Re: [ansible-project] sudo privilege's are not working
Hi,
Does the user "ansible" have write permissions on /etc/ssh/sshd_config?
Regards
David
When in trouble, or in doubt
Run in circles, scream and shout
On 14 June 2022, 4:46 pm, at 4:46 pm, 'Shivakumar Venkataswamy' via Ansible
Project wrote:
>Hi team,
> look at my playbook
>---
>- hosts: all
> become: true
> become_user: ansible
> tasks:
> - name: add a user to the list of AllowUsers if not present
> vars:
> usernames:
> - shivakumar.venkataswamy
> - karthik.reddy
> - aman.saxena
> lineinfile:
> path: /etc/ssh/sshd_config
> backrefs: yes
> backup: yes
> state: absent
> regexp: '^AllowUsers((?:(?:\s+\S+(?!\S))(?}}))+\s*?)(\n?)$'
> line: 'AllowUsers\1 shivakumar.venkataswamy karthik.reddy
>aman.saxena\2'
> validate: /usr/sbin/sshd -t -f %s
>
>I'm facing below error,
>SSH password:
>1
>BECOME password[defaults to SSH password]:
>2
>3
>PLAY [all]
>*12:45:29
>4
>5
>TASK [Gathering Facts]
>*12:45:29
>6
>ok: [172.16.13.254]
>7
>8
>TASK [add a user to the list of AllowUsers if not present]
>*12:45:31
>9
>An exception occurred during task execution. To see the full traceback,
>use
>-vvv. The error was: IOError: [Errno 13] Permission denied:
>'/etc/ssh/sshd_config'
>10
>fatal: [172.16.13.254]: FAILED! => {"changed": false, "module_stderr":
>"Shared connection to 172.16.13.254 closed.\r\n", "module_stdout":
>"Traceback (most recent call last):\r\n File
>\"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\",
>
>line 102, in \r\n _ansiballz_main()\r\n File
>\"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\",
>
>line 94, in _ansiballz_main\r\n invoke_module(zipped_mod, temp_path,
>ANSIBALLZ_PARAMS)\r\n File
>\"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\",
>
>line 40, in invoke_module\r\n
>runpy.run_module(mod_name='ansible.modules.files.lineinfile',
>init_globals=None, run_name='__main__', alter_sys=True)\r\n File
>\"/usr/lib64/python2.7…
>11
>12
>PLAY RECAP
>*12:45:32
>13
>172.16.13.254 : ok=1 changed=0 unreachable=0 failed=1 skipped=0
>rescued=0
>ignored=0
>
>--
>You received this message because you are subscribed to the Google
>Groups "Ansible Project" group.
>To unsubscribe from this group and stop receiving emails from it, send
>an email to ansible-project+unsubscr...@googlegroups.com.
>To view this discussion on the web visit
>https://groups.google.com/d/msgid/ansible-project/551f8529-2fc7-409c-bac9-06216fb7c6d5n%40googlegroups.com.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/b3369bde-eaa8-49ec-afeb-c8b8e208663b%40gmail.com.
Re: [ansible-project] sudo privilege's are not working
The user 'ansible' runs the playbook,. The user 'ansible' has sudo
privilege as 'root '
In the playbook, the 'become user ' is 'root'
Read the docs pertaining to sudo.
Ansible doesn't use it directly.
On Tue, Jun 14, 2022, 06:20 'Shivakumar Venkataswamy' via Ansible Project <
ansible-project@googlegroups.com> wrote:
> what is mean by IMHO
>
> how can i execute all commands through playbook by a normal user with root
> access.
> On Tuesday, 14 June 2022 at 14:14:33 UTC+5:30 ra...@linuxia.de wrote:
>
>> On 14/06/2022 10:21, 'Shivakumar Venkataswamy' via Ansible Project wrote:
>> > ansible is user account we created and member of sudor's (
>> /etc/sudoers) with full privileges' same as root.
