Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Missing sudo password in Ansible

Tags:

ansible

Ansible asks for sudo password from following code, it tries to create a new postgres user.

Error message:

fatal: [xxx.xxx.xxx.xxx] => Missing sudo password

main.yml

- name: 'Provision a PostgreSQL server'
  hosts: "dbservers"
  sudo: yes
  sudo_user: postgres
  roles:
    - postgres

create_db.yml

- name: Make sure the PostgreSQL users are present
  postgresql_user: name=rails password=secret role_attr_flags=CREATEDB,NOSUPERUSER
  sudo_user: postgres
  sudo: yes

The remote_user that used to login to this machine is a non-root user, it has no password, and can only login using key auth.

For user postgres, this account doesn't have the password as well, because the database was just installed.

Since I logged in as non-root user, of course it will ask for password when switch to postgress account in order to create database user. But it won't be need for password if switch to postgres from root account. So, I wonder if there is a way to switch to root, and then switch to user postgres.

Note: the root account has no public key, no password, and cannot login from SSH.

like image 270
user469652 Avatar asked Aug 30 '14 13:08

user469652

People also ask

How do I enter sudo password in ansible?

Providing the sudo Password If the remote user needs to provide a password in order to run sudo commands, you can include the option --ask-become-pass to your Ansible command. This will prompt you to provide the remote user sudo password: ansible all -m ping --ask-become-pass.

How do I bypass sudo password in ansible Tower?

You can pass variable on the command line via --extra-vars "name=value". You need to use the Sudo password variable named ansible_sudo_pass as shown below.

How do I add sudo to ansible?

To create a user with sudo privileges is to put the user into /etc/sudoers , or make the user a member of a group specified in /etc/sudoers . And to make it password-less is to additionally specify NOPASSWD in /etc/sudoers . And instead of fiddling with /etc/sudoers file, we can create a new file in /etc/sudoers.

What is way to mention sudo privilege in ansible?

To specify a password for sudo, run ansible-playbook with --ask-become-pass ( -K for short). If you run a playbook utilizing become and the playbook seems to hang, most likely it is stuck at the privilege escalation prompt. Stop it with CTRL-c , then execute the playbook with -K and the appropriate password.

2 Answers

Try with the option -kK. It will prompt for password.

$ ansible-playbook mail.yml -kK 
SSH password: 
BECOME password[defaults to SSH password]:
  • -k, --ask-pass: ask for connection password
  • -K, --ask-become-pass: ask for privilege escalation password
like image 122
nesinor Avatar answered Oct 24 '22 21:10

nesinor

You can specificy the sudo password when running the Ansible playbook:

ansible-playbook playbook.yml -i inventory.ini --extra-vars "ansible_sudo_pass=yourPassword"
like image 30
Asier Gomez Avatar answered Oct 24 '22 19:10

Asier Gomez
Sign in to Comment

Related questions

shell-init: error retrieving current directory: getcwd -- The usual fixes do not wor
Ansible: copy a directory content to another directory
Ansible Handler notify vs register
Ansible: deploy on multiple hosts in the same time
Ansible: how to construct a variable from another variable and then fetch it's value
Ansible date variable
Difference between become and become_user in Ansible
Ansible SSH private key in source control?
user vs sudo vs sudo_user in ansible playbooks
How to define private SSH keys for servers in dynamic inventories
Conditionally define variable in Ansible
How to execute a shell script on a remote server using Ansible?
Ansible Ignore errors in tasks and fail at end of the playbook if any tasks had errors
Create and use group without restart
Ansible : create a relative symlink
Accessing inventory host variable in Ansible playbook
Why does Ansible show "ERROR! no action detected in task" error?
Skip Ansible task when running in check mode?
Using set_facts and with_items together in Ansible
How do I exit Ansible play without error on a condition

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!