Hello, I am trying to provision a host using ansible (remote). The host is a clean ubuntu 18.04 install, but I am blocked running a simple ansible cookbook that requires root privileges.
I can run simple shell commands such as: echo '{{user `ssh_password`}}' | sudo -S shutdown -P now But I need a way to feed the sudo password into ansible, otherwise it fails: ubuntu-18.04: fatal: [default]: FAILED! => {"cache_update_time": 1574096255, "cache_updated": false, "changed": false, "msg": "'/usr/bin/apt-get -y -o \"Dpkg::Options::=--force-confdef\" -o \"Dpkg::Options::=--force-confold\" install 'mariadb-server'' failed: E: Could not open lock file /var/lib/dpkg/lock-frontend - open (13: Permission denied)\nE: Unable to acquire the dpkg frontend lock (/var/lib/dpkg/lock-frontend), are you root?\n", "rc": 100, "stderr": "E: Could not open lock file /var/lib/dpkg/lock-frontend - open (13: Permission denied)\nE: Unable to acquire the dpkg frontend lock (/var/lib/dpkg/lock-frontend), are you root?\n", "stderr_lines": ["E: Could not open lock file /var/lib/dpkg/lock-frontend - open (13: Permission denied)", "E: Unable to acquire the dpkg frontend lock (/var/lib/dpkg/lock-frontend), are you root?"], "stdout": "", "stdout_lines" : []} I have tried to tell ansible to use become: ubuntu-18.04: fatal: [default]: FAILED! => {"msg": "Missing sudo password"} I have tried to pass the password as input: "provisioners": [ "type": "ansible", "command": "bash -c \"echo '{{user `ssh_password`}}' | ansible-playbook $@\"", "extra_arguments": [ "--ask-become-pass" ], however, this fails as it seems we cannot pass a commands with arguments: * Error running "bash -c "echo '<sensitive>' | ansible-playbook $@" --version": exec: "bash -c \"echo '<sensitive>' | ansible-playbook $@\"": executable file not found in $PATH I have tried to use the user root directly: "provisioners": [ "type": "ansible", "user": "root", however this fails because I imagine ubuntu does not allow root to SSH directly: ubuntu-18.04: fatal: [default]: UNREACHABLE! => {"changed": false, "msg" : "Authentication or permission failure. In some cases, you may have been able to authenticate and did not have permissions on the target directory. Consider changing the remote tmp path in ansible.cfg to a path rooted in \"/tmp\". Failed command was: ( umask 77 && mkdir -p \"` echo /root/.ansible/tmp/ansible-tmp-1574094286.5371425-44623893214428 `\" && echo ansible-tmp-1574094286.5371425-44623893214428=\"` echo /root/.ansible/tmp/ansible-tmp-1574094286.5371425-44623893214428 `\" ), exited with result 1", "unreachable": true} I would like to find a solution that does not requires lowering the security of my host, such as allowing root SSH, or passwordless sudo. This seem like a pretty basic scenario, and I am surprised that I could not fine anyone explaining how to solve this issue. The only reference I found is this post: https://github.com/hashicorp/packer/issues/4263#issuecomment-280103496 but it got shutdown and the poster did not created a ticket. Any ideas or help would be very welcome. Thanks Val -- This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list. GitHub Issues: https://github.com/mitchellh/packer/issues IRC: #packer-tool on Freenode --- You received this message because you are subscribed to the Google Groups "Packer" group. To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/ccb64399-61d2-4826-877e-584bd2bf1262%40googlegroups.com.