passing --ask-become-pass to task within playbook
234 views
Skip to first unread message
Stephen Tyler
Nov 7, 2017, 5:12:38 PM11/7/17
to Ansible Project
Hello.
If I have a playbook with -b --become-user=root --ask-become-pass CLI arguments.. and a script/task that cannot be started with root (so I can't use become on a task level) but later asks to sudo, to be able to pass the ask-become-pass to the task?
The script i'm referring to is makepkg - https://wiki.archlinux.org/index.php/makepkg
Any suggestions?
Best,
-Stephen
Kai Stian Olstad
Nov 8, 2017, 1:19:12 AM11/8/17
to ansible...@googlegroups.com
On 07.11.2017 23:12, Stephen Tyler wrote:
> If I have a playbook with -b --become-user=root --ask-become-pass CLI
> arguments.. and a script/task that cannot be started with root (so I
> can't
> use become on a task level) but later asks to sudo, to be able to pass
> the
> ask-become-pass to the task?
>
> The script i'm referring to is makepkg -
> https://wiki.archlinux.org/index.php/makepkg
I don't think there is a way to get the password from the
> If I have a playbook with -b --become-user=root --ask-become-pass CLI
> arguments.. and a script/task that cannot be started with root (so I
> can't
> use become on a task level) but later asks to sudo, to be able to pass
> the
> ask-become-pass to the task?
>
> The script i'm referring to is makepkg -
> https://wiki.archlinux.org/index.php/makepkg
ask-become-pass.
It could be considered a potential security issue if that where
possible.
When you have script asking for information that you can't provide with
command line arguments you can use the expect module.
And the password need to be provided somehow, some of the options are
hard code it, use vars_prompt, put it in a variable, use one of the
supported password managers
--
Kai Stian Olstad
Reply all
Reply to author
Forward
0 new messages