what is mean by IMHO how can i execute all commands through playbook by a normal user with root access. On Tuesday, 14 June 2022 at 14:14:33 UTC+5:30 [email protected] wrote:
> On 14/06/2022 10:21, 'Shivakumar Venkataswamy' via Ansible Project wrote: > > ansible is user account we created and member of sudor's ( > /etc/sudoers) with full privileges' same as root. > > > IMHO the privileges are only the same when using the "sudo" command. > > Regards > > Racke > > > > > > On Tuesday, 14 June 2022 at 13:16:48 UTC+5:30 [email protected] wrote: > > > > On 14/06/2022 09:16, 'Shivakumar Venkataswamy' via Ansible Project wrote: > > > Hi team, > > > look at my playbook > > > --- > > > - hosts: all > > > become: true > > > become_user: ansible > > > tasks: > > > - name: add a user to the list of AllowUsers if not present > > > vars: > > > usernames: > > > - shivakumar.venkataswamy > > > - karthik.reddy > > > - aman.saxena > > > lineinfile: > > > path: /etc/ssh/sshd_config > > > backrefs: yes > > > backup: yes > > > state: absent > > > regexp: '^AllowUsers((?:(?:\s+\S+(?!\S))(?<!\s{{ usernames > }}))+\s*?)(\n?)$' > > > line: 'AllowUsers\1 shivakumar.venkataswamy karthik.reddy > aman.saxena\2' > > > validate: /usr/sbin/sshd -t -f %s > > > > > Permission denied: '/etc/ssh/sshd_config' > > > > The ansible user can't edit the file, so try "become_user: root" in your > task. > > > > Regards > > Racke > > > > > I'm facing below error, > > > SSH password: > > > 1 > > > BECOME password[defaults to SSH password]: > > > 2 > > > 3 > > > PLAY [all] > *********************************************************************12:45:29 > > > 4 > > > 5 > > > TASK [Gathering Facts] > *********************************************************12:45:29 > > > 6 > > > ok: [172.16.13.254] > > > 7 > > > 8 > > > TASK [add a user to the list of AllowUsers if not present] > *********************12:45:31 > > > 9 > > > An exception occurred during task execution. To see the full > traceback, use -vvv. The error was: IOError: [Errno 13] Permission denied: > '/etc/ssh/sshd_config' > > > 10 > > > fatal: [172.16.13.254]: FAILED! => {"changed": false, "module_stderr": > "Shared connection to 172.16.13.254 closed.\r\n", "module_stdout": > "Traceback (most recent call last):\r\n File > \"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\", > > line 102, in <module>\r\n _ansiballz_main()\r\n File > \"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\", > > line 94, in _ansiballz_main\r\n invoke_module(zipped_mod, temp_path, > ANSIBALLZ_PARAMS)\r\n File > \"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\", > > line 40, in invoke_module\r\n > runpy.run_module(mod_name='ansible.modules.files.lineinfile', > init_globals=None, run_name='__main__', alter_sys=True)\r\n File > \"/usr/lib64/python2.7… > > > 11 > > > 12 > > > PLAY RECAP > *********************************************************************12:45:32 > > > 13 > > > 172.16.13.254 : ok=1 changed=0 unreachable=0 failed=1 skipped=0 > rescued=0 ignored=0 > > > -- > > > You received this message because you are subscribed to the Google > Groups "Ansible Project" group. > > > To unsubscribe from this group and stop receiving emails from it, send > an email to [email protected]. > > > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/551f8529-2fc7-409c-bac9-06216fb7c6d5n%40googlegroups.com > > < > https://groups.google.com/d/msgid/ansible-project/551f8529-2fc7-409c-bac9-06216fb7c6d5n%40googlegroups.com?utm_medium=email&utm_source=footer > > < > https://groups.google.com/d/msgid/ansible-project/551f8529-2fc7-409c-bac9-06216fb7c6d5n%40googlegroups.com?utm_medium=email&utm_source=footer > >>. > > > > > > -- > > Automation expert - Ansible and friends > > Linux administrator & Debian maintainer > > Perl Dancer & conference hopper > > > > -- > > You received this message because you are subscribed to the Google > Groups "Ansible Project" group. > > To unsubscribe from this group and stop receiving emails from it, send > an email to [email protected]. > > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/2ea9555c-aa77-4f44-8ef7-e68946e80917n%40googlegroups.com > > < > https://groups.google.com/d/msgid/ansible-project/2ea9555c-aa77-4f44-8ef7-e68946e80917n%40googlegroups.com?utm_medium=email&utm_source=footer > >. > > > -- > Automation expert - Ansible and friends > Linux administrator & Debian maintainer > Perl Dancer & conference hopper > > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/e23fbbb0-68a3-4554-8b06-8c24787d0392n%40googlegroups.com.
