On Thu, 12 Sep 2019 04:47:39 -0700 (PDT) "'Torsten Lorenz' via Ansible Project" <[email protected]> wrote:
> executing
> "sudo /usr/bin/systemctl start filebeat.service"
> works pretty fine, but i would like to use the service-modul.
>
> My playbook looks like this:
> - name: testplay
> hosts: hostname
>
> tasks:
> - name: stop filebeat
> become: true
> become_method: sudo
> become_user: root
> service:
> name: filebeat.service
> state: stopped
>
> ASK [stop filebeat]
> fatal: [vlq23007]: FAILED! => {"changed": false, "module_stderr": "Shared
> connection to hostname closed.\r\n", "module_stdout": "Sorry, user sudouser
> is not allowed to execute '/bin/sh -c echo
> BECOME-SUCCESS-sodoffndzuoxshzljbtmzwmyfysryhkf; /usr/bin/python
> /home/sudouser/.ansible/tmp/ansible-tmp-1568288715.75-4453183611448/systemd.py;
>
> rm -rf
> \"/home/sudouser/.ansible/tmp/ansible-tmp-1568288715.75-4453183611448/\" >
> /dev/null 2>&1' as root on hostname.\r\n", "msg": "MODULE FAILURE", "rc": 1}
Make sure user "sudouser" is able to become root with "sudo su".
me@master: ssh sudouser@hostname
sudouser@hostname: sudo su
root@hostname:
Take a look at /etc/sudoers. You can run "sudo /usr/bin/systemctl ..."
because this command it's specifically allowed, I guess.
HTH, Cheers,
-vlado
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/20190912141514.1c059da3%40gmail.com.
pgpZ_58wdnIk7.pgp
Description: OpenPGP digital signature
