[ansible-project] On my remote host the user install is limited to sudo su -

Fri, 11 Oct 2019 08:50:58 -0700 


On my remote host the user install is limited to sudo su -

/etc/sudoers

%install ALL=(ALL) /bin/su -

--> hosts
[ibmcloud_msbms]
ibmcloud_msbms-01 ansible_port=22 ansible_host=192.168.0.24 
ansible_user=install root_path=/root os=redhat ansible_sudo_pass=xxxxx

--> playbook

   - name: "iotmsinstallinstall - all MSB runtimes."
   hosts: all
   pre_tasks: 
      - include_vars:
      file: inventories/common/vars.yml
      roles:
      - iotmsinstall
   
--> task

   - name: "iotmsinstall - create iot messagesight group"
   group:
   name: "{{ common.iotms.group }}"
   gid: "{{ common.iotms.gid }}"
   become: yes
   become_user: root
   become_method: su

when I now run ansible-playbook with

ansible-playbook -i inventories/environments/hosts -vvv --limit 
ibmcloud_msbms-01 01_msb_iotms_install.yml

Result:

TASK [iotmsinstall : iotmsinstall - create iot messagesight group] 
**********************************************************************************************************************************************************************************************************************************
task path: 
/root/msb/msb_ms_config/msb_ms_install/roles/iotmsinstall/tasks/main.yml:14
<169.62.188.24> ESTABLISH SSH CONNECTION FOR USER: install
<169.62.188.24> SSH: EXEC ssh -C -o ControlMaster=auto -o 
ControlPersist=60s -o Port=22 -o KbdInteractiveAuthentication=no -o 
PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey 
-o PasswordAuthentication=no -o 'User="install"' -o ConnectTimeout=10 -o 
ControlPath=/root/.ansible/cp/996142a655 169.62.188.24 '/bin/sh -c 
'"'"'echo ~install && sleep 0'"'"''
<169.62.188.24> (0, '/home/install\n', '')
<169.62.188.24> ESTABLISH SSH CONNECTION FOR USER: install
<169.62.188.24> SSH: EXEC ssh -C -o ControlMaster=auto -o 
ControlPersist=60s -o Port=22 -o KbdInteractiveAuthentication=no -o 
PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey 
-o PasswordAuthentication=no -o 'User="install"' -o ConnectTimeout=10 -o 
ControlPath=/root/.ansible/cp/996142a655 169.62.188.24 '/bin/sh -c '"'"'( 
umask 77 && mkdir -p "echo 
/home/install/.ansible/tmp/ansible-tmp-1570807943.55-244746696635726" && 
echo ansible-tmp-1570807943.55-244746696635726="echo 
/home/install/.ansible/tmp/ansible-tmp-1570807943.55-244746696635726" ) && 
sleep 0'"'"''
<169.62.188.24> (0, 
'ansible-tmp-1570807943.55-244746696635726=/home/install/.ansible/tmp/ansible-tmp-1570807943.55-244746696635726\n',
 
'')
Using module file 
/usr/lib/python2.7/site-packages/ansible/modules/system/group.py
<169.62.188.24> PUT /root/.ansible/tmp/ansible-local-8491uuQPyt/tmpjP3jQp 
TO 
/home/install/.ansible/tmp/ansible-tmp-1570807943.55-244746696635726/AnsiballZ_group.py
<169.62.188.24> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o 
ControlPersist=60s -o Port=22 -o KbdInteractiveAuthentication=no -o 
PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey 
-o PasswordAuthentication=no -o 'User="install"' -o ConnectTimeout=10 -o 
ControlPath=/root/.ansible/cp/996142a655 '[169.62.188.24]'
<169.62.188.24> (0, 'sftp> put 
/root/.ansible/tmp/ansible-local-8491uuQPyt/tmpjP3jQp 
/home/install/.ansible/tmp/ansible-tmp-1570807943.55-244746696635726/AnsiballZ_group.py\n',
 
'')
<169.62.188.24> ESTABLISH SSH CONNECTION FOR USER: install
<169.62.188.24> SSH: EXEC ssh -C -o ControlMaster=auto -o 
ControlPersist=60s -o Port=22 -o KbdInteractiveAuthentication=no -o 
PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey 
-o PasswordAuthentication=no -o 'User="install"' -o ConnectTimeout=10 -o 
ControlPath=/root/.ansible/cp/996142a655 169.62.188.24 '/bin/sh -c 
'"'"'chmod u+x 
/home/install/.ansible/tmp/ansible-tmp-1570807943.55-244746696635726/ 
/home/install/.ansible/tmp/ansible-tmp-1570807943.55-244746696635726/AnsiballZ_group.py
 
&& sleep 0'"'"''
<169.62.188.24> (0, '', '')
<169.62.188.24> ESTABLISH SSH CONNECTION FOR USER: install
<169.62.188.24> SSH: EXEC ssh -C -o ControlMaster=auto -o 
ControlPersist=60s -o Port=22 -o KbdInteractiveAuthentication=no -o 
PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey 
-o PasswordAuthentication=no -o 'User="install"' -o ConnectTimeout=10 -o 
ControlPath=/root/.ansible/cp/996142a655 -tt 169.62.188.24 '/bin/sh -c 
'"'"'su root -c '"'"'"'"'"'"'"'"'/bin/sh -c 
'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'echo 
BECOME-SUCCESS-lsokftpdokaikbgqbyxfswoeislvcsfg ; /usr/bin/python 
/home/install/.ansible/tmp/ansible-tmp-1570807943.55-244746696635726/AnsiballZ_group.py'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"''"'"'"'"'"'"'"'"'
 
&& sleep 0'"'"''
fatal: [ibmcloud_msbms-01]: FAILED! => {
"msg": "Timeout (12s) waiting for privilege escalation prompt: "
}
ISSUE TYPE 
   
   - Bug Report or Question

ANSIBLE VERSION 

ansible 2.8.5
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/root/.ansible/plugins/modules', 
u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, Jun 20 2019, 20:27:34) [GCC 4.8.5 20150623 
(Red Hat 4.8.5-36)

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/8bf58845-50a5-499f-9e8e-49b2fd54cff2%40googlegroups.com.

Reply via email to