Hello,
Thanks for the e-mail. I have figured out the problem.
---
- hosts: all
#become: yes
#become_user: "{{ username }}"
#become_method: sudo
- import_playbook: ../../main.yml
In the above case, becoming as another user is of no use. Once I have
imported playbook ( ie., main.yml ), it was running as vagrant user
somehow. So I have commented it out. Once I have added like this in
../../main.yml, then everything is working fine. main.yml is the one which
downloads and adds ssh keys.
$ head -6 ../../main.yml
---
- hosts: all
become: yes
become_user: "{{ username }}"
become_method: sudo
On Sun, 21 Jun 2020 at 12:25, Dick Visser <[email protected]> wrote:
> This is probably because the parent directory isn't there, and user mrajaa
> doesn't have permission create it.
> I don't see any task to create that user.
> Those steps are missing from your playbook (or you didn't post them)
>
>
>
> On Sat, 20 Jun 2020 at 18:22, Mukuntha rajaa <[email protected]>
> wrote:
>
>> Hello,
>>
>> *Problem:*
>> Via inventory, I am logging as "vagrant" user. I am trying to switch to
>> another-user and then create .ssh directory with owner and group as this
>> another-user. It is failing saying permission denied.
>>
>> TASK [Ensure dot-ssh directory exists]
>> *********************************************************************************************
>> fatal: [192.168.99.105]: FAILED! => {"changed": false, "msg": "There was
>> an issue creating /home/mrajaa/.ssh as requested: [Errno 13] *Permission
>> denied*: b'/home/mrajaa/.ssh'", "path": "/home/mrajaa/.ssh/"}
>>
>> "vagrant" user has sudo permission in the target cluster.
>>
>> sudo cat /etc/sudoers.d/vagrant-nopasswd
>> vagrant ALL=(ALL) NOPASSWD: ALL
>>
>>
>> *Problem in detail:*
>> I am trying to run a playbook on vagrant-provisioned-virtualbox, like
>>
>> ap -i inventory-ansible main.yml --ask-vault-pass
>>
>> Inventory is like this,
>>
>> [vagrant-demo]
>> 192.168.99.105
>>
>>
>> [vagrant-demo:vars]
>> ansible_user=vagrant
>> ansible_ssh_private_key_file=~/.vagrant.d/insecure_private_key
>>
>>
>> $ cat main.yml
>> ---
>> - import_playbook: provision.yml
>> - import_playbook: configure.yml
>>
>>
>>
>> And I am swithching to another user at playbook level, so that all the
>> further install and configure goes as expected.
>>
>> $ head -20 configure.yml
>> ---
>> - hosts: all
>> become: true
>> become_user: '{{ username }}'
>> become_method: sudo
>> - import_playbook: ../../main.yml
>>
>>
>> head -30 ../../main.yml
>> ---
>> - hosts: all
>>
>> vars_files:
>> - vars/vars.yml
>> - vars/repos.yml
>> - vars/curlrepos.yml
>> - vars/token.yml
>> - vars/gitrepos.yml
>>
>> pre_tasks:
>> - import_tasks: tasks/sshkeys.yml
>>
>>
>>
>> And it is failing, while executing sshkeys task.
>>
>> $ cat ../../tasks/sshkeys.yml
>> ---
>> - name: Ensure dot-ssh directory exists
>> file:
>> path: "{{ ssh_dir }}"
>> state: directory
>> mode: 700
>> owner: "{{ username }}"
>> group: "{{ username }}"
>>
>>
>> Can you please clarify, how to get this right.
>>
>> Thanks and regards,
>> Mukuntha Rajaa.
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected].
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/e02c741c-7f07-4644-a538-cb7af711248fo%40googlegroups.com
>> <https://groups.google.com/d/msgid/ansible-project/e02c741c-7f07-4644-a538-cb7af711248fo%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>>
> --
> Sent from a mobile device - please excuse the brevity, spelling and
> punctuation.
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Ansible Project" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/ansible-project/V7eoLQ-V3cc/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> [email protected].
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAL8fbwNQBWHt31k1VQB8WqdkGwM7x-rtDdHJU%3D%3DbEUjiZMMt%2Bw%40mail.gmail.com
> <https://groups.google.com/d/msgid/ansible-project/CAL8fbwNQBWHt31k1VQB8WqdkGwM7x-rtDdHJU%3D%3DbEUjiZMMt%2Bw%40mail.gmail.com?utm_medium=email&utm_source=footer>
> .
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CAD2erzd4S0H3OHJrgA5mHz9Lp8_vNdZbRc013Yg1e4CxiZxXjQ%40mail.gmail.com.
