become_user doesnt work and su - user in ansible shell module just hangs

18 views
Skip to first unread message

chavali shruti

unread,
Jun 21, 2020, 8:44:24 AM6/21/20
to Ansible Development
Hi all,

Ansible version: 

ansible 2.8.0
  config file = */ansible/ansible.cfg
  configured module search path = ['*/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = */.virtualenvs/redfish/lib/python3.6/site-packages/ansible
  executable location = */.virtualenvs/redfish/bin/ansible
  python version = 3.6.9 (default, Oct 29 2019, 10:39:36) [GCC]

I have created few vm's using ansible. I have to run few commands on those vm's, as a different user. I am not able to switch to that user using any method. I think it might be some config issue, which I am missing.

Target OS: Rhel 7.6

My task inside my playbook is as follows:

---
- name: Sample playbook
  hosts: all
  remote_user: root
  #become: yes
  gather_facts: True

  tasks:
  - name: switch user
    shell: su - ****
    delegate_to: testvm

The above code hangs, may be because it expects password.

I tried,

  tasks:
  - name: switch user
    shell: my_command
    become: yes
    become_user: ****
    delegate_to: testvm

This runs the command on the root login itself, and fails as the command only exists for the other user.
become documentation doesnt mention any config file change.

I need help, if there is any config file I need to change, for this to work. Please suggest. 

Thanks and Regards,
Shruti


Mike Sawyers

unread,
Jun 23, 2020, 9:00:49 AM6/23/20
to chavali shruti, Ansible Development
Shruti,

The default behavior of become is to use sudo, you don't mention if you checked that sudo as the ansible user works correctly or if it is say, prompting for a password or something that you need to provide.

That may not be your problem but I would start troubleshooting there. Of course you should also try and get verbose output with -vvv when possible but it sounds like it is either waiting for something to time out or for user input so that may not help as much for this specific issue.

Good luck

--
You received this message because you are subscribed to the Google Groups "Ansible Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-deve...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-devel/a644571e-de85-443f-a74d-0ed407e48f0eo%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages