yml:68 Saturday 12 July 2025 19:28:50 -0400 (0:00:00.454) 0:00:05.393 ********* skipping: [managed-node1] => (item=/etc/sudoers) => { "ansible_loop_var": "item", "changed": false, "false_condition": "item.path != \"/etc/sudoers\"", "item": { "defaults": [ "!visiblepw", "always_set_home", "match_group_by_gid", "always_query_group_plugin", "env_reset", { "secure_path": [ "/sbin", "/bin", "/usr/sbin", "/usr/bin" ] }, { "env_keep": [ "COLORS", "DISPLAY", "HOSTNAME", "HISTSIZE", "KDEDIR", "LS_COLORS", "MAIL", "PS1", "PS2", "QTDIR", "USERNAME", "LANG", "LC_ADDRESS", "LC_CTYPE", "LC_COLLATE", "LC_IDENTIFICATION", "LC_MEASUREMENT", "LC_MESSAGES", "LC_MONETARY", "LC_NAME", "LC_NUMERIC", "LC_PAPER", "LC_TELEPHONE", "LC_TIME", "LC_ALL", "LANGUAGE", "LINGUAS", "_XKB_CHARSET", "XAUTHORITY" ] } ], "include_directories": [ "/etc/sudoers.d" ], "path": "/etc/sudoers", "user_specifications": [ { "commands": [ "ALL" ], "hosts": [ "ALL" ], "operators": [ "ALL" ], "users": [ "root" ] }, { "commands": [ "ALL" ], "hosts": [ "ALL" ], "operators": [ "ALL" ], "users": [ "%wheel" ] } ] }, "skip_reason": "Conditional result was False" } skipping: [managed-node1] => { "changed": false } MSG: All items skipped TASK [fedora.linux_system_roles.sudo : Ensure /etc/sudoers is configured] ****** task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/main.yml:81 Saturday 12 July 2025 19:28:50 -0400 (0:00:00.019) 0:00:05.413 ********* changed: [managed-node1] => (item=/etc/sudoers) => { "ansible_loop_var": "item", "changed": true, "checksum": "fc5c161eed42bf4d12f49c476bfc46e8e56097d2", "dest": "/etc/sudoers", "gid": 0, "group": "root", "item": { "defaults": [ "!visiblepw", "always_set_home", "match_group_by_gid", "always_query_group_plugin", "env_reset", { "secure_path": [ "/sbin", "/bin", "/usr/sbin", "/usr/bin" ] }, { "env_keep": [ "COLORS", "DISPLAY", "HOSTNAME", "HISTSIZE", "KDEDIR", "LS_COLORS", "MAIL", "PS1", "PS2", "QTDIR", "USERNAME", "LANG", "LC_ADDRESS", "LC_CTYPE", "LC_COLLATE", "LC_IDENTIFICATION", "LC_MEASUREMENT", "LC_MESSAGES", "LC_MONETARY", "LC_NAME", "LC_NUMERIC", "LC_PAPER", "LC_TELEPHONE", "LC_TIME", "LC_ALL", "LANGUAGE", "LINGUAS", "_XKB_CHARSET", "XAUTHORITY" ] } ], "include_directories": [ "/etc/sudoers.d" ], "path": "/etc/sudoers", "user_specifications": [ { "commands": [ "ALL" ], "hosts": [ "ALL" ], "operators": [ "ALL" ], "users": [ "root" ] }, { "commands": [ "ALL" ], "hosts": [ "ALL" ], "operators": [ "ALL" ], "users": [ "%wheel" ] } ] }, "md5sum": "10930d4d72a2804fdbc804a21a30f856", "mode": "0440", "owner": "root", "secontext": "system_u:object_r:etc_t:s0", "size": 813, "src": "/root/.ansible/tmp/ansible-tmp-1752362930.542093-9250-62400550632872/.source", "state": "file", "uid": 0 } TASK [fedora.linux_system_roles.sudo : Search for sudoers files in included directories] *** task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/main.yml:101 Saturday 12 July 2025 19:28:51 -0400 (0:00:00.712) 0:00:06.125 ********* ok: [managed-node1] => { "changed": false, "examined": 8, "files": [ { "atime": 1752362919.8855813, "ctime": 1752362918.5615735, "dev": 51714, "gid": 0, "gr_name": "root", "inode": 587202755, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mode": "0440", "mtime": 1752362918.5620654, "nlink": 1, "path": "/etc/sudoers.d/pingers", "pw_name": "root", "rgrp": true, "roth": false, "rusr": true, "size": 106, "uid": 0, "wgrp": false, "woth": false, "wusr": false, "xgrp": false, "xoth": false, "xusr": false }, { "atime": 1752362908.324512, "ctime": 1752362907.611508, "dev": 51714, "gid": 0, "gr_name": "root", "inode": 398459076, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mode": "0440", "mtime": 1752362907.3505063, "nlink": 1, "path": "/etc/sudoers.d/root", "pw_name": "root", "rgrp": true, "roth": false, "rusr": true, "size": 154, "uid": 0, "wgrp": false, "woth": false, "wusr": false, "xgrp": false, "xoth": false, "xusr": false }, { "atime": 1752362923.835605, "ctime": 1752362923.834605, "dev": 51714, "gid": 0, "gr_name": "root", "inode": 692060353, "isblk": false, "ischr": false, "isdir": true, "isfifo": false, "isgid": false, "islnk": false, "isreg": false, "issock": false, "isuid": false, "mode": "0644", "mtime": 1752362915.0455523, "nlink": 3, "path": "/etc/sudoers.d/sudoers.d", "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 23, "uid": 0, "wgrp": false, "woth": false, "wusr": true, "xgrp": false, "xoth": false, "xusr": false }, { "atime": 