Ansible Temporary Files Issues with Pbrun

Symptom

   When we do a simple pwd command via pbrun from ansible , it error out

ansible xxxx.com -i ./hosts_t -u guid --become-user=oracle -k -K -b -m command -a 'pwd'

FAILED | rc=-1 >>
Failed to set permissions on the temporary files Ansible needs to create when becoming an unprivileged user (rc: 1, err: chown: changing ownership of `/tmp/ansible-tmp-1521520911.62-5031142116596/': Operation not permitted
chown: changing ownership of `/tmp/ansible-tmp-1521520911.62-5031142116596/command.py': Operation not permitted
}). For information on working around this, see https://docs.ansible.com/ansible/become.html#becoming-an-unprivileged-user

 Diagnosis:

 Find the note in github to set parameter in ansible.cfg

 allow_world_readable_tmpfiles = true

 However after that, we received another error: 

 (127, 'pbrun9.3.0-07[340105]: 3201.08 Exec of /bin/bash failed: Resource temporarily unavailable\r\n', 'Shared connection to ucmdx4007.us.oracle.com closed.\r\n')

 The error is related to OS settings . It seems pbrun has issues to run a bash and we can reproduce it via pbrun content-ansible -u pwd

  After digging around,  we found by default OS has limit for number of user's processes. The pbrun needs more than 1024 to exec bash commands.
cat /etc/security/limits.d/90-nproc.conf
# Default limit for number of user's processes to prevent
# accidental fork bombs.
# See rhbz #432903 for reasoning.

*          soft    nproc     1024
root       soft    nproc     unlimited

Solution:

comment  "*          soft    nproc     1024" in the /etc/security/limits.d/90-nproc.conf

set parameter in ansible.cfg -- allow_world_readable_tmpfiles = true