Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Ansible: Consider using 'become', 'become_method', and 'become_user' rather than running sudo

Tags:

ansible

ansible-ad-hoc

When I run this:

ansible host -u myuser -a "sudo su - otheruser -s /bin/bash"

I get warning:

[WARNING]: Consider using 'become', 'become_method', and 'become_user' rather
than running sudo

host | SUCCESS | rc=0 >>

But what would be equivalent using become for sudo su - otheruser -s /bin/bash?

I tried:

ansible host -u myuser --become --become-user otheruser -a "/bin/echo hello"

But I get:

host | FAILED! => {
    "changed": false,
    "module_stderr": "Shared connection to host closed.\r\n",
    "module_stdout": "sudo: a password is required\r\n",
    "msg": "MODULE FAILURE",
    "rc": 1
}

P.S. Ansible version: 2.6.4

like image 570
Andrius Avatar asked Sep 22 '18 12:09

Andrius

People also ask

What is become and become_user in Ansible?

become_user. set to user with desired privileges — the user you 'become', NOT the user you login as. Does NOT imply become: yes , to allow it to be set at host level. become_method (at play or task level) overrides the default method set in ansible.cfg, set to sudo / su / pbrun / pfexec / doas / dzdo / ksu become_flags.

What is way to mention sudo privileges in Ansible?

To specify a password for sudo, run ansible-playbook with --ask-become-pass ( -K for short). If you run a playbook utilizing become and the playbook seems to hang, most likely it is stuck at the privilege escalation prompt. Stop it with CTRL-c , then execute the playbook with -K and the appropriate password.

How do I use the sudo command in Ansible?

Ansible Sudo or become is a method to run a particular task in a playbook with Special Privileges like root user or some other user. become and become_user both have to be used in a playbook in certain cases where you want your remote user to be non-root.it is more like doing sudo -u someuser before running a task.

What is Become_method in Ansible?

become_method (at play or task level) overrides the default method set in ansible.cfg, set to sudo / su / pbrun / pfexec / doas / dzdo / ksu / runas become_flags. (at play or task level) permit the use of specific flags for the tasks or role.

1 Answers

I had to specify --become_method su. Or more specifically ansible host -u myuser --become-method su --become-user otheruser -a "/bin/echo hello"

P.S. I'm passing -a "/bin/echo hello", because ansible expect to run some command after changing user.

like image 182
Andrius Avatar answered Sep 21 '22 07:09

Andrius
Sign in to Comment

Related questions

Failed to connect to host via SSH on Vagrant with Ansible Playbook
Find ansible ssh user
Suppress Ansible Ad Hoc Warning
Dealing with a password with special characters in Ansible
Use ansible templating but rysnc to move files
AWX all jobs stop processing and hang indefinitely -- why
Ansible tasks cannot have sudo_user on a certain Vagrant box (bento)
Need help to understand workflow sequence for Ansible variable execution
Ansible with_dict template use
Check if variable is in a list within a dictionary in Ansible
How to differentiate between staging/production with a dynamic inventory?
pinging ec2 instance from ansible
Ansible Synchronize With Wildcard
How can I get a list of child groups in Ansible?
How to create conditional copy in Ansible based on network (subnet) membership
Writing a string to file using Ad-Hoc Commands in Ansible
Using register variable to store values for multi host play
Decryption failed (no vault secrets would found that could decrypt)
Ansible fails to connect with SSH (banner exchange)
Ansible fails to find boto3 and botocore although installed

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!