[ansible-project] Ansible reports “permission denied” when issuing command on remote host

Thu, 02 Jun 2016 10:12:55 -0700 


Ansible 2.1
Ansible host: Ubuntu 16.04
Remote host: CentOS 6.5


I have a simple ansible project:

├── hosts
├── roles
│   └── setup
│       ├── defaults
│       │   └── main.yml
│       ├── tasks
│       │   └── main.yml
│       └── templates
│           └── automation-agent.config.j2
└── site.yml


Command I used to run playbook:

ansible-playbook -i hosts site.yml --user admin --ask-pass


On the remote host, I have set up user admin with root priviledge:

root    ALL=(ALL)       ALL
admin   ALL=(ALL)       ALL


However, one of the playbook tasks ran into issue:

- name: Back up Automation Agent config file if exists
  command: mv /etc/mongodb-mms/automation-agent.config 
/etc/mongodb-mms/automation-agent.config.bak

Ansible reports:

TASK [setup : Back up Automation Agent config file if exists] ******************
fatal: [192.168.241.135]: FAILED! => {"changed": true, "cmd": ["mv", 
"/etc/mongodb-mms/automation-agent.config", 
"/etc/mongodb-mms/automation-agent.config.bak"], "delta": "0:00:00.002588", 
"end": "2016-06-01 22:57:55.577158", "failed": true, "rc": 1, "start": 
"2016-06-01 22:57:55.574570", "stderr": "mv: cannot move 
`/etc/mongodb-mms/automation-agent.config' to 
`/etc/mongodb-mms/automation-agent.config.bak': Permission denied", "stdout": 
"", "stdout_lines": [], "warnings": []}


Noted that permission setting on /etc/mongodb-mms/automation-agent.config
 is 0600

-rw-------. 1 mongod mongod 313 Jun 1 04:48 automation-agent.config


Apparently one would need sudo priviledge to make changes to this file. I 
have tried Ansible's --become and --become-user, but not having success.

ansible-playbook -i hosts site.yml --user admin --ask-pass --become 
--become-user admin



What should I do in Ansible to gain sudo and make changes to that file?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/b763d95e-fb42-4ea9-b773-1ae6addc5b87%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to