1752362923.835605, "ctime": 1752362923.834605, "dev": 51714, "gid": 0, "gr_name": "root", "inode": 696254720, "isblk": false, "ischr": false, "isdir": true, "isfifo": false, "isgid": false, "islnk": false, "isreg": false, "issock": false, "isuid": false, "mode": "0755", "mtime": 1752362915.0465524, "nlink": 3, "path": "/etc/sudoers.d/sudoers.d/sudoers.d", "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 50, "uid": 0, "wgrp": false, "woth": false, "wusr": true, "xgrp": true, "xoth": true, "xusr": true }, { "atime": 1752362927.5506272, "ctime": 1752362923.833605, "dev": 51714, "gid": 0, "gr_name": "root", "inode": 696254721, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mode": "0440", "mtime": 1752362915.0455523, "nlink": 1, "path": "/etc/sudoers.d/sudoers.d/sudoers.d/pingers", "pw_name": "root", "rgrp": true, "roth": false, "rusr": true, "size": 216, "uid": 0, "wgrp": false, "woth": false, "wusr": false, "xgrp": false, "xoth": false, "xusr": false }, { "atime": 1752362927.5516274, "ctime": 1752362923.833605, "dev": 51714, "gid": 0, "gr_name": "root", "inode": 696254722, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mode": "0440", "mtime": 1752362915.0465524, "nlink": 1, "path": "/etc/sudoers.d/sudoers.d/sudoers.d/root", "pw_name": "root", "rgrp": true, "roth": false, "rusr": true, "size": 154, "uid": 0, "wgrp": false, "woth": false, "wusr": false, "xgrp": false, "xoth": false, "xusr": false }, { "atime": 1752362923.835605, "ctime": 1752362923.834605, "dev": 51714, "gid": 0, "gr_name": "root", "inode": 1033181, "isblk": false, "ischr": false, "isdir": true, "isfifo": false, "isgid": false, "islnk": false, "isreg": false, "issock": false, "isuid": false, "mode": "0644", "mtime": 1752362896.7314427, "nlink": 3, "path": "/etc/sudoers.d/sudoers.d/sudoers.d/sudoers.d", "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 23, "uid": 0, "wgrp": false, "woth": false, "wusr": true, "xgrp": false, "xoth": false, "xusr": false }, { "atime": 1752362923.835605, "ctime": 1752362923.834605, "dev": 51714, "gid": 0, "gr_name": "root", "inode": 4593471, "isblk": false, "ischr": false, "isdir": true, "isfifo": false, "isgid": false, "islnk": false, "isreg": false, "issock": false, "isuid": false, "mode": "0755", "mtime": 1752362896.7314427, "nlink": 2, "path": "/etc/sudoers.d/sudoers.d/sudoers.d/sudoers.d/sudoers.d", "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 6, "uid": 0, "wgrp": false, "woth": false, "wusr": true, "xgrp": true, "xoth": true, "xusr": true } ], "matched": 8, "skipped_paths": {} } MSG: All paths examined TASK [fedora.linux_system_roles.sudo : Set unauthorized included sudoers files variable] *** task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/main.yml:109 Saturday 12 July 2025 19:28:51 -0400 (0:00:00.446) 0:00:06.572 ********* ok: [managed-node1] => { "ansible_facts": { "sudo_unauthorized_files": [ "/etc/sudoers.d/root", "/etc/sudoers.d/sudoers.d", "/etc/sudoers.d/sudoers.d/sudoers.d", "/etc/sudoers.d/sudoers.d/sudoers.d/root", "/etc/sudoers.d/sudoers.d/sudoers.d/pingers", "/etc/sudoers.d/sudoers.d/sudoers.d/sudoers.d", "/etc/sudoers.d/sudoers.d/sudoers.d/sudoers.d/sudoers.d", "/etc/sudoers.d/pingers" ] }, "changed": false } TASK [fedora.linux_system_roles.sudo : Remove unauthorized included sudoers files] *** task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/main.yml:113 Saturday 12 July 2025 19:28:51 -0400 (0:00:00.023) 0:00:06.595 ********* changed: [managed-node1] => (item=/etc/sudoers.d/root) => { "ansible_loop_var": "item", "changed": true, "item": "/etc/sudoers.d/root", "path": "/etc/sudoers.d/root", "state": "absent" } changed: [managed-node1] => (item=/etc/sudoers.d/sudoers.d) => { "ansible_loop_var": "item", "changed": true, "item": "/etc/sudoers.d/sudoers.d", "path": "/etc/sudoers.d/sudoers.d", "state": "absent" } ok: [managed-node1] => (item=/etc/sudoers.d/sudoers.d/sudoers.d) => { "ansible_loop_var": "item", "changed": false, "item": "/etc/sudoers.d/sudoers.d/sudoers.d", "path": "/etc/sudoers.d/sudoers.d/sudoers.d", "state": "absent" } ok: [managed-node1] => (item=/etc/sudoers.d/sudoers.d/sudoers.d/root) => { "ansible_loop_var": "item", "changed": false, "item": "/etc/sudoers.d/sudoers.d/sudoers.d/root", "path": "/etc/sudoers.d/sudoers.d/sudoers.d/root", "state": "absent" } ok: [managed-node1] => (item=/etc/sudoers.d/sudoers.d/sudoers.d/pingers) => { "ansible_loop_var": "item", "changed": false, "item": "/etc/sudoers.d/sudoers.d/sudoers.d/pingers", "path": "/etc/sudoers.d/sudoers.d/sudoers.d/pingers", "state": "absent" } ok: [managed-node1] => (item=/etc/sudoers.d/sudoers.d/sudoers.d/sudoers.d) => { "ansible_loop_var": "item", "changed": false, "item": "/etc/sudoers.d/sudoers.d/sudoers.d/sudoers.d", "path": "/etc/sudoers.d/sudoers.d/sudoers.d/sudoers.d", "state": "absent" } ok: [managed-node1] => (item=/etc/sudoers.d/sudoers.d/sudoers.d/sudoers.d/sudoers.d) => { "ansible_loop_var": "item", "changed": false, "item": "/etc/sudoers.d/sudoers.d/sudoers.d/sudoers.d/sudoers.d", "path": "/etc/sudoers.d/sudoers.d/sudoers.d/sudoers.d/sudoers.d", "state": "absent" } changed: [managed-node1] => (item=/etc/sudoers.d/pingers) => { "ansible_loop_var": "item", "changed": true, "item": "/etc/sudoers.d/pingers", "path": "/etc/sudoers.d/pingers", "state": "absent" } TASK [Check sudoers] *********************************************************** task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/tests/sudo/tests_role_applied.yml:17 Saturday 12 July 2025 19:28:54 -0400 (0:00:02.749) 0:00:09.345 ********* included: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/tests/sudo/tasks/assert_files_identical.yml for managed-node1 TASK [Get stat of files/tests_role_applied.ok] ********************************* task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/tests/sudo/tasks/assert_files_identical.yml:3 Saturday 12 July 2025 19:28:54 -0400 (0:00:00.023) 0:00:09.368 ********* ok: [managed-node1 -> localhost] => { "changed": false, "stat": { "atime": 1752362876.9213495, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "59865a2d50f870e99cabad1aa9832881ebe54d4e70f16b9688e677f647d680d8", "ctime": 1752362880.2864065, "dev": 51714, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 155189461, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/x-c", "mode": "0644", "mtime": 1752362876.7593467, "nlink": 1, "path": "files/tests_role_applied.ok", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 813, "uid": 0, "version": "3514363369", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Get stat of /etc/sudoers] ************************************************ task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/tests/sudo/tasks/assert_files_identical.yml:10 Saturday 12 July 2025 19:28:54 -0400 (0:00:00.219) 0:00:09.588 ********* ok: [managed-node1] => { "changed": false, "stat": { "atime": 1752362931.1539392, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "59865a2d50f870e99cabad1aa9832881ebe54d4e70f16b9688e677f647d680d8", "ctime": 1752362931.155649, "dev": 51714, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 121635074, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/x-c", "mode": "0440", "mtime": 1752362931.1539402, "nlink": 1, "path": "/etc/sudoers", "pw_name": "root", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 813, "uid": 0, "version": "2803111385", "wgrp": false, "woth": false, "writeable": true, "wusr": false, "xgrp": false, "xoth": false, "xusr": false } } TASK [Assert that files are identical] ***************************************** task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/tests/sudo/tasks/assert_files_identical.yml:16 Saturday 12 July 2025 19:28:55 -0400 (0:00:00.356) 0:00:09.945 ********* ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [Test cleanup] ************************************************************ task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/tests/sudo/tests_role_applied.yml:24 Saturday 12 July 2025 19:28:55 -0400 (0:00:00.016) 0:00:09.961 ********* included: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/tests/sudo/tasks/cleanup.yml for managed-node1 TASK [Restore sudoers] ********************************************************* task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/tests/sudo/tasks/cleanup.yml:3 Saturday 12 July 2025 19:28:55 -0400 (0:00:00.023) 0:00:09.985 ********* changed: [managed-node1] => { "changed": true, "checksum": "e7f68410087808d301bd81bc78423b1227123bf2", "dest": "/etc/sudoers", "gid": 0, "group": "root", "md5sum": "e46a568fe9aa73104a1781f414ca6baf", "mode": "0644", "owner": "root", "secontext": "system_u:object_r:etc_t:s0", "size": 771, "src": "/var/tmp/sudo_0ru18ibs/sudoers", "state": "file", "uid": 0 } TASK [Restore sudoers.d] ******************************************************* task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/tests/sudo/tasks/cleanup.yml:12 