>> >
>> IMHO the privileges are only the same when using the "sudo" command.
>>
>> Regards
>>
>> Racke
>>
>>
>> >
>> > On Tuesday, 14 June 2022 at 13:16:48 UTC+5:30 ra...@linuxia.de wrote:
>> >
>> > On 14/06/2022 09:16, 'Shivakumar Venkataswamy' via Ansible Project
>> wrote:
>> > > Hi team,
>> > > look at my playbook
>> > > ---
>> > > - hosts: all
>> > >become: true
>> > >become_user: ansible
>> > >tasks:
>> > >- name: add a user to the list of AllowUsers if not present
>> > > vars:
>> > >usernames:
>> > > - shivakumar.venkataswamy
>> > > - karthik.reddy
>> > > - aman.saxena
>> > > lineinfile:
>> > >path: /etc/ssh/sshd_config
>> > >backrefs: yes
>> > >backup: yes
>> > >state: absent
>> > >regexp: '^AllowUsers((?:(?:\s+\S+(?!\S))(?> }}))+\s*?)(\n?)$'
>> > >line: 'AllowUsers\1 shivakumar.venkataswamy karthik.reddy
>> aman.saxena\2'
>> > >validate: /usr/sbin/sshd -t -f %s
>> > >
>> > Permission denied: '/etc/ssh/sshd_config'
>> >
>> > The ansible user can't edit the file, so try "become_user: root" in
>> your task.
>> >
>> > Regards
>> > Racke
>> >
>> > > I'm facing below error,
>> > > SSH password:
>> > > 1
>> > > BECOME password[defaults to SSH password]:
>> > > 2
>> > > 3
>> > > PLAY [all]
>> *12:45:29
>>
>> > > 4
>> > > 5
>> > > TASK [Gathering Facts]
>> *12:45:29
>> > > 6
>> > > ok: [172.16.13.254]
>> > > 7
>> > > 8
>> > > TASK [add a user to the list of AllowUsers if not present]
>> *12:45:31
>> > > 9
>> > > An exception occurred during task execution. To see the full
>> traceback, use -vvv. The error was: IOError: [Errno 13] Permission denied:
>> '/etc/ssh/sshd_config'
>> > > 10
>> > > fatal: [172.16.13.254]: FAILED! => {"changed": false,
>> "module_stderr": "Shared connection to 172.16.13.254 closed.\r\n",
>> "module_stdout": "Traceback (most recent call last):\r\n File
>> \"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\",
>> line 102, in \r\n _ansiballz_main()\r\n File
>> \"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\",
>> line 94, in _ansiballz_main\r\n invoke_module(zipped_mod, temp_path,
>> ANSIBALLZ_PARAMS)\r\n File
>> \"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\",
>> line 40, in invoke_module\r\n
>> runpy.run_module(mod_name='ansible.modules.files.lineinfile',
>> init_globals=None, run_name='__main__', alter_sys=True)\r\n File
>> \"/usr/lib64/python2.7…
>> > > 11
>> > > 12
>> > > PLAY RECAP
>> *12:45:32
>>
>> > > 13
>> > > 172.16.13.254 : ok=1 changed=0 unreachable=0 failed=1 skipped=0
>> rescued=0 ignored=0
>> > > --
>> > > You received this message because you are subscribed to the Google
>> Groups "Ansible Project" group.
>> > > To unsubscribe from this group and stop receiving emails from it,
>> send an email to ansible-proje...@googlegroups.com.
>> > > To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/551f8529-2fc7-409c-bac9-06216fb7c6d5n%40googlegroups.com
>> <
>> https://groups.google.com/d/msgid/ansible-project/551f8529-2fc7-409c-bac9-06216fb7c6d5n%40googlegroups.com?utm_medium=email_source=footer
>> <
>> https://groups.google.com/d/msgid/ansible-project/551f8529-2fc7-409c-bac9-06216fb7c6d5n%40googlegroups.com?utm_medium=email_source=footer>>.
