Dear all, I'm new to ansible and system admin on linux, I have a problem that I don't understand what happen behind the scene.
Here is my scenario: - I create a kvm (machine B) on my host machine, this is also an ansible control machine (machine A) - Then copy the ssh key of the user (user X with sudoer) I will run ansible playbook from A to B - I can run playbook with become privilege, in my playbook I install NIS and setup B to join my network domain (bind with a dns server) - Then now the problem happen, I can't run playbook from A to B anymore with userX Below are the problems: + When I put become: true (use default become_user, should be root) for all tasks then playbook can't gather facts from B, I got Permission denied when gathering facts /usr/bin/python: can't open file '/home/[*userX*]/.ansible/tmp/ansible-tmp-1523038454.61-125714211155466/setup.py': [Errno 13] Permission denied + When I move become: true to individual task, then I have same Permission denied /usr/bin/python: can't open file '/home/[*userX*]/.ansible/tmp/ansible-tmp-1523040035.49-151403862005878/apt.py': [Errno 13] Permission denied + When I try to elevate to exact user X with become_user: userX, seems this user doesn't have proper permission "changed": false, "msg": "Failed to lock apt for exclusive operation" Seems I have some problems: - root user didn't setup properly on B so it can't access to /home/[*userX*] directory (I read some instruction said that use 'HOME=/root ansible-playbook my_pb.yml ...' but still failed: OSError: [Errno 13] Permission denied: '~/.ansible/tmp') - not sure what happen with userX but it can't execute sudo via ansible on B (although I tried to ssh with userX on B and do some sudo tasks such as apt-get install) Please help to tell if I have miss any configurations (I think during the kvm creation, I miss some steps here) Thanks, Quang -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/f9f6a41e-0fb0-483a-9a6c-46b1ba3dd426%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
