If i do a "--become-user MYUSERNAME it does not time out and executes
properly.
ie.
MYUSERNAME@ANSIBLESERVER ~]$ ansible TARGETHOSTGROUP -b -k -K -i
/etc/ansible/inventory/ -m ping --become-user MYUSERNAME
I exist on both systems. and authenticate via ldap.
somebody explain why I have to become myself.
On Wednesday, February 23, 2022 at 12:49:48 PM UTC-6 Anthony Cygne wrote:
> tail -f messages secure
>
>
> {with ansible}
> ==> messages <==
> Feb 23 18:46:31 alcp-im1 sshd[30107]: rexec line 141: Deprecated option
> RhostsRSAAuthentication
>
> ==> secure <==
> Feb 23 18:46:31 alcp-im1 sshd[30107]: rexec line 141: Deprecated option
> RhostsRSAAuthentication
> Feb 23 18:46:31 alcp-im1 sshd[30107]: FIPS mode initialized
> Feb 23 18:46:31 alcp-im1 sshd[30107]: reprocess config line 141:
> Deprecated option RhostsRSAAuthentication
> Feb 23 18:46:31 alcp-im1 sshd[30107]: pam_sss(sshd:auth): authentication
> success; logname= uid=0 euid=0 tty=ssh ruser= rhost=alip-util1.nrtio.com
> user=acygne-admin
> Feb 23 18:46:31 alcp-im1 sshd[30107]: Accepted password for acygne-admin
> from 172.20.60.30 port 54870 ssh2
>
> ==> messages <==
> Feb 23 18:46:31 alcp-im1 systemd-logind: New session 7242 of user
> acygne-admin.
>
> ==> secure <==
> Feb 23 18:46:31 alcp-im1 systemd-logind: New session 7242 of user
> acygne-admin.
>
> ==> messages <==
> Feb 23 18:46:31 alcp-im1 systemd: Started Session 7242 of user
> acygne-admin.
>
> ==> secure <==
> Feb 23 18:46:31 alcp-im1 sshd[30107]: pam_unix(sshd:session): session
> opened for user acygne-admin by (uid=0)
>
>
>
>
>
>
> {manual ssh and elevate}
> Feb 23 18:47:49 alcp-im1 sshd[30112]: Received disconnect from
> 172.20.60.30 port 54870:11: disconnected by user
> Feb 23 18:47:49 alcp-im1 sshd[30112]: Disconnected from 172.20.60.30 port
> 54870
> Feb 23 18:47:49 alcp-im1 sshd[30107]: pam_unix(sshd:session): session
> closed for user acygne-admin
>
> ==> messages <==
> Feb 23 18:47:49 alcp-im1 systemd-logind: Removed session 7242.
>
> ==> secure <==
> Feb 23 18:47:49 alcp-im1 systemd-logind: Removed session 7242.
>
> ==> messages <==
> Feb 23 18:47:54 alcp-im1 sshd[30301]: rexec line 141: Deprecated option
> RhostsRSAAuthentication
>
> ==> secure <==
> Feb 23 18:47:54 alcp-im1 sshd[30301]: rexec line 141: Deprecated option
> RhostsRSAAuthentication
> Feb 23 18:47:54 alcp-im1 sshd[30301]: FIPS mode initialized
> Feb 23 18:47:54 alcp-im1 sshd[30301]: reprocess config line 141:
> Deprecated option RhostsRSAAuthentication
> Feb 23 18:47:57 alcp-im1 sshd[30301]: pam_sss(sshd:auth): authentication
> success; logname= uid=0 euid=0 tty=ssh ruser= rhost=alip-util1.nrtio.com
> user=acygne-admin
> Feb 23 18:47:57 alcp-im1 sshd[30301]: Accepted password for acygne-admin
> from 172.20.60.30 port 55028 ssh2
>
> ==> messages <==
> Feb 23 18:47:57 alcp-im1 systemd-logind: New session 7243 of user
> acygne-admin.
>
> ==> secure <==
> Feb 23 18:47:57 alcp-im1 systemd-logind: New session 7243 of user
> acygne-admin.
>
> ==> messages <==
> Feb 23 18:47:57 alcp-im1 systemd: Started Session 7243 of user
> acygne-admin.
>
> ==> secure <==
> Feb 23 18:47:57 alcp-im1 sshd[30301]: pam_unix(sshd:session): session
> opened for user acygne-admin by (uid=0)
> Feb 23 18:48:04 alcp-im1 sudo: pam_sss(sudo:auth): authentication success;
> logname=acygne-admin uid=1208001658 euid=0 tty=/dev/pts/1
> ruser=acygne-admin rhost= user=acygne-admin
> Feb 23 18:48:04 alcp-im1 sudo: acygne-admin : TTY=pts/1 ;
> PWD=/home/acygne-admin ; USER=root ; COMMAND=/bin/su
> Feb 23 18:48:04 alcp-im1 sudo: pam_unix(sudo:session): session opened for
> user root by acygne-admin(uid=0)
>
> ==> messages <==
> Feb 23 18:48:04 alcp-im1 su: (to root) acygne-admin on pts/1
>
> ==> secure <==
> Feb 23 18:48:04 alcp-im1 su: (to root) acygne-admin on pts/1
> Feb 23 18:48:04 alcp-im1 su: pam_unix(su:session): session opened for user
> root by acygne-admin(uid=0)
>
>
>
>
> On Wednesday, February 23, 2022 at 9:48:16 AM UTC-6 Anthony Cygne wrote:
>
>> | FAILED! => {
>> "msg": "Timeout (17s) waiting for privilege escalation prompt: "
>> }
>>
>> I can manually elevate with the correct same password. But not with
>> ansible. Same playbook works fine for others.
>>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/4b3df1b0-fa08-4a96-8a31-b3e29843ec25n%40googlegroups.com.
