i want to run basic command on solaris OS i.e whoami using become command.so am able to sudo to different user using putty successfully but facing issues via ansible.
OS:solaris
Sudo user:mygroup
sudo implementation:.usr/local/bin/sudo su - mygroup
Authentication:QAS(VAS)
Hi
In order to help we need the actual playbook or task that generates this (erroneous) output. So please provide that.
Also, your mentioning of ‘basic command whoami using become command’ indicates that you might be using a wrong approach.
So also tell us what you’re actually trying to achieve on the target system.
If this playbook would work, it would basically become a user, run
whoami, and the output would be the same as you told it to become.
Which I why I asked, please tell *what you are trying to achieve* on
the target system.
And by that I mean the real *end goal* - not that fact that you are
trying to figure out what user a null playbook is running at.
FYI, you're supposed to supply this information to ansible - not ask for it.
Despite the playbook not being very useful, one issue can be spot, and
that is that you configure the become_method as 'sudo' (which is the
default btw), but the error you got indicates that there is no sudo
command on the target system. So it looks like the concept of
privilege escalation is not totally clear, you might find it helpful
to read https://docs.ansible.com/ansible/latest/user_guide/become.html.
I just configured sudo_exe=/usr/local/bin/sudo su - sudousername in ansible.cfg now am getting timeout error as it expects AD account password.
In Solaris machine which is my target machine it uses QAS authentication service so when we login into machine using putty software we will login two stepsi.e first step as ssh into solaris via our username,password and second step enter sudo to other user by entering password so finally we are entering two times password which we are trying it in ansible.
You keep mixing up things here.
By "end goal" I meant really a target situation, whereby something is
changed/configured.
Just "sudo to target machine" doesn't make sense.
You SSH *to* a machine. And then you run a command, or a series of
commands, etc.
This is what ansible can automate for you.
Since most commands require elevated privileges, some ways to do that
are available when you're on the machine.
For instance sudo. Which optionally requires a username to sudo to
(default root). And optionally a password.
But all of this is done to run some useful task/program.
This is what you still have not told yet.
The new thread you started has yet again a confusing and insecure
playbook to find out what username you are using.
So can you please share what you are trying to achieve?
Since this appears to not be clear, here are some examples of what
Ansible is usually used for:
* Make sure a package is installed
* Make sure a configuration file is available
* Make sure a directory/file structure exists
With our solaris box so generally we try to login as our user by entering username and password and again we run sudo command to other user by entering password.
So here sudo expects password in interactively prompt way so how we can achieve this using ansible.
this is a problem `'/usr/local/bin/sudo su -p ` as 'su' does not take
-p parameter for prompting, its for 'preserve environment', you are
mixing privilege escalation tools and that is something that is not
supported by Ansible itself. https://docs.ansible.com/ansible/latest/user_guide/become.html