two step process to become root
26 views
Skip to first unread message
Brad Van Orden
Oct 1, 2018, 8:51:46 AM10/1/18
to Ansible Project
I'm looking for suggestions on how to add a two step login/switch to root to work within ansible. I'm restricted to logining in to a server with my normal sid. After that is accomplished, I then use su to switch to another account (giving a password when prompted). From there, I can use sudo to switch to root. Trying to wrap my head around putting that into practice within ansible. Suggestions would be greatly appreciated. :)
Regards,
Brad
Jonathan Lozada De La Matta
Oct 1, 2018, 8:57:17 AM10/1/18
to ansible...@googlegroups.com
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/8ec58472-2160-4243-8143-54393279639b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
Jonathan lozada de la matta
AUTOMATION PRACTICE
Brad Van Orden
Oct 1, 2018, 9:31:21 AM10/1/18
to Ansible Project
Yes, I've been reading that. Not really clear. Maybe (setting ansible_become_pass in the inventory file):
- name: switch to intermediate user
command: cat /dev/null
become: yes
become_method: su
become_user: sid-other
- name: switch to root
command: cat /dev/null
become: yes
become_method: sudo
become_user: root
Would that achieve what I am looking for and then run every subsequent command as root?
Regards,
Brad
Brian Coca
Oct 1, 2018, 9:40:55 AM10/1/18
to Ansible Project
No, each task happens in it's own session, setting the environment in
task1 does not affect task2.
Ansible does not support the scheme you have as it requires 2
privilege escalation systems into every execution, they are not
currently 'stackable'.
--
----------
Brian Coca
task1 does not affect task2.
Ansible does not support the scheme you have as it requires 2
privilege escalation systems into every execution, they are not
currently 'stackable'.
--
----------
Brian Coca
Brad Van Orden
Oct 1, 2018, 9:49:32 AM10/1/18
to Ansible Project
OK. Thanks for the feedback! :)
Dilson Tomé
Oct 8, 2018, 2:02:35 PM10/8/18
to ansible...@googlegroups.com
You can use become to change to this generic user and set sudo in your commands.
_
Dilson Tomé Rainov
Linkedin: https://br.linkedin.com/in/dilsontome
Cel: +55-11-98013-7803
--
Reply all
Reply to author
Forward
0 new messages