>>
>> >
>> >
>> > --
>> > Automation expert - Ansible and friends
>> > Linux administrator & Debian maintainer
>> > Perl Dancer & conference hopper
>> >
>> > --
>> > You received this message because you are subscribed to the Google
>> Groups "Ansible Project" group.
>> > To unsubscribe from this group and stop receiving emails from it, send
>> an email to ansible-proje...@googlegroups.com.
>> > To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/2ea9555c-aa77-4f44-8ef7-e68946e80917n%40googlegroups.com
>> <
>>
Re: [ansible-project] sudo privilege's are not working
On Tue, 14 Jun 2022 at 12:20, 'Shivakumar Venkataswamy' via Ansible Project
wrote:
> what is mean by IMHO
>
> how can i execute all commands through playbook by a normal user with root
> access.
>
You don't seem to understand the concept of privilege escalation.
Hopefully this will enough to help you:
https://docs.ansible.com/ansible/latest/user_guide/become.html
On Tuesday, 14 June 2022 at 14:14:33 UTC+5:30 ra...@linuxia.de wrote:
>
>> On 14/06/2022 10:21, 'Shivakumar Venkataswamy' via Ansible Project wrote:
>> > ansible is user account we created and member of sudor's (
>> /etc/sudoers) with full privileges' same as root.
>> >
>> IMHO the privileges are only the same when using the "sudo" command.
>>
>> Regards
>>
>> Racke
>>
>>
>> >
>> > On Tuesday, 14 June 2022 at 13:16:48 UTC+5:30 ra...@linuxia.de wrote:
>> >
>> > On 14/06/2022 09:16, 'Shivakumar Venkataswamy' via Ansible Project
>> wrote:
>> > > Hi team,
>> > > look at my playbook
>> > > ---
>> > > - hosts: all
>> > >become: true
>> > >become_user: ansible
>> > >tasks:
>> > >- name: add a user to the list of AllowUsers if not present
>> > > vars:
>> > >usernames:
>> > > - shivakumar.venkataswamy
>> > > - karthik.reddy
>> > > - aman.saxena
>> > > lineinfile:
>> > >path: /etc/ssh/sshd_config
>> > >backrefs: yes
>> > >backup: yes
>> > >state: absent
>> > >regexp: '^AllowUsers((?:(?:\s+\S+(?!\S))(?> }}))+\s*?)(\n?)$'
>> > >line: 'AllowUsers\1 shivakumar.venkataswamy karthik.reddy
>> aman.saxena\2'
>> > >validate: /usr/sbin/sshd -t -f %s
>> > >
>> > Permission denied: '/etc/ssh/sshd_config'
>> >
>> > The ansible user can't edit the file, so try "become_user: root" in
>> your task.
>> >
>> > Regards
>> > Racke
>> >
>> > > I'm facing below error,
>> > > SSH password:
>> > > 1
>> > > BECOME password[defaults to SSH password]:
>> > > 2
>> > > 3
>> > > PLAY [all]
>> *12:45:29
>>
>> > > 4
>> > > 5
>> > > TASK [Gathering Facts]
>> *12:45:29
>> > > 6
>> > > ok: [172.16.13.254]
>> > > 7
>> > > 8
>> > > TASK [add a user to the list of AllowUsers if not present]
>> *12:45:31
>> > > 9
>> > > An exception occurred during task execution. To see the full
>> traceback, use -vvv. The error was: IOError: [Errno 13] Permission denied:
>> '/etc/ssh/sshd_config'
>> > > 10
>> > > fatal: [172.16.13.254]: FAILED! => {"changed": false,
>> "module_stderr": "Shared connection to 172.16.13.254 closed.\r\n",
>> "module_stdout": "Traceback (most recent call last):\r\n File
>> \"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\",
>> line 102, in \r\n _ansiballz_main()\r\n File
>> \"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\",
>> line 94, in _ansiballz_main\r\n invoke_module(zipped_mod, temp_path,
>> ANSIBALLZ_PARAMS)\r\n File
>> \"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\",
>> line 40, in invoke_module\r\n
>> runpy.run_module(mod_name='ansible.modules.files.lineinfile',
>> init_globals=None, run_name='__main__', alter_sys=True)\r\n File
>> \"/usr/lib64/python2.7…
>> > > 11
>> > > 12
>> > > PLAY RECAP
>> *12:45:32
>>
>> > > 13
>> > > 172.16.13.254 : ok=1 changed=0 unreachable=0 failed=1 skipped=0
>> rescued=0 ignored=0
>> > > --
>> > > You received this message because you are subscribed to the Google
>> Groups "Ansible Project" group.
