Hi, I want to use Ansible to a target using an ssh connection and a restricted shell....
I have setup gather_facts: false in my playbook, but even then Ansible is trying to guess the discovered_interpreter_python and returns an error because this is not allowed in the restricted shell. <sec_system> Attempting python interpreter discovery <sec_system> ESTABLISH SSH CONNECTION FOR USER: secadmin <sec_system> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="padmin"' -o ConnectTimeout=10 -o ControlPath=/home/user/.ansible/cp/7c17f9a5a6 sec_system '/bin/sh -c '"'"'echo PLATFORM; uname; echo FOUND; command -v '"'"'"'"'"'"'"'"'/usr/bin/python'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'python3.7'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'python3.6'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'python3.5'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'python2.7'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'python2.6'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'/usr/libexec/platform-python'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'/usr/bin/python3'"'"'"'"'"'"'"'"'; command -v '"'"'"'"'"'"'"'"'python'"'"'"'"'"'"'"'"'; echo ENDFOUND && sleep 0'"'"'' <sec_system> (1, b'', b'rksh: /bin/sh: 0403-019 The operation is not allowed in a restricted shell.\n') <sec_system> Failed to connect to the host via ssh: rksh: /bin/sh: 0403-019 The operation is not allowed in a restricted shell. So infact ansible is trying to /bin/sh -c into the system and this is not allowed.... Does anybody know how to prevent this check so I can use the raw command ? Regards, Tom ansible --version ansible 2.8.0 config file = /home/user/git/ansible_project/etc/ansible.cfg configured module search path = ['/home/user/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.6/site-packages/ansible executable location = /usr/local/bin/ansible python version = 3.6.8 (default, Apr 25 2019, 21:02:35) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)] -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/679ca2b4-f2da-499f-a50b-cb09847cd89c%40googlegroups.com.
