Another update, I use 'su root' and can access to: /home/[userX]/.ansible but got permission denied when open tmp or cp directories.
On Friday, April 6, 2018 at 12:48:33 PM UTC-7, Quang Truong wrote: > > Dear all, > > I'm new to ansible and system admin on linux, I have a problem that I > don't understand what happen behind the scene. > > Here is my scenario: > > - I create a kvm (machine B) on my host machine, this is also an ansible > control machine (machine A) > - Then copy the ssh key of the user (user X with sudoer) I will run > ansible playbook from A to B > - I can run playbook with become privilege, in my playbook I install NIS > and setup B to join my network domain (bind with a dns server) > - Then now the problem happen, I can't run playbook from A to B anymore > with userX > > Below are the problems: > + When I put become: true (use default become_user, should be root) for > all tasks then playbook can't gather facts from B, I got Permission denied > when gathering facts > /usr/bin/python: can't open file > '/home/[*userX*]/.ansible/tmp/ansible-tmp-1523038454.61-125714211155466/setup.py': > > [Errno 13] Permission denied > + When I move become: true to individual task, then I have same > Permission denied > /usr/bin/python: can't open file > '/home/[*userX*]/.ansible/tmp/ansible-tmp-1523040035.49-151403862005878/apt.py': > > [Errno 13] Permission denied > + When I try to elevate to exact user X with become_user: userX, seems > this user doesn't have proper permission > "changed": false, "msg": "Failed to lock apt for exclusive operation" > > Seems I have some problems: > - root user didn't setup properly on B so it can't access to /home/[ > *userX*] directory (I read some instruction said that use 'HOME=/root > ansible-playbook my_pb.yml ...' but still failed: OSError: [Errno 13] > Permission denied: '~/.ansible/tmp') > - not sure what happen with userX but it can't execute sudo via ansible on > B (although I tried to ssh with userX on B and do some sudo tasks such as > apt-get install) > > Please help to tell if I have miss any configurations (I think during the > kvm creation, I miss some steps here) > > Thanks, > Quang > > > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to firstname.lastname@example.org. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/fd12c52a-26c7-4dc5-b4f2-3d3834fb1653%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.