>> > > To unsubscribe from this group and stop receiving emails from it,
>> send an email to ansible-proje...@googlegroups.com.
>> > > To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/551f8529-2fc7-409c-bac9-06216fb7c6d5n%40googlegroups.com
>> <
>> https://groups.google.com/d/msgid/ansible-project/551f8529-2fc7-409c-bac9-06216fb7c6d5n%40googlegroups.com?utm_medium=email_source=footer
>> <
>> https://groups.google.com/d/msgid/ansible-project/551f8529-2fc7-409c-bac9-06216fb7c6d5n%40googlegroups.com?utm_medium=email_source=footer>>.
>>
>> >
>> >
>> > --
>> > Automation expert - Ansible and friends
>> > Linux administrator & Debian maintainer
>> > Perl Dancer & conference hopper
>> >
>> > --
>> > You received this message because you are subscribed to the Google
>> Groups "Ansible Project" group.
>> > To unsubscribe from this group and stop receiving emails from it, send
>> an email to ansible-proje...@googlegroups.com.
>>
> > To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/2ea9555c-aa77-4f44-8ef7-e68946e80917n%40googlegroups.com
>> <
>>
Re: [ansible-project] sudo privilege's are not working
Hi team ,,
can we connect through google meet or zoom
it giving more trouble to me.. i hope you guy's easily catch up that..
Regards,
shivu
On Tuesday, 14 June 2022 at 15:50:05 UTC+5:30 Shivakumar Venkataswamy wrote:
> what is mean by IMHO
>
> how can i execute all commands through playbook by a normal user with root
> access.
> On Tuesday, 14 June 2022 at 14:14:33 UTC+5:30 ra...@linuxia.de wrote:
>
>> On 14/06/2022 10:21, 'Shivakumar Venkataswamy' via Ansible Project wrote:
>> > ansible is user account we created and member of sudor's (
>> /etc/sudoers) with full privileges' same as root.
>> >
>> IMHO the privileges are only the same when using the "sudo" command.
>>
>> Regards
>>
>> Racke
>>
>>
>> >
>> > On Tuesday, 14 June 2022 at 13:16:48 UTC+5:30 ra...@linuxia.de wrote:
>> >
>> > On 14/06/2022 09:16, 'Shivakumar Venkataswamy' via Ansible Project
>> wrote:
>> > > Hi team,
>> > > look at my playbook
>> > > ---
>> > > - hosts: all
>> > >become: true
>> > >become_user: ansible
>> > >tasks:
>> > >- name: add a user to the list of AllowUsers if not present
>> > > vars:
>> > >usernames:
>> > > - shivakumar.venkataswamy
>> > > - karthik.reddy
>> > > - aman.saxena
>> > > lineinfile:
>> > >path: /etc/ssh/sshd_config
>> > >backrefs: yes
>> > >backup: yes
>> > >state: absent
>> > >regexp: '^AllowUsers((?:(?:\s+\S+(?!\S))(?> }}))+\s*?)(\n?)$'
>> > >line: 'AllowUsers\1 shivakumar.venkataswamy karthik.reddy
>> aman.saxena\2'
>> > >validate: /usr/sbin/sshd -t -f %s
>> > >
>> > Permission denied: '/etc/ssh/sshd_config'
>> >
>> > The ansible user can't edit the file, so try "become_user: root" in
>> your task.
