[ansible-project] Ansible reports “permission denied” when issuing command on remote host

Thu, 02 Jun 2016 10:12:55 -0700 


Ansible 2.1
Ansible host: Ubuntu 16.04
Remote host: CentOS 6.5


I have a simple ansible project:

├── hosts
├── roles
│   └── setup
│       ├── defaults
│       │   └── main.yml
│       ├── tasks
│       │   └── main.yml
│       └── templates
│           └── automation-agent.config.j2
└── site.yml


Command I used to run playbook:

ansible-playbook -i hosts site.yml --user admin --ask-pass


On the remote host, I have set up user admin with root priviledge:

root    ALL=(ALL)       ALL
admin   ALL=(ALL)       ALL


However, one of the playbook tasks ran into issue:

- name: Back up Automation Agent config file if exists
  command: mv /etc/mongodb-mms/automation-agent.config 
/etc/mongodb-mms/automation-agent.config.bak

Ansible reports:

TASK [setup : Back up Automation Agent config file if exists] ******************
fatal: [192.168.241.135]: FAILED! => {"changed": true, "cmd": ["mv", 
"/etc/mongodb-mms/automation-agent.config", 
"/etc/mongodb-mms/automation-agent.config.bak"], "delta": "0:00:00.002588", 
"end": "2016-06-01 22:57:55.577158", "failed": true, "rc": 1, "start": 
"2016-06-01 22:57:55.574570", "stderr": "mv: cannot move 
`/etc/mongodb-mms/automation-agent.config' to 
`/etc/mongodb-mms/automation-agent.config.bak': Permission denied", "stdout": 
"", "stdout_lines": [], "warnings": []}


Noted that permission setting on /etc/mongodb-mms/automation-agent.config
 is 0600

-rw-------. 1 mongod mongod 313 Jun 1 04:48 automation-agent.config


Apparently one would need sudo priviledge to make changes to this file. I 
have tried Ansible's --become and --become-user, but not having success.

ansible-playbook -i hosts site.yml --user admin --ask-pass --become 
--become-user admin



What should I do in Ansible to gain sudo and make changes to that file?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/b763d95e-fb42-4ea9-b773-1ae6addc5b87%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to