Use become:true next line of hosts at header. On Thu, Sep 12, 2019, 6:03 PM Dick Visser <[email protected]> wrote:
> That is correct, ansible is hard (or impossible) to use with such a > restrictive environment: > > https://docs.ansible.com/ansible/latest/user_guide/become.html#id13 > > > On Thu, 12 Sep 2019 at 14:19, 'Torsten Lorenz' via Ansible Project < > [email protected]> wrote: > >> Hi, thanks for your answer. >> >> >> the user is allowed to use sudo. If i change my playbook to: >> >> tasks: >> >> - name: restart Filebeat per Command >> shell: "sudo /usr/bin/systemctl start filebeat.service >> filebeat.service" >> >> >> its working, but thats not more than a workarround.... >> >> I think the problem is, that the sudo-template exactly contains the >> command "/usr/bin/systemctl * filebeat.service filebeat.service" an >> ansible uses any other command to start/stop the service >> >> >> greetz >> >> >> >> Am Donnerstag, 12. September 2019 13:47:40 UTC+2 schrieb Torsten Lorenz: >>> >>> Hi @ all, >>> >>> i try to start/stop a service with ansible adn need to execute the >>> comand with sudo: >>> >>> executing >>> "sudo /usr/bin/systemctl start filebeat.service" >>> >>> works pretty fine, but i would like to use the service-modul. >>> >>> My playbook looks like this: >>> >>> >>> - >>> name: testplay >>> hosts: hostname >>> >>> tasks: >>> - name: stop filebeat >>> become: true >>> become_method: sudo >>> become_user: root >>> service: >>> name: filebeat.service >>> state: stopped >>> >>> >>> >>> i get this error: >>> >>> ASK [stop filebeat] >>> ************************************************************************************************************************************************************************************************************************ >>> fatal: [vlq23007]: FAILED! => {"changed": false, "module_stderr": >>> "Shared connection to hostname closed.\r\n", "module_stdout": "Sorry, user >>> sudouser is not allowed to execute '/bin/sh -c echo >>> BECOME-SUCCESS-sodoffndzuoxshzljbtmzwmyfysryhkf; /usr/bin/python >>> /home/sudouser/.ansible/tmp/ansible-tmp-1568288715.75-4453183611448/systemd.py; >>> rm -rf >>> \"/home/sudouser/.ansible/tmp/ansible-tmp-1568288715.75-4453183611448/\" > >>> /dev/null 2>&1' as root on hostname.\r\n", "msg": "MODULE FAILURE", "rc": 1} >>> >>> >>> >>> Are there any ideas how to fix it? >>> >>> greetz >>> >>> Torsten >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "Ansible Project" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/ansible-project/73be629f-8e1b-48c6-b213-58cd4688d0ff%40googlegroups.com >> <https://groups.google.com/d/msgid/ansible-project/73be629f-8e1b-48c6-b213-58cd4688d0ff%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> > -- > Sent from a mobile device - please excuse the brevity, spelling and > punctuation. > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/CAL8fbwPmUR0HXCipbkpOsdNqKED-Bp-wk-Dg8%3DLZ3YK7eR03Ng%40mail.gmail.com > <https://groups.google.com/d/msgid/ansible-project/CAL8fbwPmUR0HXCipbkpOsdNqKED-Bp-wk-Dg8%3DLZ3YK7eR03Ng%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CACYuvzobNpMEvHvw0KQLCbC0McG6J4YATBu58dF-810u8dXGBQ%40mail.gmail.com.
