How to achieve sudo su - root and run all command in ansible
2,380 views
Skip to first unread message
Ganesh Batwal
Aug 4, 2017, 7:27:28 AM8/4/17
to Ansible Project
Hi All,
We are not able to switch the ansible playbook connection to root id. eg. "sudo su -" and then execute the privilege commands. Kindly check and advice on correct approach.
Error messages :-"Sorry, user ganeshbatwal is not allowed to execute '/bin/sh -c echo BECOME-SUCCESS-ztghielsvyhxrzkvxzgqwsdmhgebdjrd;
Kindly note :- Due to security reasons we have blocked the "/bin/sh -c"execution in sudo configuration.
ansible-playbook passwd_never_expiry.yml --ask-become-pass
SUDO password:
PLAY [172.28.43.87] ************************************************************
TASK [setup] *******************************************************************
fatal: [172.28.43.87]: FAILED! => {"changed": false, "failed": true, "module_stderr": "Shared connection to 172.28.43.87 closed.\r\n", "module_stdout": "Sorry, user ganeshbatwal is not allowed to execute '/bin/sh -c echo BECOME-SUCCESS-legcrwpoindiydrchivdirlopufgmioc; /usr/bin/python /home/ganeshbatwal/.ansible/tmp/ansible-tmp-1501845852.66-214235381292662/setup.py; rm -rf \"/home/ganeshbatwal/.ansible/tmp/ansible-tmp-1501845852.66-214235381292662/\" > /dev/null 2>&1' as root on jet-netline-websrvtestn2.jetairways.com.\r\n", "msg": "MODULE FAILURE"}
[WARNING]: Could not create retry file '/etc/ansible/passwd_never_expiry.retry'. [Errno 13] Permission denied:
u'/etc/ansible/passwd_never_expiry.retry'
PLAY RECAP *********************************************************************
172.28.43.87 : ok=0 changed=0 unreachable=0 failed=1
Playboook details:-
cat passwd_never_expiry.yml
---
- hosts: 172.28.43.87
become: yes
become_user: root
become_method: sudo
tasks:
- name: Setting the password never expiry settings
shell: chage -I -1 -m 0 -M 99999 -E -1 cargo
We are not able to switch the ansible playbook connection to root id. eg. "sudo su -" and then execute the privilege commands. Kindly check and advice on correct approach.
Error messages :-"Sorry, user ganeshbatwal is not allowed to execute '/bin/sh -c echo BECOME-SUCCESS-ztghielsvyhxrzkvxzgqwsdmhgebdjrd;
Kindly note :- Due to security reasons we have blocked the "/bin/sh -c"execution in sudo configuration.
ansible-playbook passwd_never_expiry.yml --ask-become-pass
SUDO password:
PLAY [172.28.43.87] ************************************************************
TASK [setup] *******************************************************************
fatal: [172.28.43.87]: FAILED! => {"changed": false, "failed": true, "module_stderr": "Shared connection to 172.28.43.87 closed.\r\n", "module_stdout": "Sorry, user ganeshbatwal is not allowed to execute '/bin/sh -c echo BECOME-SUCCESS-legcrwpoindiydrchivdirlopufgmioc; /usr/bin/python /home/ganeshbatwal/.ansible/tmp/ansible-tmp-1501845852.66-214235381292662/setup.py; rm -rf \"/home/ganeshbatwal/.ansible/tmp/ansible-tmp-1501845852.66-214235381292662/\" > /dev/null 2>&1' as root on jet-netline-websrvtestn2.jetairways.com.\r\n", "msg": "MODULE FAILURE"}
[WARNING]: Could not create retry file '/etc/ansible/passwd_never_expiry.retry'. [Errno 13] Permission denied:
u'/etc/ansible/passwd_never_expiry.retry'
PLAY RECAP *********************************************************************
172.28.43.87 : ok=0 changed=0 unreachable=0 failed=1
Playboook details:-
cat passwd_never_expiry.yml
---
- hosts: 172.28.43.87
become: yes
become_user: root
become_method: sudo
tasks:
- name: Setting the password never expiry settings
shell: chage -I -1 -m 0 -M 99999 -E -1 cargo
Ganesh Batwal
Aug 4, 2017, 7:36:02 AM8/4/17
to Ansible Project
The below mention command is working fine with command prompt... How to configure the same via playbook.
ansible 172.28.43.87 -m shell -a 'sudo chage -I -1 -m 0 -M 99999 -E -1 netline' --become-user=root
172.28.43.87 | SUCCESS | rc=0 >>
ansible 172.28.43.87 -m shell -a 'sudo chage -I -1 -m 0 -M 99999 -E -1 netline' --become-user=root
172.28.43.87 | SUCCESS | rc=0 >>
Utkarsh Sharma
Apr 17, 2018, 10:40:24 AM4/17/18
to Ansible Project
Team, I am also facing the same issue. it works using the raw module but not in the playbook
On Friday, August 4, 2017 at 4:57:28 PM UTC+5:30, Ganesh Batwal wrote:
Reply all
Reply to author
Forward
0 new messages