AWX user permission to use dns.resolve?

Archives AWX Project
1

Hi there,

I have to following strange problem.

User A has the execute permission on a template, but it seems to fail during dns.resolv

`

{
“msg”: “An unhandled exception occurred while running the lookup plugin ‘dig’. Error was a <class ‘ansible.errors.AnsibleError’>, original message: dns.resolver unhandled exception All nameservers failed to answer the query shop.blatter-papeterie.ch. IN A: Server 127.0.0.11 UDP port 53 answered SERVFAIL”,
“_ansible_no_log”: false
}

`

When I run the exact same template with a system administrator user, i works fine

`

{
“changed”: false,
“ansible_facts”: {
“url”: “shop.blatter-papeterie.ch”,
“url_points_to”: “194.88.197.40”
},
“_ansible_no_log”: false
}

`

The ansible code is rather simple

`

# Check if DNS can be resolved (otherwise Let’s encrypt won’t work)

  • set_fact:
    url: “{{ url | default(‘www.search.ch’) }}”
    url_points_to: “{{ lookup(‘dig’, ‘{{ url }}’) }}”

`

Is there a permission setting somewhere which I was unable to find?

Best regards,

Marc