Install sudo on RHEL

[Jeremy Njock]

I have an ansible playbook, wich connects to a remote server.

On that remote server sudo is not installed. I can only gather root access with running dzdo su - in terminal.

I tried to run following task to install sudo

- name: Install sudo
  yum:
    name: sudo
  become: yes
  become_user: root

But when I run the code I get following error:

TASK [docker-yum : Install sudo] *******************************************************************************************************************************************************************************************************************************

fatal: [10.7.201.186]: FAILED! => {"changed": false, "changes": {"installed": ["sudo"]}, "msg": "Repo rhui-rhel-7-server-dotnet-rhui-debug-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/product/content.crt\nRepo rhui-rhel-7-server-dotnet-rhui-debug-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/key.pem\nRepo rhui-rhel-7-server-dotnet-rhui-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/product/content.crt\nRepo rhui-rhel-7-server-dotnet-rhui-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/key.pem\nRepo rhui-rhel-7-server-dotnet-rhui-source-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/product/content.crt\nRepo rhui-rhel-7-server-dotnet-rhui-source-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/key.pem\nRepo rhui-rhel-7-server-rhui-debug-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/product/content.crt\nRepo rhui-rhel-7-server-rhui-debug-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/key.pem\nRepo rhui-rhel-7-server-rhui-extras-debug-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/product/content.crt\nRepo rhui-rhel-7-server-rhui-extras-debug-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/key.pem\nRepo rhui-rhel-7-server-rhui-extras-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/product/content.crt\nRepo rhui-rhel-7-server-rhui-extras-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/key.pem\nRepo rhui-rhel-7-server-rhui-extras-source-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/product/content.crt\nRepo rhui-rhel-7-server-rhui-extras-source-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/key.pem\nRepo rhui-rhel-7-server-rhui-optional-debug-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/product/content.crt\nRepo rhui-rhel-7-server-rhui-optional-debug-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/key.pem\nRepo rhui-rhel-7-server-rhui-optional-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/product/content.crt\nRepo rhui-rhel-7-server-rhui-optional-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/key.pem\nRepo rhui-rhel-7-server-rhui-optional-source-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/product/content.crt\nRepo rhui-rhel-7-server-rhui-optional-source-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/key.pem\nRepo rhui-rhel-7-server-rhui-rh-common-debug-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/product/content.crt\nRepo rhui-rhel-7-server-rhui-rh-common-debug-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/key.pem\nRepo rhui-rhel-7-server-rhui-rh-common-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/product/content.crt\nRepo rhui-rhel-7-server-rhui-rh-common-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/key.pem\nRepo rhui-rhel-7-server-rhui-rh-common-source-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/product/content.crt\nRepo rhui-rhel-7-server-rhui-rh-common-source-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/key.pem\nRepo rhui-rhel-7-server-rhui-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/product/content.crt\nRepo rhui-rhel-7-server-rhui-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/key.pem\nRepo rhui-rhel-7-server-rhui-source-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/product/content.crt\nRepo rhui-rhel-7-server-rhui-source-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/key.pem\nRepo rhui-rhel-7-server-rhui-supplementary-debug-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/product/content.crt\nRepo rhui-rhel-7-server-rhui-supplementary-debug-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/key.pem\nRepo rhui-rhel-7-server-rhui-supplementary-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/product/content.crt\nRepo rhui-rhel-7-server-rhui-supplementary-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/key.pem\nRepo rhui-rhel-7-server-rhui-supplementary-source-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/product/content.crt\nRepo rhui-rhel-7-server-rhui-supplementary-source-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/key.pem\nRepo rhui-rhel-server-rhui-rhscl-7-debug-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/product/content.crt\nRepo rhui-rhel-server-rhui-rhscl-7-debug-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/key.pem\nRepo rhui-rhel-server-rhui-rhscl-7-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/product/content.crt\nRepo rhui-rhel-server-rhui-rhscl-7-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/key.pem\nRepo rhui-rhel-server-rhui-rhscl-7-source-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/product/content.crt\nRepo rhui-rhel-server-rhui-rhscl-7-source-rpms forced skip_if_unavailable=True due to: /etc/pki/rhui/key.pem\nYou need to be root to perform this command.\n", "rc": 1, "results": ["Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-\n              : manager\n"]}

[Dick Visser]

The default become_method is sudo, and since you don't have that
available, you can't "become", and hence you can't install a package.
But, you don't HAVE to use sudo, it's just the default.
You already have an alternative privilege escalation option (dzdo).
I'd try using that first, because it is supported by ansible:

https://docs.ansible.com/ansible/latest/plugins/become/dzdo.html

Also read https://docs.ansible.com/ansible/latest/plugins/become.html#become-plugins

Or maybe even start with
https://docs.ansible.com/ansible/latest/user_guide/become.html



Dick

> --
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/a3252423-13d5-4ee1-bde9-14e4092c5253%40googlegroups.com.



--
Dick Visser
Trust & Identity Service Operations Manager
GÉANT

[Jeremy Njock]

Thanks for your reply.

I tried to use dzdo as become option:

- name: Install sudo
  yum:
    name:

sudo
  become: dzdo

But I encounter the same issue message.

Op donderdag 6 februari 2020 09:33:01 UTC+1 schreef Jeremy Njock:

[Stefan Hornburg (Racke)]

On 2/6/20 10:43 AM, Jeremy Njock wrote:
> Thanks for your reply.
>
> I tried to use dzdo as become option:
> |
> -name:Installsudo
>   yum:
>     name:sudo
>   become:dzdo
> |
>
> But I encounter the same issue message.

Small wonder as you apparently failed to read or understand the documentation :-/

I suppose it should be something like:

become: yes
become_method: dzdo
become_user: root
become_flags: 'su -'

Regards
Racke

>
> Op donderdag 6 februari 2020 09:33:01 UTC+1 schreef Jeremy Njock:
>
> I have an ansible playbook, wich connects to a remote server.

> On that remote server sudo is not installed. I can only gather root access with running *dzdo su - *in terminal.

> --
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to

> ansible-proje...@googlegroups.com <mailto:ansible-proje...@googlegroups.com>.

> To view this discussion on the web visit

> https://groups.google.com/d/msgid/ansible-project/d061a274-d561-478c-b20d-7fdffa637a6a%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/d061a274-d561-478c-b20d-7fdffa637a6a%40googlegroups.com?utm_medium=email&utm_source=footer>.


--
Ecommerce and Linux consulting + Perl and web application programming.
Debian and Sympa administration. Provisioning with Ansible.