>> >
>> > Regards
>> > Racke
>> >
>> > > I'm facing below error,
>> > > SSH password:
>> > > 1
>> > > BECOME password[defaults to SSH password]:
>> > > 2
>> > > 3
>> > > PLAY [all]
>> *12:45:29
>>
>>
>> > > 4
>> > > 5
>> > > TASK [Gathering Facts]
>> *12:45:29
>> > > 6
>> > > ok: [172.16.13.254]
>> > > 7
>> > > 8
>> > > TASK [add a user to the list of AllowUsers if not present]
>> *12:45:31
>> > > 9
>> > > An exception occurred during task execution. To see the full
>> traceback, use -vvv. The error was: IOError: [Errno 13] Permission denied:
>> '/etc/ssh/sshd_config'
>> > > 10
>> > > fatal: [172.16.13.254]: FAILED! => {"changed": false,
>> "module_stderr": "Shared connection to 172.16.13.254 closed.\r\n",
>> "module_stdout": "Traceback (most recent call last):\r\n File
>> \"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\",
>>
>> line 102, in \r\n _ansiballz_main()\r\n File
>> \"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\",
>>
>> line 94, in _ansiballz_main\r\n invoke_module(zipped_mod, temp_path,
>> ANSIBALLZ_PARAMS)\r\n File
>> \"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\",
>>
>> line 40, in invoke_module\r\n
>> runpy.run_module(mod_name='ansible.modules.files.lineinfile',
>> init_globals=None, run_name='__main__', alter_sys=True)\r\n File
>> \"/usr/lib64/python2.7…
>> > > 11
>> > > 12
>> > > PLAY RECAP
>> *12:45:32
>>
>>
>> > > 13
>> > > 172.16.13.254 : ok=1 changed=0 unreachable=0 failed=1 skipped=0
>> rescued=0 ignored=0
>> > > --
>> > > You received this message because you are subscribed to the Google
>> Groups "Ansible Project" group.
>> > > To unsubscribe from this group and stop receiving emails from it,
>> send an email to ansible-proje...@googlegroups.com.
>> > > To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/551f8529-2fc7-409c-bac9-06216fb7c6d5n%40googlegroups.com
>>
>> <
>> https://groups.google.com/d/msgid/ansible-project/551f8529-2fc7-409c-bac9-06216fb7c6d5n%40googlegroups.com?utm_medium=email_source=footer
>>
>> <
>> https://groups.google.com/d/msgid/ansible-project/551f8529-2fc7-409c-bac9-06216fb7c6d5n%40googlegroups.com?utm_medium=email_source=footer>>.
>>
>>
>> >
>> >
>> > --
>> > Automation expert - Ansible and friends
>> > Linux administrator & Debian maintainer
>> > Perl Dancer & conference hopper
>> >
>> > --
>> > You received this message because you are subscribed to the Google
>> Groups "Ansible Project" group.
>> > To unsubscribe from this group and stop receiving emails from it, send
>> an email to ansible-proje...@googlegroups.com.
>> > To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/2ea9555c-aa77-4f44-8ef7-e68946e80917n%40googlegroups.com
>>
Re: [ansible-project] sudo privilege's are not working
what is mean by IMHO
how can i execute all commands through playbook by a normal user with root
access.
On Tuesday, 14 June 2022 at 14:14:33 UTC+5:30 ra...@linuxia.de wrote:
> On 14/06/2022 10:21, 'Shivakumar Venkataswamy' via Ansible Project wrote:
> > ansible is user account we created and member of sudor's (
> /etc/sudoers) with full privileges' same as root.
> >
> IMHO the privileges are only the same when using the "sudo" command.
