Can't execute command with su

12 views
Skip to first unread message

adrien nayrat

unread,
Dec 15, 2014, 11:46:24 AM12/15/14
to ansible...@googlegroups.com
Hello,

I have an issue when using su mode in ansible. I wan't ansible to log with the user "bill" and execute command with the user root. So to log with "bill" and then do an "su root".

Ansible Version: 1.7.2
Environment: Centos 6

Steps To Reproduce:

Do a simple test with ping command :
ansible all -i host.txt -S -u bill --ask-su-pass --ask-pass -vvvv -f 1 -m ping



Actual Results:

The result is :
ESTABLISH CONNECTION FOR USER: bill
REMOTE_MODULE ping
EXEC ['sshpass', '-d6', 'ssh', '-C', '-tt', '-vvv', '-o', 'ControlMaster=auto', '-o', 'ControlPersist=60s', '-o', 'ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r', '-o', 'StrictHostKeyChecking=no', '-o', 'Port=22', '-o', 'GSSAPIAuthentication=no', '-o', 'PubkeyAuthentication=no', '-o', 'User=bill', '-o', 'ConnectTimeout=10', 'server.com', "/bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1418638075.39-50125361119600 && chmod a+rx $HOME/.ansible/tmp/ansible-tmp-1418638075.39-50125361119600 && echo $HOME/.ansible/tmp/ansible-tmp-1418638075.39-50125361119600'"]
PUT /tmp/tmptlkouT TO /home/bill/.ansible/tmp/ansible-tmp-1418638075.39-50125361119600/ping
EXEC ['sshpass', '-d6', 'ssh', '-C', '-tt', '-vvv', '-o', 'ControlMaster=auto', '-o', 'ControlPersist=60s', '-o', 'ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r', '-o', 'StrictHostKeyChecking=no', '-o', 'Port=22', '-o', 'GSSAPIAuthentication=no', '-o', 'PubkeyAuthentication=no', '-o', 'User=bill', '-o', 'ConnectTimeout=10', 'server.com', u'/bin/sh -c \'su root -c "/bin/sh -c \'"\'"\'echo SUDO-SUCCESS-mlqtvpmqewypsiiaqunboskgbigmqyja; LANG=C LC_CTYPE=C /usr/bin/python /home/bill/.ansible/tmp/ansible-tmp-1418638075.39-50125361119600/ping; rm -rf /home/bill/.ansible/tmp/ansible-tmp-1418638075.39-50125361119600/ >/dev/null 2>&1\'"\'"\'"\'']

And ansible hang, nothing happen.
When I check the permissions of "/home/bill/.ansible/tmp/ansible-tmp-1418638075.39-50125361119600/ping" the file isn't executable by root :
-rw------- 1 bill bill 52K 15 déc. 11:07 ping
So when I try to execute manually "ping" I have a permission denied.

Why ansible doesn't create ping file in root HOME instead of bill home ?

Reply all
Reply to author
Forward
0 new messages