ansible.builtin.sh – POSIX shell (/bin/sh)

Note

This module is part of ansible-base and included in all Ansible installations. In most cases, you can use the short module name sh even without specifying the collections: keyword. Despite that, we recommend you use the FQCN for easy linking to the module documentation and to avoid conflicting with other collections that may have the same module name.

Synopsis

  • This shell plugin is the one you want to use on most Unix systems, it is the most compatible and widely installed shell.

Parameters

Parameter Choices/Defaults Configuration Comments
admin_users
list / elements=string
Default:
["root", "toor"]
ini entries:

[defaults]
admin_users = ['root', 'toor']

env:ANSIBLE_ADMIN_USERS
var: ansible_admin_users
list of users to be expected to have admin privileges. This is used by the controller to determine how to share temporary files between the remote user and the become user.
async_dir
string
Default:
"~/.ansible_async"
ini entries:

[defaults]
async_dir = ~/.ansible_async

env:ANSIBLE_ASYNC_DIR
var: ansible_async_dir
Directory in which ansible will keep async job information
common_remote_group
string
added in 2.10 of ansible.builtin
ini entries:

[defaults]
common_remote_group = None

env:ANSIBLE_COMMON_REMOTE_GROUP
var: ansible_common_remote_group
Checked when Ansible needs to execute a module as a different user.
If setfacl and chown both fail and do not let the different user access the module's files, they will be chgrp'd to this group.
In order for this to work, the remote_user and become_user must share a common group and this setting must be set to that group.
environment
list / elements=string
Default:
[{}]
List of dictionaries of environment variables and their values to use when executing commands.
remote_tmp
string
Default:
"~/.ansible/tmp"
ini entries:

[defaults]
remote_tmp = ~/.ansible/tmp

env:ANSIBLE_REMOTE_TEMP
env:ANSIBLE_REMOTE_TMP
var: ansible_remote_tmp
Temporary directory to use on targets when executing tasks.
system_tmpdirs
list / elements=string
Default:
["/var/tmp", "/tmp"]
ini entries:

[defaults]
system_tmpdirs = ['/var/tmp', '/tmp']

env:ANSIBLE_SYSTEM_TMPDIRS
var: ansible_system_tmpdirs
List of valid system temporary directories on the managed machine for Ansible to choose when it cannot use ``remote_tmp``, normally due to permission issues. These must be world readable, writable, and executable. This list should only contain directories which the system administrator has pre-created with the proper ownership and permissions otherwise security issues can arise.
world_readable_temp
boolean
added in 2.10 of ansible.builtin
    Choices:
  • no
  • yes
ini entries:

[defaults]
allow_world_readable_tmpfiles = no

env:ANSIBLE_SHELL_ALLOW_WORLD_READABLE_TEMP
var: ansible_shell_allow_world_readable_temp
This makes the temporary files created on the machine world-readable and will issue a warning instead of failing the task.
It is useful when becoming an unprivileged user.

© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.11/collections/ansible/builtin/sh_shell.html