Ansible Tips Part 1: When in Doubt, Be Explicit
When copying files, using templates, or creating just about anything on a target machine via Ansible, make sure that you are as explicit as possible. Don’t assume that a file will be created with a specific owner unless you specify that owner in the Ansible task. For example, you are providing your own SSH configuration file, overridding whatever is on the system, your task will look like this: --- # roles/ssh/tasks/main.yml - name: configure ssh client configuration template: src=ssh_config.j2 dest=/etc/ssh/ssh_config sudo: yes notify: Restart ssh In this situation, you are running the task with sudo privileges, so you are assuming that this file will be owned by root:root. Looking at an Ubuntu machine confirms that this file, by default, is also owned by root:root: ...