Facing issues with ssh connection as user root

[Hasini P]

Team,  Can someone sort this out please.. We are using 2.8.18 version of ansible on our control node.
I am facing error when trying to perform ping-pong with ansible as become_user root (as pasted below). On the remote server, the user is having access to run sudo commands and user can become root by running sudo su - 
 (with become disabled, connection is working fine to any remote_user)
 
Error -------------------_>
1x.xx.xxx.xx | FAILED! => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": false,
    "module_stderr": "OpenSSH_7.4p1, OpenSSL 1.0.2k-fips  26 Jan 2017\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 58: Applying options for *\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 4 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: done pid = 31364\r\ndebug3: mux_client_request_session: session request sent\r\ndebug1: mux_client_request_session: master session id: 2\r\ndebug3: mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received exit status from master 1\r\nShared connection to 1x.xx.xxx.xx closed.\r\n",
    "module_stdout": "",
    "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
    "rc": 1
 
I have used the below privilege escalation and tried ssh_connection parameters in ansible config file
[privilege_escalation]
become=True
become_method=sudo
become_user=root
become_ask_pass=True
 
[ssh_connection]
ssh_args='-C -o ControlMaster=auto -o ControlPersist=60s'
pipelining=False
------------------------------------------------------------------------------------
On remote server, we have 2.7.5 version of python
python3 --version
-bash: python3: command not found
$ python --version
Python 2.7.5
$ which python
/bin/python
sudo which python
SUDO requires you to enter your login password :
/bin/python

Thanks

[Thanh Nguyen Duc]

I think just become_user: yes may solve your issue.

Sent from my iPhone

On 26 Apr 2021, at 18:26, Hasini P <hasini.p...@gmail.com> wrote:



--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/f3f80daf-fd7c-47b8-8950-704d8f6d4762n%40googlegroups.com.

[Thanh Nguyen Duc]

Sorry, just become: true may solve, by default it always become root already

Sent from my iPhone

On 26 Apr 2021, at 18:29, Thanh Nguyen Duc <ng.duct...@gmail.com> wrote:

I think just become_user: yes may solve your issue.

[Hasini P]

Thanks, I tried different possibilities including your suggestion as below., but it didnt work
---
- name: test
  hosts: all
  tasks:
  - name: sample shell task to check the userID
    shell: echo `whoami`
    become: yes

[Thanh Nguyen Duc]

Sorry, first of all, are you able to ping your server by ansible yourserver -m ping? Have you done to transfer your public key to client?

Sent from my iPhone

On 26 Apr 2021, at 18:32, Hasini P <hasini.p...@gmail.com> wrote:

Thanks, I tried different possibilities including your suggestion as below., but it didnt work

To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/98908b1a-44f0-4ab7-859e-c44fb6c36bbbn%40googlegroups.com.

[Hasini P]

yes, I am able to ping-pong with my userID.. ssh password-less connectivity was established from control server to remote server with my ID

[Thanh Nguyen Duc]

Did you execute your playbook with sudo? If with sudo then you may need to ssh copy key again for root account to target machine. And Can try to add -vvvv then post the result?

Sent from my iPhone

On 26 Apr 2021, at 18:37, Hasini P <hasini.p...@gmail.com> wrote:



To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/9da37eca-0cd5-4a2a-ae8f-1523fda3a382n%40googlegroups.com.

[Hasini P]

I am not executing playbook with sudo. Running it with my userID. Do you want me to paste -vvvv verbose output for more details here ? (I am using -K option with playbook and providing my

password)