>
> Regards
>
> Racke
>
>
> >
> > On Tuesday, 14 June 2022 at 13:16:48 UTC+5:30 ra...@linuxia.de wrote:
> >
> > On 14/06/2022 09:16, 'Shivakumar Venkataswamy' via Ansible Project wrote:
> > > Hi team,
> > > look at my playbook
> > > ---
> > > - hosts: all
> > >become: true
> > >become_user: ansible
> > >tasks:
> > >- name: add a user to the list of AllowUsers if not present
> > > vars:
> > >usernames:
> > > - shivakumar.venkataswamy
> > > - karthik.reddy
> > > - aman.saxena
> > > lineinfile:
> > >path: /etc/ssh/sshd_config
> > >backrefs: yes
> > >backup: yes
> > >state: absent
> > >regexp: '^AllowUsers((?:(?:\s+\S+(?!\S))(? }}))+\s*?)(\n?)$'
> > >line: 'AllowUsers\1 shivakumar.venkataswamy karthik.reddy
> aman.saxena\2'
> > >validate: /usr/sbin/sshd -t -f %s
> > >
> > Permission denied: '/etc/ssh/sshd_config'
> >
> > The ansible user can't edit the file, so try "become_user: root" in your
> task.
> >
> > Regards
> > Racke
> >
> > > I'm facing below error,
> > > SSH password:
> > > 1
> > > BECOME password[defaults to SSH password]:
> > > 2
> > > 3
> > > PLAY [all]
> *12:45:29
> > > 4
> > > 5
> > > TASK [Gathering Facts]
> *12:45:29
> > > 6
> > > ok: [172.16.13.254]
> > > 7
> > > 8
> > > TASK [add a user to the list of AllowUsers if not present]
> *12:45:31
> > > 9
> > > An exception occurred during task execution. To see the full
> traceback, use -vvv. The error was: IOError: [Errno 13] Permission denied:
> '/etc/ssh/sshd_config'
> > > 10
> > > fatal: [172.16.13.254]: FAILED! => {"changed": false, "module_stderr":
> "Shared connection to 172.16.13.254 closed.\r\n", "module_stdout":
> "Traceback (most recent call last):\r\n File
> \"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\",
>
> line 102, in \r\n _ansiballz_main()\r\n File
> \"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\",
>
> line 94, in _ansiballz_main\r\n invoke_module(zipped_mod, temp_path,
> ANSIBALLZ_PARAMS)\r\n File
> \"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\",
>
> line 40, in invoke_module\r\n
> runpy.run_module(mod_name='ansible.modules.files.lineinfile',
> init_globals=None, run_name='__main__', alter_sys=True)\r\n File
> \"/usr/lib64/python2.7…
> > > 11
> > > 12
> > > PLAY RECAP
> *12:45:32
> > > 13
> > > 172.16.13.254 : ok=1 changed=0 unreachable=0 failed=1 skipped=0
> rescued=0 ignored=0
> > > --
> > > You received this message because you are subscribed to the Google
> Groups "Ansible Project" group.
> > > To unsubscribe from this group and stop receiving emails from it, send
> an email to ansible-proje...@googlegroups.com.
> > > To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/551f8529-2fc7-409c-bac9-06216fb7c6d5n%40googlegroups.com
>
> <
> https://groups.google.com/d/msgid/ansible-project/551f8529-2fc7-409c-bac9-06216fb7c6d5n%40googlegroups.com?utm_medium=email_source=footer
>
> <
> https://groups.google.com/d/msgid/ansible-project/551f8529-2fc7-409c-bac9-06216fb7c6d5n%40googlegroups.com?utm_medium=email_source=footer
> >>.
> >
> >
> > --
> > Automation expert - Ansible and friends
> > Linux administrator & Debian maintainer
> > Perl Dancer & conference hopper
> >
> > --
> > You received this message because you are subscribed to the Google
> Groups "Ansible Project" group.
> > To unsubscribe from this group and stop receiving emails from it, send
> an email to ansible-proje...@googlegroups.com.
