Ansible --become not working when “sudo with NOPASSWD” is not activated on remote machine - MODULE FAILURE
49 views
Skip to first unread message
Mohit Dhingra
Jan 15, 2021, 3:55:04 AM1/15/21
to Ansible Project
Hi,
In remote server, normal user is having sudo access but NOPASSWD not activated. sudo su - command ask for user password. I am trying to run a command using Ansible as providing sudo password but its not working getting "MODULE FAILURE\nSee stdout/stderr for the exact error" error. Please check below logs.
Inventory file
_______________________________________________________________
[root@**-*****2 ~]# cat inventory
[prod]
10.***.***.250 ansible_user=m**** ansible_password=*******
_______________________________________________________________
Its working with normal user
_______________________________________________________________
[root@****** ~]# ansible prod -m ping10.***.***.250 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
_______________________________________________________________
But when i switch to become
_______________________________________________________________
[root@****** ~]# ansible prod -m ping --become
10.***.***.250 | FAILED! => {
"msg": "Missing sudo password"
}
_______________________________________________________________
when i provide Sudo Password.
[root@****** ~]# ansible prod -m ping --become -K
BECOME password:
10.***.***.250 | FAILED! => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"module_stderr": "Shared connection to 10.***.***.250 closed.\r\n",
"module_stdout": "\r\n",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 1
}
_______________________________________________________________
the verbose output of above error is
10.***.***.250 | FAILED! => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"module_stderr": "OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 58: Applying options for *\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: done pid = 21356\r\ndebug3: mux_client_request_session: session request sent\r\ndebug1: mux_client_request_session: master session id: 2\r\ndebug3: mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received exit status from master 1\r\nShared connection to 10.***.***.250 closed.\r\n",
"module_stdout": "\r\n",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 1
}
_______________________________________________________________
Jean-Yves LENHOF
Jan 15, 2021, 4:06:58 AM1/15/21
to ansible...@googlegroups.com
Hi,
Sounds strange indeed.
Please try to connect to remote server with ssh with remote_user, and do a "sudo ls /" for example to see if the problem occurs
You did authorize all commands for sudo and not only "sudo su -"?
(something like this below)
%sudo ALL=(ALL:ALL) ALL
Regards,
JYL
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/4d71cdd1-5849-4bdd-a055-1499ebb6a6ean%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages