Re: [ansible-project] looks like sudo error, may be
I can become root but not oracle On Wed, 31 Oct 2018 at 21:09, Ankit Vashistha wrote: > I suspect it has something related to the permission mentioned in the > output. > > On Thu, Nov 1, 2018, 7:36 AM 'Kallu Srikanth' via Ansible Project < > ansible-project@googlegroups.com> wrote: > >> Playbook: >> >> --- >> - hosts: patch_group >> user: dpiesa >> become: yes >> become_user: root >> become_method: sudo >> roles: >> - acx_oracle_stopdb >> >> Role : >> >> --- # Stop oracle db >> >> name: stopping Oracle database >> debug: >> msg: "Stopping database on host {{ ansible_fqdn }}" >> Test user oracle >> #- block: >> >> name: Test Perms >> command: mv /home/oracle/test /home/oracle/test_ok >> become: yes >> become_user: oracle >> Error >> >> TASK [acx_oracle_stopdb : Test Perms] >> *** >> fatal: [dscadev0454.mpsdev.net]: FAILED! => {"msg": "Timeout (12s) >> waiting for privilege escalation prompt: >> +-+\r\n| >> Shared Account Shell Monitor |\r\n| |\r\n| This shell session is being >> monitored, and appropriate |\r\n| personnel have been notified of this >> invocation. You are |\r\n| responsible for all activity logged under this >> session. |\r\n| Do NOT leave this terminal unattended. You are encouraged >> |\r\n| to use adhoc sudo commands instead of a shell for casual |\r\n| use. >> Excessive "trivial" use of the shell will be addressed. |\r\n| >> |\r\n+-+\r\n"} >> >> >> Can any body help please >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Ansible Project" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to ansible-project+unsubscr...@googlegroups.com. >> To post to this group, send email to ansible-project@googlegroups.com. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/ansible-project/0032a133-108b-4296-b332-653953ba6efd%40googlegroups.com >> <https://groups.google.com/d/msgid/ansible-project/0032a133-108b-4296-b332-653953ba6efd%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to ansible-project+unsubscr...@googlegroups.com. > To post to this group, send email to ansible-project@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/CACecUhu%2B5P%3D%2BnUgNabVi%2BJjfBgYK9F9vi6vcbK52aXwpn%2Bp1Qg%40mail.gmail.com > <https://groups.google.com/d/msgid/ansible-project/CACecUhu%2B5P%3D%2BnUgNabVi%2BJjfBgYK9F9vi6vcbK52aXwpn%2Bp1Qg%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CA%2BV0uEwsk%3DQ65oJ1Vy5A4MTdYxo7ZHrkzuYKTz9qhibwyYMFkQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] looks like sudo error, may be
Playbook: --- - hosts: patch_group user: dpiesa become: yes become_user: root become_method: sudo roles: - acx_oracle_stopdb Role : --- # Stop oracle db name: stopping Oracle database debug: msg: "Stopping database on host {{ ansible_fqdn }}" Test user oracle #- block: name: Test Perms command: mv /home/oracle/test /home/oracle/test_ok become: yes become_user: oracle Error TASK [acx_oracle_stopdb : Test Perms] *** fatal: [dscadev0454.mpsdev.net]: FAILED! => {"msg": "Timeout (12s) waiting for privilege escalation prompt: +-+\r\n| Shared Account Shell Monitor |\r\n| |\r\n| This shell session is being monitored, and appropriate |\r\n| personnel have been notified of this invocation. You are |\r\n| responsible for all activity logged under this session. |\r\n| Do NOT leave this terminal unattended. You are encouraged |\r\n| to use adhoc sudo commands instead of a shell for casual |\r\n| use. Excessive "trivial" use of the shell will be addressed. |\r\n| |\r\n+-+\r\n"} Can any body help please -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/0032a133-108b-4296-b332-653953ba6efd%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] Need help to find how to run root command with non-root user and escalated privilages
Brian, Actually it worked instead of removing -n i added "default: '-H -S" at the end of the file Thank you very much, I really appreciate it On Monday, May 21, 2018 at 10:35:10 PM UTC-5, Brian Coca wrote: > > You seem to have a non standard/old sudo, change the default > become_flags as they seem to be causing the problem, specifically, > remove -n (default: '-H -S -n' > ) > > -- > -- > Brian Coca > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/43f9f0d6-09a3-4fbe-aac4-cfc3a3dc200f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] Need help to find how to run root command with non-root user and escalated privilages
Hi Abhay i still have the error Code : - --- - hosts: dpie_prod user: dpiesa become: true become_method: enable tasks: - name: install telnet yum: pkg=telnet state=present update_cache=true ERROR: fatal: [lind01]: FAILED! => {"changed": false, "module_stderr": "Shared connection to lind01.\r\n", "module_stdout": "sudo: illegal option `-n'\r\nusage: sudo -h | -K | -k | -L | -l | -V | -v\r\nusage: sudo [-bEHPS] [-p prompt] [-u username|#uid] [VAR=value]\r\n{-i | -s | }\r\nusage: sudo -e [-S] [-p prompt] [-u username|#uid] file ...\r\n", "msg": "MODULE FAILURE", "rc": 1} But I can run this successfully manually on a server like this without password #dpiesa@lind01:/home/dpiesa> sudo yum install telnet Also can become root like this dpiesa@lind01:/home/dpiesa> become root@lind01:/root> On Monday, May 21, 2018 at 10:59:42 PM UTC-5, abhay srivastava wrote: > > Try: > > - hosts: dpie_prod > user: dpiesa > become: True > tasks: > - name: install telnet > yum: pkg=telnet state=installed update_cache=true > #command: sudo yum install telnet -y > > > > > On Sat, May 19, 2018 at 12:56 AM, 'Kallu Srikanth' via Ansible Project < > ansible...