> > To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/2ea9555c-aa77-4f44-8ef7-e68946e80917n%40googlegroups.com
>
> <
> https://groups.google.com/d/msgid/ansible-project/2ea9555c-aa77-4f44-8ef7-e68946e80917n%40googlegroups.com?utm_medium=email_source=footer
> >.
>
>
> --
> Automation expert - Ansible and friends
> Linux administrator & Debian maintainer
> Perl Dancer & conference hopper
>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from
Re: [ansible-project] sudo privilege's are not working
On 14/06/2022 10:21, 'Shivakumar Venkataswamy' via Ansible Project wrote:
ansible is user account we created and member of sudor's ( /etc/sudoers) with
full privileges' same as root.
IMHO the privileges are only the same when using the "sudo" command.
Regards
Racke
On Tuesday, 14 June 2022 at 13:16:48 UTC+5:30 ra...@linuxia.de wrote:
On 14/06/2022 09:16, 'Shivakumar Venkataswamy' via Ansible Project wrote:
> Hi team,
> look at my playbook
> ---
> - hosts: all
> become: true
> become_user: ansible
> tasks:
> - name: add a user to the list of AllowUsers if not present
> vars:
> usernames:
> - shivakumar.venkataswamy
> - karthik.reddy
> - aman.saxena
> lineinfile:
> path: /etc/ssh/sshd_config
> backrefs: yes
> backup: yes
> state: absent
> regexp: '^AllowUsers((?:(?:\s+\S+(?!\S))(? line: 'AllowUsers\1 shivakumar.venkataswamy karthik.reddy
aman.saxena\2'
> validate: /usr/sbin/sshd -t -f %s
>
Permission denied: '/etc/ssh/sshd_config'
The ansible user can't edit the file, so try "become_user: root" in your
task.
Regards
Racke
> I'm facing below error,
> SSH password:
> 1
> BECOME password[defaults to SSH password]:
> 2
> 3
> PLAY [all]
*12:45:29
> 4
> 5
> TASK [Gathering Facts]
*12:45:29
> 6
> ok: [172.16.13.254]
> 7
> 8
> TASK [add a user to the list of AllowUsers if not present]
*12:45:31
> 9
> An exception occurred during task execution. To see the full traceback,
use -vvv. The error was: IOError: [Errno 13] Permission denied:
'/etc/ssh/sshd_config'
> 10
> fatal: [172.16.13.254]: FAILED! => {"changed": false, "module_stderr": "Shared connection to 172.16.13.254 closed.\r\n",
"module_stdout": "Traceback (most recent call last):\r\n File
\"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\", line 102, in \r\n _ansiballz_main()\r\n
File \"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\", line 94, in _ansiballz_main\r\n
invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\r\n File
\"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\", line 40, in invoke_module\r\n
runpy.run_module(mod_name='ansible.modules.files.lineinfile', init_globals=None, run_name='__main__', alter_sys=True)\r\n File \"/usr/lib64/python2.7…
> 11
> 12
> PLAY RECAP
*12:45:32
> 13
> 172.16.13.254 : ok=1 changed=0 unreachable=0 failed=1 skipped=0 rescued=0
ignored=0
> --
> You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
email to ansible-proje...@googlegroups.com.
> To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/551f8529-2fc7-409c-bac9-06216fb7c6d5n%40googlegroups.com
>.
--
Automation expert - Ansible and friends
Linux administrator & Debian maintainer
Perl Dancer & conference hopper
--
You received this message because you are subscribed to the Google Groups "Ansible
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/2ea9555c-aa77-4f44-8ef7-e68946e80917n%40googlegroups.com
.
--
Automation expert - Ansible and friends
Linux administrator & Debian maintainer
Perl Dancer & conference hopper
--
You received this message because you are subscribed to the Google Groups "Ansible
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/2ce21b25-df75-0483-ac58-1a21affd03bc%40linuxia.de.
