In our org, privileged access is provided in the following way For switching to the root user on DEV boxes,
*sudo bash* For executing specific sudo commands, prefeix sudo to the command. Example * sudo yum install git* For switching to a different user account, use sudo su *sudo su username* I know that ansible doesn't support this chaining very well(at least with old versions) I'm currently using the below custom *su_exe *script to support this *#!/bin/sh* *if [ $1 == "root" ]; then* * #get rid of root -c* * shift 2* * sudo bash -c "$@"* *else* * sudo su "$@"* *fi* I have the below configuration in ansible.cfg *[defaults]* *executable = /bin/bash* *host_key_checking = False* *su_exe = ~/su.sh* The playbook copies su.sh (the su executable) to the user's home directory before triggering any task which has su set to yes Are there any possible flaws in the way I'm trying to do this? Since su and sudo are deprecated, is there a way to do something similar using Ansible's become? I'm currently using ansible-1.9.4-1.el6.noarch and I'm looking for a better way to accomplish the same :) -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/c369b880-b1ea-477f-b09a-7589b4be8275%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
