issue using become (to sudo su - msp" - Pl Help

56 views
Skip to first unread message

Srinivas Kuncham

unread,
Mar 17, 2016, 8:10:17 AM3/17/16
to Ansible Project

Hi All,
I am facing issues with being able to login with my credentials and then sudo (become) msp user.. 
When I manually ssh to the test_server, I use the command "sudo su - msp" to switch user and run few commands. But it doesnt seem to be working with ansibal.

Can someone please help?


Playbook:
- hosts: test_servers
  become: yes
  tasks:
  - shell: whoami
  
Command to run:
ansible-playbook b02.yml -u fn.last --ask-pass

cfg Entries:
[privilege_escalation]
become=True
become_method=sudo
become_user=msp
become_ask_pass=True

Output
$ ansible-playbook b02.yml -u fn.last --ask-pass
SSH password:
SUDO password[defaults to SSH password]:

PLAY [test_servers] ************************************************************

TASK [setup] *******************************************************************
fatal: [10.6.48.231]: FAILED! => {"changed": false, "failed": true, "module_stderr": "", "module_stdout": "\r\nSorry, user fn.last is not allowed to execute '/bin/sh -c echo BECOME-SUCCESS-glazbpbnkugukpfbzcrgnqvrudvwsevw; LANG=en_US.UTF-8 LC_ALL=en_US.UTF-8 LC_MESSAGES=en_US.UTF-8 /opt/msp/pkg/python/bin/python /tmp/ansible-tmp-1458116615.7-96652222108952/setup' as msp on LQASEDCODAP008V.\r\n", "msg": "MODULE FAILURE", "parsed": false}

NO MORE HOSTS LEFT *************************************************************
to retry, use: --limit @b02.retry

PLAY RECAP *********************************************************************
10.6.48.231                : ok=0    changed=0    unreachable=0    failed=1

TIA
Srini

Brian Coca

unread,
Mar 17, 2016, 6:07:03 PM3/17/16
to ansible...@googlegroups.com
`sudo su` does not work, you need to be able to use sudo to run any command as msp.

http://docs.ansible.com/ansible/become.html <= read notes

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/4496f5be-5fcf-4b7e-b102-1b8e9ee6137f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.



--
----------
Brian Coca
Reply all
Reply to author
Forward
0 new messages