OpenPGP_signature
Description: OpenPGP digital signature
Re: [ansible-project] sudo privilege's are not working
On 14/06/2022 09:16, 'Shivakumar Venkataswamy' via Ansible Project wrote:
Hi team,
look at my playbook
---
- hosts: all
become: true
become_user: ansible
tasks:
- name: add a user to the list of AllowUsers if not present
vars:
usernames:
- shivakumar.venkataswamy
- karthik.reddy
- aman.saxena
lineinfile:
path: /etc/ssh/sshd_config
backrefs: yes
backup: yes
state: absent
regexp: '^AllowUsers((?:(?:\s+\S+(?!\S))(?
Permission denied: '/etc/ssh/sshd_config'
The ansible user can't edit the file, so try "become_user: root" in your task.
Regards
Racke
I'm facing below error,
SSH password:
1
BECOME password[defaults to SSH password]:
2
3
PLAY [all]
*12:45:29
4
5
TASK [Gathering Facts]
*12:45:29
6
ok: [172.16.13.254]
7
8
TASK [add a user to the list of AllowUsers if not present]
*12:45:31
9
An exception occurred during task execution. To see the full traceback, use
-vvv. The error was: IOError: [Errno 13] Permission denied:
'/etc/ssh/sshd_config'
10
fatal: [172.16.13.254]: FAILED! => {"changed": false, "module_stderr": "Shared connection to 172.16.13.254 closed.\r\n",
"module_stdout": "Traceback (most recent call last):\r\n File
\"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\", line 102, in \r\n
_ansiballz_main()\r\n File \"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\", line 94, in
_ansiballz_main\r\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\r\n File
\"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\", line 40, in invoke_module\r\n
runpy.run_module(mod_name='ansible.modules.files.lineinfile', init_globals=None, run_name='__main__', alter_sys=True)\r\n File \"/usr/lib64/python2.7…
11
12
PLAY RECAP
*12:45:32
13
172.16.13.254 : ok=1 changed=0 unreachable=0 failed=1 skipped=0 rescued=0
ignored=0
--
You received this message because you are subscribed to the Google Groups "Ansible
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/551f8529-2fc7-409c-bac9-06216fb7c6d5n%40googlegroups.com
.
--
Automation expert - Ansible and friends
Linux administrator & Debian maintainer
Perl Dancer & conference hopper
--
You received this message because you are subscribed to the Google Groups "Ansible
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/73f0f858-f5e5-0b8c-cf95-874386d29e98%40linuxia.de.
OpenPGP_signature
Description: OpenPGP digital signature
[ansible-project] sudo privilege's are not working
Hi team,
look at my playbook
---
- hosts: all
become: true
become_user: ansible
tasks:
- name: add a user to the list of AllowUsers if not present
vars:
usernames:
- shivakumar.venkataswamy
- karthik.reddy
- aman.saxena
lineinfile:
path: /etc/ssh/sshd_config
backrefs: yes
backup: yes
state: absent
regexp: '^AllowUsers((?:(?:\s+\S+(?!\S))(? {"changed": false, "module_stderr":
"Shared connection to 172.16.13.254 closed.\r\n", "module_stdout":
"Traceback (most recent call last):\r\n File
\"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\",
line 102, in \r\n _ansiballz_main()\r\n File
\"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\",
line 94, in _ansiballz_main\r\n invoke_module(zipped_mod, temp_path,
ANSIBALLZ_PARAMS)\r\n File
\"/home/ansible/.ansible/tmp/ansible-tmp-1655190931.6542027-6944-29566285149733/AnsiballZ_lineinfile.py\",
line 40, in invoke_module\r\n
runpy.run_module(mod_name='ansible.modules.files.lineinfile',
init_globals=None, run_name='__main__', alter_sys=True)\r\n File
\"/usr/lib64/python2.7…
11
12
PLAY RECAP
*12:45:32
13
172.16.13.254 : ok=1 changed=0 unreachable=0 failed=1 skipped=0 rescued=0
ignored=0
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/551f8529-2fc7-409c-bac9-06216fb7c6d5n%40googlegroups.com.
