我正在尝试运行一个非常简单的剧本来测试新的Ansible设置。
在我的ansible.cfg文件中使用'new'Ansible Privilege Escalation配置选项时:
[defaults]
host_key_checking=false
log_path=./logs/ansible.log
executable=/bin/bash
#callback_plugins=./lib/callback_plugins
######
[privilege_escalation]
become=True
become_method='sudo'
become_user='tstuser01'
become_ask_pass=False
[ssh_connection]
scp_if_ssh=True
我收到以下错误:
fatal: [webserver1.local] => Internal Error: this module does not support running commands via 'sudo'
FATAL: all hosts have already failed -- aborting
剧本也很简单:
# Checks the hosts provisioned by midrange
---
- name: Test su connecting as current user
hosts: all
gather_facts: no
tasks:
- name: "sudo to configued user -- tstuser01"
#action: ping
command: /usr/bin/whoami
我不确定Ansible 1.9.1中是否存在某些问题或者我是否做错了什么。当然,Ansible中的“命令”模块允许以sudo的形式运行命令。
答案 0 :(得分:30)
问题在于配置;我还以it为例,遇到了同样的问题。玩了一段时间后,我注意到以下工作:
1)弃用sudo:
---
- hosts: all
sudo: yes
gather_facts: no
tasks:
- name: "sudo to root"
command: /usr/bin/whoami
2)新的become
---
- hosts: all
become: yes
become_method: sudo
gather_facts: no
tasks:
- name: "sudo to root"
command: /usr/bin/whoami
3)使用ansible.cfg:
[privilege_escalation]
become = yes
become_method = sudo
然后在剧本中:
---
- hosts: all
gather_facts: no
tasks:
- name: "sudo to root"
command: /usr/bin/whoami
因为你“变成”tstuser01(不是像我这样的根),请播放一下,可能也不应该引用用户名:
become_user = tstuser01
至少这是我在ansible.cfg中定义remote_user的方式,它有效...我的问题已解决,希望你的问题
答案 1 :(得分:0)
我认为您应该在hosts部分使用sudo指令,以便后续任务可以使用sudo权限运行,除非您在任务中明确指定了sudo:no。
这是我修改为使用sudo指令的剧本。
# Checks the hosts provisioned by midrange
---
- hosts: all
sudo: yes
gather_facts: no
tasks:
- name: "sudo to configued user -- tstuser01"
command: /usr/bin/whoami