I use following which works for me
sudo: yes
but user has sudo to ALL prilvilges
On Thursday, 15 October 2015 21:20:21 UTC+5:30, Kevin Jaquier wrote:
>
> I'm having trouble executing my script from a user with sudo access
> instead of root.
>
> I'm getting "permission denied" errors when playing the playbook, but if I
> execute the commands manually on the server it works just fine.
> I did use "become" to execute the tasks with sudo and the right user.
>
> The (relevant part of the) playbook :
>
> ---
> - hosts: all
> remote_user: "{{ user }}"
> become: yes
> become_user: "{{ user }}"
> become_method: sudo
>
>
> tasks:
>
>
> - name: Install useful system tools
> apt: name={{ item }} state=present
> with_items:
> - vim
> - nano
> - htop
> - git
> - subversion
> - tig
> - ncdu
> - nodejs-legacy
> - npm
> - mesa-utils
>
>
>
> Ansible output :
>
> $ ansible-playbook -K -i test site.yml -vvvv
> SUDO password:
>
>
> PLAY [all]
> ********************************************************************
>
>
> GATHERING FACTS
> ***************************************************************
> <[the server address]> ESTABLISH CONNECTION FOR USER: [the user name]
> <[the server address]> REMOTE_MODULE setup
> <[the server address]> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o
> ControlPersist=60s -o ControlPath=
> "/home/kevin/.ansible/cp/ansible-ssh-%h-%p-%r" -o
> KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-
> mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User
> =[the user name] -o ConnectTimeout=10 [the server address] /bin/sh -c
> 'mkdir
> -p /tmp/ansible-tmp-1444921321.94-213782579685333 && chmod a+rx
> /tmp/ansible-tmp-1444921321.94-213782579685333 && echo
> /tmp/ansible-tmp-1444921321.94-213782579685333'
> <[the server address]> PUT /tmp/tmpk_hOEu TO /tmp/ansible-tmp-
> 1444921321.94-213782579685333/setup
> <[the server address]> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o
> ControlPersist=60s -o ControlPath=
> "/home/kevin/.ansible/cp/ansible-ssh-%h-%p-%r" -o
> KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-
> mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User
> =[the user name] -o ConnectTimeout=10 [the server address] /bin/sh -c 'chmod
> a+r /tmp/ansible-tmp-1444921321.94-213782579685333/setup'
> <[the server address]> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o
> ControlPersist=60s -o ControlPath=
> "/home/kevin/.ansible/cp/ansible-ssh-%h-%p-%r" -o
> KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-
> mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User
> =[the user name] -o ConnectTimeout=10 [the server address] /bin/sh -c
> 'sudo
> -k && sudo -H -S -p "[sudo via ansible,
> key=upzdhdqqnkqtecoipruvaisazfdvjubv] password: " -u [the user name]
> /bin/sh -c '"'"'echo BECOME-SUCCESS-upzdhdqqnkqtecoipruvaisazfdvjubv;
> LANG=C LC_CTYPE=C /usr/bin/python
> /tmp/ansible-tmp-1444921321.94-213782579685333/setup'"'"''
> <[the server address]> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o
> ControlPersist=60s -o ControlPath=
> "/home/kevin/.ansible/cp/ansible-ssh-%h-%p-%r" -o
> KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-
> mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User
> =[the user name] -o ConnectTimeout=10 [the server address] /bin/sh -c 'rm
> -rf /tmp/ansible-tmp-1444921321.94-213782579685333/ >/dev/null 2>&1'
> ok: [[the server address]]
>
>
> TASK: [Install useful system tools]
> *******************************************
> <[the server address]> ESTABLISH CONNECTION FOR USER: [the user name]
> <[the server address]> REMOTE_MODULE apt name=vim,nano,htop,git,subversion
> ,tig,ncdu,nodejs-legacy,npm state=present
> <[the server address]> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o
> ControlPersist=60s -o ControlPath=
> "/home/kevin/.ansible/cp/ansible-ssh-%h-%p-%r" -o
> KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-
> mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User
> =[the user name] -o ConnectTimeout=10 [the server address] /bin/sh -c
> 'mkdir
> -p /tmp/ansible-tmp-1444921350.8-23676536
> ...
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/5cbfa0b2-2a7c-40b8-8b77-ab7c6d633893%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
