Hi all, I have a target server where I have a user, *user1*, who can become another privileged user, *admin1*, without password.and admin1 can run any command with sudo, like "sudo ls /root" --> works.
So from remote server I can do this: *[user1@server1~]$ sudo su - admin1 *--> successful *[admin1@server1~]$ sudo ls -l /root/* --> successful Now, if I try this from ansible, it doesn't work, note that I do not need password to become admin1 from user1 user. Tried this, failed, while connecting to server1 as user1: *$ ansible -i hosts server1 -m shell -a "ls /root/" --become-user admin1 --become-method sudo -b* I receive error like: <192.168.10.10> ssh_retry: attempt: 5, caught exception(Missing sudo password) from cmd (['ssh', '-vvv', '-C', '-o', 'ControlMaster=auto', '-o', 'ControlPersist=60s', '-o', 'StrictHostKeyChecking=no', '-o', 'Port=22', '-o', 'IdentityFile="/home/user1/ansible-env/user1"', '-o', 'KbdInteractiveAuthentication=no', '-o', 'PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey', '-o', 'PasswordAuthentication=no', '-o', 'User="user1"', '-o', 'ConnectTimeout=10', '-o', 'ControlPath=/home/user1/.ansible/cp/e81f1307f9', '-tt', '192.168.10.10', '/bin/sh -c \'sudo -H -S -n -u mygpadmin /bin/sh -c \'"\'"\'echo BECOME-SUCCESS-prgmplogeczegkatiwtdoyhjtxaphgrv ; /usr/bin/python /var/tmp/ansible-tmp-1589381399.57-2262637800948/AnsiballZ_command.py\'"\'"\' && sleep 0\'']...), pausing for 15 seconds <192.168.10.10> SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o Port=22 -o 'IdentityFile="/home/user1/ansible-env/user1"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="user1"' -o ConnectTimeout=10 -o ControlPath=/home/user1/.ansible/cp/e81f1307f9 -tt 192.168.10.10 '/bin/sh -c '"'"'sudo -H -S -n -u mygpadmin /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-prgmplogeczegkatiwtdoyhjtxaphgrv ; /usr/bin/python /var/tmp/ansible-tmp-1589381399.57-2262637800948/AnsiballZ_command.py'"'"'"'"'"'"'"'"' && sleep 0'"'"'' Escalation requires password How can I resolve this issue if I want to become another and run command with sudo using ansible/ansible-playbook but without using password. As user1, I can run all commands user1 is allowed to. Thanks. - Zayed. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/18c1ee0d-2f8a-40fe-bf56-356a8bb4f210%40googlegroups.com.
