On 14/06/2022 10:21, 'Shivakumar Venkataswamy' via Ansible Project wrote:
ansible is user account we created and member of sudor's ( /etc/sudoers) with full privileges' same as root.
IMHO the privileges are only the same when using the "sudo" command. Regards Racke
On Tuesday, 14 June 2022 at 13:16:48 UTC+5:30 [email protected] wrote: On 14/06/2022 09:16, 'Shivakumar Venkataswamy' via Ansible Project wrote: > Hi team, > look at my playbook > --- > - hosts: all > become: true > become_user: ansible > tasks: > - name: add a user to the list of AllowUsers if not present > vars: > usernames: > - shivakumar.venkataswamy > - karthik.reddy > - aman.saxena > lineinfile: > path: /etc/ssh/sshd_config > backrefs: yes > backup: yes > state: absent > regexp: '^AllowUsers((?:(?:\s+\S+(?!\S))(?<!\s{{ usernames }}))+\s*?)(\n?)$' > line: 'AllowUsers\1 shivakumar.venkataswamy karthik.reddy aman.saxena\2' > validate: /usr/sbin/sshd -t -f %s > Permission denied: '/etc/ssh/sshd_config' The ansible user can't edit the file, so try "become_user: root" in your task. Regards Racke > I'm facing below error, > SSH password: > 1 > BECOME password[defaults to SSH password]: > 2 > 3 > PLAY [all] *********************************************************************12:45:29 > 4 > 5 > TASK [Gathering Facts] *********************************************************12:45:29 > 6 > ok: [172.16.13.254] > 7 > 8 > TASK [add a user to the list of AllowUsers if not present] *********************12:45:31 > 9 > An exception occurred during task execution. To see the full traceback, use -vvv. The error was: IOError: [Errno 13] Permission denied: '/etc/ssh/sshd_config' > 10 > fatal: [172.16.13.254]: FAILED! => {"changed": false, "module_stderr": "Shared connection to 172.16.13.254 closed.\r\n", "module_stdout": "Traceback (most recent call last):\r\n File \"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\", line 102, in <module>\r\n _ansiballz_main()\r\n File \"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\", line 94, in _ansiballz_main\r\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\r\n File \"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\", line 40, in invoke_module\r\n runpy.run_module(mod_name='ansible.modules.files.lineinfile', init_globals=None, run_name='__main__', alter_sys=True)\r\n File \"/usr/lib64/python2.7… > 11 > 12 > PLAY RECAP *********************************************************************12:45:32 > 13 > 172.16.13.254 : ok=1 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0 > -- > You received this message because you are subscribed to the Google Groups "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. > To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/551f8529-2fc7-409c-bac9-06216fb7c6d5n%40googlegroups.com <https://groups.google.com/d/msgid/ansible-project/551f8529-2fc7-409c-bac9-06216fb7c6d5n%40googlegroups.com?utm_medium=email&utm_source=footer <https://groups.google.com/d/msgid/ansible-project/551f8529-2fc7-409c-bac9-06216fb7c6d5n%40googlegroups.com?utm_medium=email&utm_source=footer>>.-- Automation expert - Ansible and friendsLinux administrator & Debian maintainer Perl Dancer & conference hopper -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/2ea9555c-aa77-4f44-8ef7-e68946e80917n%40googlegroups.com <https://groups.google.com/d/msgid/ansible-project/2ea9555c-aa77-4f44-8ef7-e68946e80917n%40googlegroups.com?utm_medium=email&utm_source=footer>.
-- Automation expert - Ansible and friends Linux administrator & Debian maintainer Perl Dancer & conference hopper -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/2ce21b25-df75-0483-ac58-1a21affd03bc%40linuxia.de.
OpenPGP_signature
Description: OpenPGP digital signature
