On 14/06/2022 10:21, 'Shivakumar Venkataswamy' via Ansible Project wrote:
ansible is user account we created and member of sudor's ( /etc/sudoers) with full privileges' same as root.
IMHO the privileges are only the same when using the "sudo" command. Regards Racke
On Tuesday, 14 June 2022 at 13:16:48 UTC+5:30 ra...@linuxia.de wrote: On 14/06/2022 09:16, 'Shivakumar Venkataswamy' via Ansible Project wrote: > Hi team, > look at my playbook > --- > - hosts: all > become: true > become_user: ansible > tasks: > - name: add a user to the list of AllowUsers if not present > vars: > usernames: > - shivakumar.venkataswamy > - karthik.reddy > - aman.saxena > lineinfile: > path: /etc/ssh/sshd_config > backrefs: yes > backup: yes > state: absent > regexp: '^AllowUsers((?:(?:\s+\S+(?!\S))(?<!\s{{ usernames }}))+\s*?)(\n?)$' > line: 'AllowUsers\1 shivakumar.venkataswamy karthik.reddy aman.saxena\2' > validate: /usr/sbin/sshd -t -f %s > Permission denied: '/etc/ssh/sshd_config' The ansible user can't edit the file, so try "become_user: root" in your task. Regards Racke > I'm facing below error, > SSH password: > 1 > BECOME password[defaults to SSH password]: > 2 > 3 > PLAY [all] *********************************************************************12:45:29 > 4 > 5 > TASK [Gathering Facts] *********************************************************12:45:29 > 6 > ok: [172.16.13.254] > 7 > 8 > TASK [add a user to the list of AllowUsers if not present] *********************12:45:31 > 9 > An exception occurred during task execution. To see the full traceback, use -vvv. The error was: IOError: [Errno 13] Permission denied: '/etc/ssh/sshd_config' > 10 > fatal: [172.16.13.254]: FAILED! => {"changed": false, "module_stderr": "Shared connection to 172.16.13.254 closed.\r\n", "module_stdout": "Traceback (most recent call last):\r\n File \"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\", line 102, in <module>\r\n _ansiballz_main()\r\n File \"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\", line 94, in _ansiballz_main\r\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\r\n File \"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\", line 40, in invoke_module\r\n runpy.run_module(mod_name='ansible.modules.files.lineinfile', init_globals=None, run_name='__main__', alter_sys=True)\r\n File \"/usr/lib64/python2.7… > 11 > 12 > PLAY RECAP *********************************************************************12:45:32 > 13 > 172.16.13.254 : ok=1 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0 > -- > You received this message because you are subscribed to the Google Groups "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com. > To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/551f8529-2fc7-409c-bac9-06216fb7c6d5n%40googlegroups.com <https://groups.google.com/d/msgid/ansible-project/551f8529-2fc7-409c-bac9-06216fb7c6d5n%40googlegroups.com?utm_medium=email&utm_source=footer <https://groups.google.com/d/msgid/ansible-project/551f8529-2fc7-409c-bac9-06216fb7c6d5n%40googlegroups.com?utm_medium=email&utm_source=footer>>.-- Automation expert - Ansible and friendsLinux administrator & Debian maintainer Perl Dancer & conference hopper -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/2ea9555c-aa77-4f44-8ef7-e68946e80917n%40googlegroups.com <https://groups.google.com/d/msgid/ansible-project/2ea9555c-aa77-4f44-8ef7-e68946e80917n%40googlegroups.com?utm_medium=email&utm_source=footer>.
-- Automation expert - Ansible and friends Linux administrator & Debian maintainer Perl Dancer & conference hopper -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/2ce21b25-df75-0483-ac58-1a21affd03bc%40linuxia.de.
OpenPGP_signature
Description: OpenPGP digital signature
