bash Ansible 1.9.1 'become' 和 sudo 问题
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/29966201/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Ansible 1.9.1 'become' and sudo issue
提问by ilium007
I am trying to run an extremely simple playbook to test a new Ansible setup.
我正在尝试运行一个非常简单的剧本来测试新的 Ansible 设置。
When using the 'new' Ansible Privilege Escalation config options in my ansible.cfg file:
在我的 ansible.cfg 文件中使用“新的”Ansible 权限提升配置选项时:
[defaults]
host_key_checking=false
log_path=./logs/ansible.log
executable=/bin/bash
#callback_plugins=./lib/callback_plugins
######
[privilege_escalation]
become=True
become_method='sudo'
become_user='tstuser01'
become_ask_pass=False
[ssh_connection]
scp_if_ssh=True
I get the following error:
我收到以下错误:
fatal: [webserver1.local] => Internal Error: this module does not support running commands via 'sudo'
FATAL: all hosts have already failed -- aborting
The playbook is also very simple:
剧本也很简单:
# Checks the hosts provisioned by midrange
---
- name: Test su connecting as current user
hosts: all
gather_facts: no
tasks:
- name: "sudo to configued user -- tstuser01"
#action: ping
command: /usr/bin/whoami
I am not sure if there is something broken in Ansible 1.9.1 or if I am doing something wrong. Surely the 'command' module in Ansible allows running commands as sudo.
我不确定 Ansible 1.9.1 是否有问题,或者我做错了什么。当然,Ansible 中的“命令”模块允许以 sudo 身份运行命令。
回答by Maxym
The issue is with configuration; I also took itas an example and got the same problem. After playing awhile I noticed that the following works:
问题在于配置;我也以它为例,遇到了同样的问题。玩了一段时间后,我注意到以下工作:
1) deprecated sudo:
1) 已弃用sudo:
---
- hosts: all
sudo: yes
gather_facts: no
tasks:
- name: "sudo to root"
command: /usr/bin/whoami
2) new become
2) 新的 become
---
- hosts: all
become: yes
become_method: sudo
gather_facts: no
tasks:
- name: "sudo to root"
command: /usr/bin/whoami
3) using ansible.cfg:
3)使用ansible.cfg:
[privilege_escalation]
become = yes
become_method = sudo
and then in a playbook:
然后在剧本中:
---
- hosts: all
gather_facts: no
tasks:
- name: "sudo to root"
command: /usr/bin/whoami
since you "becoming" tstuser01 (not a root like me), please play a bit, probably user name should not be quoted too:
既然你“成为”了 tstuser01(不是像我这样的 root),请玩一下,可能用户名也不应该被引用:
become_user = tstuser01
at least this is the way I define remote_user in ansible.cfg and it works... My issue resolved, hope yours too
至少这是我在 ansible.cfg 中定义 remote_user 的方式并且它有效......我的问题解决了,希望你也一样
回答by James Oguya
I think you should use the sudodirective in the hosts section so that subsequent tasks can run with sudo privileges unless you explicitly specified sudo:noin a task.
我认为您应该使用sudohosts 部分中的指令,以便后续任务可以使用 sudo 权限运行,除非您sudo:no在任务中明确指定。
Here's your playbook that I've modified to use sudodirective.
这是我修改为使用sudo指令的剧本。
# Checks the hosts provisioned by midrange
---
- hosts: all
sudo: yes
gather_facts: no
tasks:
- name: "sudo to configued user -- tstuser01"
command: /usr/bin/whoami
