Hi John; Thanks for the suggestion, but nope: with that line commented out in sudoers (so that only the one with NOPASSWD is in effect", the error is the same.
"Failed to stop httpd.service: Interactive authentication required." Besides, I'd have thought that the latter statement would have overridden the former statement anyways, in a top-to-bottom processing. So, still scratching my head... Tim On Sunday, March 20, 2016 at 5:31:39 PM UTC-4, John Favorite wrote: > > comment out > > #%wheel ALL=(ALL) ALL > > ## Same thing without a password > %wheel ALL=(ALL) NOPASSWD: ALL > > On Sun, Mar 20, 2016 at 4:11 PM, TJG <[email protected] <javascript:>> > wrote: > > Hi all; > > > > Just looking for a little help to spot what I might be missing. Against > a > > Centos 7 box, using Ansible 2.1.0, this task: > > > > - name: restart httpd > > service: > > name: httpd > > state: restarted > > > > is giving me an "Interactive authentication required." error when run > under > > Ansible 2.1.0 via: > > > > ansible-playbook -i inventory test.yml --sudo --ask-sudo-pass > > --ask-become-pass --sudo -vvvv > > > > > > My playbook is set with: > > > > # The user that logs into the machine > > remote_user: apps > > > > # Indicates that we also want to be become the user we log in as, for > > running tasks > > # (otherwise the user defaults to root) > > become: yes > > become_user: apps > > > > > > and on the Centos 7 box, my "apps" user is in the "wheel" group, and the > > wheel group is covered with sudoer permissions as follows: > > > > ## Allows people in group wheel to run all commands > > %wheel ALL=(ALL) ALL > > > > ## Same thing without a password > > %wheel ALL=(ALL) NOPASSWD: ALL > > > > > > I understood that with my playbook set to use "become", and > "become_user", > > that this task would run as sudo? > > > > So, why the "Interactive authentication required" error? > > > > Of course, I can resort to: > > > > - name: Restart apache > > shell: sudo systemctl restart httpd > > > > > > which doesn't prompt me, but I'd like to understand why the advocated > method > > isn't observing that I'm running under sudo? > > > > Many thanks, > > Tim > > > > -- > > You received this message because you are subscribed to the Google > Groups > > "Ansible Project" group. > > To unsubscribe from this group and stop receiving emails from it, send > an > > email to [email protected] <javascript:>. > > To post to this group, send email to [email protected] > <javascript:>. > > To view this discussion on the web visit > > > https://groups.google.com/d/msgid/ansible-project/3946a8b4-7869-499f-b139-d33c8478ca30%40googlegroups.com. > > > > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/fe9501e5-8c46-41b9-a9c2-ab961430d8de%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