@googlegroups.com > wrote: > >> Hi, >> >> I highly appreciate if anybody can help, please >> >> ### playbook ## >> >> - hosts: dpie_prod >> user: dpiesa >> tasks: >> - name: install telnet >> yum: pkg=telnet state=installed update_cache=true >> #command: sudo yum install telnet -y >> become: yes >> become_user: root >> become_method: sudo >> >> The above does not work and throws this error >> >> TASK [install telnet] >> >> [WARNING]: Module invocation had junk after the JSON data: usage: sudo >> -e [-S] [-p prompt] [-u username|#uid] file ... >> >> fatal: [lind01.corp.acxiom.net]: FAILED! => {"changed": false, >> "module_stderr": "Shared connection to lind01.corp.acxiom.net >> closed.\r\n", "module_stdout": "sudo: illegal option `-n'\r\nusage: sudo -h >> | -K | -k | -L | -l | -V | -v\r\nusage: sudo [-bEHPS] [-p prompt] [-u >> username|#uid] [VAR=value]\r\n{-i | -s | }\r\nusage: >> sudo -e [-S] [-p prompt] [-u username|#uid] file ...\r\n", "msg": "MODULE >> FAILURE", "rc": 1} >> to retry, use: --limit >> @/home/dpiesa/playbooks/install_telnet.retry >> >> >> ## >> >> But below works >> >> - hosts: dpie_prod >> user: dpiesa >> tasks: >> - name: install telnet >> command: sudo yum install telnet -y >> >> >> >> >> [dpiesa@cwypatch06 playbooks]$ ansible --version >> ansible 2.5.2 >> config file = /etc/ansible/ansible.cfg >> configured module search path = >> [u'/home/dpiesa/.ansible/plugins/modules', >> u'/usr/share/ansible/plugins/modules'] >> ansible python module location = >> /usr/lib/python2.7/site-packages/ansible >> executable location = /bin/ansible >> python version = 2.7.5 (default, Aug 4 2017, 00:39:18) [GCC 4.8.5 >> 20150623 (Red Hat 4.8.5-16)] >> >> >> I think I am not using become options correctly can somebody help ?? >> >> Thank you. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Ansible Project" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to ansible-proje...@googlegroups.com . >> To post to this group, send email to ansible...@googlegroups.com >> . >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/ansible-project/2de5f3d4-b9b8-45be-b0c2-8941e4c55c52%40googlegroups.com >> >> <https://groups.google.com/d/msgid/ansible-project/2de5f3d4-b9b8-45be-b0c2-8941e4c55c52%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > > > > -- > Regards, > Abhay Srivastava > --- > Mob-9160512000 > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/573867fd-3869-4395-a0d1-7c20fb415e7c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] Need help to find how to run root command with non-root user and escalated privilages
Not sure how can I specifically remove this -n Below is my code/error/other info if you can help, please Code : - --- - hosts: dpie_prod user: dpiesa become: yes become_method: enable tasks: - name: install telnet yum: pkg=telnet state=present update_cache=true ERROR: fatal: [lind01]: FAILED! => {"changed": false, "msg": "You need to be root to perform this command.\n", "rc": 1, "results": ["Loaded plugins: fastestmirror, package_upload, product-id, search-disabled-\n : repos, security, subscription-manager\n"]} But I can run this successfully manually on a server like this without password #dpiesa@lind01:/home/dpiesa> sudo yum install telnet Also can become root like this dpiesa@lind01:/home/dpiesa> become root@lind01:/root> On Monday, May 21, 2018 at 10:35:10 PM UTC-5, Brian Coca wrote: > > You seem to have a non standard/old sudo, change the default > become_flags as they seem to be causing the problem, specifically, > remove -n (default: '-H -S -n' > ) > > -- > -- > Brian Coca > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/f6dd1c80-7dfb-4090-a3f6-2cfda49f56c5%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Need help to find how to run root command with non-root user and escalated privilages
Hi, I highly appreciate if anybody can help, please ### playbook ## - hosts: dpie_prod user: dpiesa tasks: - name: install telnet yum: pkg=telnet state=installed update_cache=true #command: sudo yum install telnet -y become: yes become_user: root become_method: sudo The above does not work and throws this error TASK [install telnet] [WARNING]: Module invocation had junk after the JSON data: usage: sudo -e [-S] [-p prompt] [-u username|#uid] file ... fatal: [lind01.corp.acxiom.net]: FAILED! => {"changed": false, "module_stderr": "Shared connection to lind01.corp.acxiom.net closed.\r\n", "module_stdout": "sudo: illegal option `-n'\r\nusage: sudo -h | -K | -k | -L | -l | -V | -v\r\nusage: sudo [-bEHPS] [-p prompt] [-u username|#uid] [VAR=value]\r\n{-i | -s | }\r\nusage: sudo -e [-S] [-p prompt] [-u username|#uid] file ...\r\n", "msg": "MODULE FAILURE", "rc": 1} to retry, use: --limit @/home/dpiesa/playbooks/install_telnet.retry ## But below works - hosts: dpie_prod user: dpiesa tasks: - name: install telnet command: sudo yum install telnet -y [dpiesa@cwypatch06 playbooks]$ ansible --version ansible 2.5.2 config file = /etc/ansible/ansible.cfg configured module search path = [u'/home/dpiesa/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /bin/ansible python version = 2.7.5 (default, Aug 4 2017, 00:39:18) [GCC 4.8.5 20150623 (Red Hat 4.8.5-16)] I think I am not using become options correctly can somebody help ?? Thank you. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/2de5f3d4-b9b8-45be-b0c2-8941e4c55c52%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.