Hey Colin, Have you had any luck with this? I'm running into some very similar issues.
Thanks! On Thursday, 10 March 2016 03:03:48 UTC-5, Colin Anderson wrote: > > Hi, > > The central IT function at my company allows developers root access to a > server for a short period of time to allow us to install any required > middelware and application software when we are commissioning a server. > I've been looking at using Ansible to automate this process to prevent user > errors and make the process more efficient. The problem that I've run into > is that they only allow root access using the following sudo call: > > sudo rootsh -i -u root > > This uses a logging shell wrapper, rootsh (man page > <http://linux.die.net/man/1/rootsh>), to log all terminal input and > output for audit purposes. We can't change this and it means we can't use > any of the standard become_methods that Ansible uses. > > Is there any way of adding a become_method to Ansible that would call the > above command instead of just sudo? Alternatively, is there anyway of > getting Ansible to run rootsh when it requests elevated privileges? > > I did try the following in the vain hope that it might work, but as I > feared, it failed: > > site.yml: > --- > - hosts: vagrant-servers > become: yes > become_user: root > become_method: sudo rootsh -i -u root > > roles: > - ansible-oracle-java-master > > > Play output: > vagrant@ansible-master:~$ ansible-playbook -i hosts site.yml > > PLAY > *************************************************************************** > > TASK [setup] > ******************************************************************* > fatal: [10.10.1.4]: FAILED! => {"failed": true, "msg": "ERROR! Privilege > escalation method not found: sudo rootsh -i -u root"} > fatal: [10.10.1.5]: FAILED! => {"failed": true, "msg": "ERROR! Privilege > escalation method not found: sudo rootsh -i -u root"} > fatal: [10.10.1.6]: FAILED! => {"failed": true, "msg": "ERROR! Privilege > escalation method not found: sudo rootsh -i -u root"} > fatal: [10.10.1.3]: FAILED! => {"failed": true, "msg": "ERROR! Privilege > escalation method not found: sudo rootsh -i -u root"} > > NO MORE HOSTS LEFT > ************************************************************* > > PLAY RECAP > ********************************************************************* > 10.10.1.3 : ok=0 changed=0 unreachable=0 failed= > 1 > 10.10.1.4 : ok=0 changed=0 unreachable=0 failed= > 1 > 10.10.1.5 : ok=0 changed=0 unreachable=0 failed= > 1 > 10.10.1.6 : ok=0 changed=0 unreachable=0 failed= > 1 > > vagrant@ansible-master:~$ > > Thanks, > Colin. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/e0bf0ff4-71a5-4fea-ba64-28da313dcf29%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