Saturday 12 July 2025 19:28:55 -0400 (0:00:00.351) 0:00:10.336 ********* changed: [managed-node1] => { "changed": true, "checksum": null, "dest": "/etc/sudoers.d/sudoers.d", "gid": 0, "group": "root", "md5sum": null, "mode": "0644", "owner": "root", "secontext": "unconfined_u:object_r:user_tmp_t:s0", "size": 23, "src": "/var/tmp/sudo_0ru18ibs/sudoers.d", "state": "directory", "uid": 0 } TASK [Clean up temp directory] ************************************************* task path: /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/tests/sudo/tasks/cleanup.yml:21 Saturday 12 July 2025 19:28:55 -0400 (0:00:00.352) 0:00:10.689 ********* changed: [managed-node1] => { "changed": true, "path": "/var/tmp/sudo_0ru18ibs", "state": "absent" } PLAY RECAP ********************************************************************* managed-node1 : ok=28 changed=8 unreachable=0 failed=0 skipped=6 rescued=0 ignored=0 SYSTEM ROLES ERRORS BEGIN v1 [] SYSTEM ROLES ERRORS END v1 TASKS RECAP ******************************************************************** Saturday 12 July 2025 19:28:56 -0400 (0:00:00.349) 0:00:11.038 ********* =============================================================================== fedora.linux_system_roles.sudo : Remove unauthorized included sudoers files --- 2.75s /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/main.yml:113 Gathering Facts --------------------------------------------------------- 1.18s /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/tests/sudo/tests_role_applied.yml:2 fedora.linux_system_roles.sudo : Ensure sudo is installed --------------- 0.87s /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/main.yml:20 fedora.linux_system_roles.sudo : Ensure /etc/sudoers is configured ------ 0.71s /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/main.yml:81 fedora.linux_system_roles.sudo : Check if system is ostree -------------- 0.48s /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/set_vars.yml:10 Create temp test directory ---------------------------------------------- 0.48s /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/tests/sudo/tasks/setup.yml:3 fedora.linux_system_roles.sudo : Ensure include directories are created --- 0.45s /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/main.yml:58 fedora.linux_system_roles.sudo : Search for sudoers files in included directories --- 0.45s /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/main.yml:101 fedora.linux_system_roles.sudo : Scan sudoers --------------------------- 0.43s /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/main.yml:5 Backup sudoers ---------------------------------------------------------- 0.43s /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/tests/sudo/tasks/setup.yml:10 Get stat of /etc/sudoers ------------------------------------------------ 0.36s /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/tests/sudo/tasks/assert_files_identical.yml:10 Restore sudoers.d ------------------------------------------------------- 0.35s /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/tests/sudo/tasks/cleanup.yml:12 Restore sudoers --------------------------------------------------------- 0.35s /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/tests/sudo/tasks/cleanup.yml:3 Backup sudoers.d -------------------------------------------------------- 0.35s /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/tests/sudo/tasks/setup.yml:19 fedora.linux_system_roles.sudo : Check if transactional-update exists in /sbin --- 0.35s /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/set_vars.yml:22 Clean up temp directory ------------------------------------------------- 0.35s /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/tests/sudo/tasks/cleanup.yml:21 Get stat of files/tests_role_applied.ok --------------------------------- 0.22s /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/tests/sudo/tasks/assert_files_identical.yml:3 Run the role ------------------------------------------------------------ 0.04s /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/tests/sudo/tests_role_applied.yml:10 fedora.linux_system_roles.sudo : Ensure ansible_facts used by role ------ 0.03s /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/set_vars.yml:2 fedora.linux_system_roles.sudo : Set platform/version specific variables --- 0.03s /tmp/collections-LiP/ansible_collections/fedora/linux_system_roles/roles/sudo/tasks/set_vars.yml:31