Ansible 1.7.2, sudo_user don't work properly
83 views
Skip to first unread message
Волков Евгений
Nov 24, 2014, 8:48:54 AM11/24/14
to ansible...@googlegroups.com
HI,
I had some problems with sudo_user switching. Config file not changed.
ansible 1.7.2
test.yml
---
- hosts: test_host.local
remote_user: notroot
tasks:
- name: test1
sudo_user: test
shell: whoami
- name: test2
sudo: yes
sudo_user: test
shell: whoami
***********************************************************
ansible-playbook test.yml -v
PLAY [test_host.local] *****************************
GATHERING FACTS ***************************************************************
ok: [test_host.local]
TASK: [test1] *****************************************************************
changed: [test_host.local] => {"changed": true, "cmd": "whoami", "delta": "0:00:00.002587", "end": "2014-11-24 15:41:03.876659", "rc": 0, "start": "2014-11-24 15:41:03.874072", "stderr": "", "stdout": "notroot"}
TASK: [test2] *****************************************************************
changed: [test_host.local] => {"changed": true, "cmd": "whoami", "delta": "0:00:00.002617", "end": "2014-11-24 15:41:04.847170", "rc": 0, "start": "2014-11-24 15:41:04.844553", "stderr": "", "stdout": "root"}
PLAY RECAP ********************************************************************
test_host.local : ok=3 changed=2 unreachable=0 failed=0
***********************************************************
In docs, I saw this example:
Help please. How can i execute command under specific user, not root end not remote user?
I had some problems with sudo_user switching. Config file not changed.
ansible 1.7.2
test.yml
---
- hosts: test_host.local
remote_user: notroot
tasks:
- name: test1
sudo_user: test
shell: whoami
- name: test2
sudo: yes
sudo_user: test
shell: whoami
***********************************************************
ansible-playbook test.yml -v
PLAY [test_host.local] *****************************
GATHERING FACTS ***************************************************************
ok: [test_host.local]
TASK: [test1] *****************************************************************
changed: [test_host.local] => {"changed": true, "cmd": "whoami", "delta": "0:00:00.002587", "end": "2014-11-24 15:41:03.876659", "rc": 0, "start": "2014-11-24 15:41:03.874072", "stderr": "", "stdout": "notroot"}
TASK: [test2] *****************************************************************
changed: [test_host.local] => {"changed": true, "cmd": "whoami", "delta": "0:00:00.002617", "end": "2014-11-24 15:41:04.847170", "rc": 0, "start": "2014-11-24 15:41:04.844553", "stderr": "", "stdout": "root"}
PLAY RECAP ********************************************************************
test_host.local : ok=3 changed=2 unreachable=0 failed=0
***********************************************************
In docs, I saw this example:
http://docs.ansible.com/playbooks_intro.html
You can also login as you, and then sudo to different users than root:
But as you see it's not quite right.--- - hosts: webservers remote_user: yourname sudo: yes sudo_user: postgres
Help please. How can i execute command under specific user, not root end not remote user?
Michael DeHaan
Nov 24, 2014, 5:34:36 PM11/24/14
to ansible...@googlegroups.com
Looks like setting "sudo_user" on a task doesn't actively cause it to invoke sudo on that task. To me, I think it should.
Can you file a ticket on this if you are seeing this in Ansible 1.7.2 or later?
Thanks!
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/523e4274-c75c-485c-80cb-2f27be2e7ade%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Volkov Evgeny
Nov 25, 2014, 5:13:36 AM11/25/14
to ansible...@googlegroups.com
Server: Linux Mint 17
Remote host: Ubuntu Server 14.04 LTS
Remote host: Ubuntu Server 14.04 LTS
Igor Homyakov
Nov 25, 2014, 6:00:46 AM11/25/14
to ansible...@googlegroups.com
Hi Evgeny,
You've missed `sudo: yes` in a first task
`sudo: yes` is mandatory `sudo_user` doesn't enable 'sudoing'
-- Best, Igor
On Tue, Nov 25, 2014 at 1:13 PM, Volkov Evgeny <eovo...@gmail.com> wrote:
> Server: Linux Mint 17
> Remote host: Ubuntu Server 14.04 LTS
>
You've missed `sudo: yes` in a first task
`sudo: yes` is mandatory `sudo_user` doesn't enable 'sudoing'
-- Best, Igor
On Tue, Nov 25, 2014 at 1:13 PM, Volkov Evgeny <eovo...@gmail.com> wrote:
> Server: Linux Mint 17
> Remote host: Ubuntu Server 14.04 LTS
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-proje...@googlegroups.com.
> To post to this group, send email to ansible...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/6b717d6a-636c-4695-b7ac-5d991dc5ff16%40googlegroups.com.
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-proje...@googlegroups.com.
> To post to this group, send email to ansible...@googlegroups.com.
> To view this discussion on the web visit
Volkov Evgeny
Nov 27, 2014, 9:05:48 AM11/27/14
to ansible...@googlegroups.com
Hi Igor,
Yes, I know it and I do it specially. I wanted to show results of both variants. And main problem showed in a second task.
вторник, 25 ноября 2014 г., 13:00:46 UTC+2 пользователь Igor Khomyakov написал:
Yes, I know it and I do it specially. I wanted to show results of both variants. And main problem showed in a second task.
вторник, 25 ноября 2014 г., 13:00:46 UTC+2 пользователь Igor Khomyakov написал:
Reply all
Reply to author
Forward
0 new messages