Can -K be avoided and user password be placed inside playbook?

I have avery basic playbook which adds 2 users to localhost. Running the playbook with -K works fine but I am trying to make it run by introducing the become variables inside the playbook but it is not working. I tried
become_password = “mypassword”, it did not help. Then I write teh password inside a file in a directory host_vars in the root folder as you can see hereunder did not help neither.

image574×507 60.1 KB

I always get an error of permission denied as playbook was not able to retrieve password or user as follows
“msg”: “useradd: Permission denied.\nuseradd: cannot lock /etc/group; try again later.\n”, “name”: “testuser1”, “rc”: 10}

Thanks for your help

The variable is called ansible_become_password and can be given to the playbook with --extra-vars or in host_vars//group_vars files.

(I’ll skip the warning about how much of a bad idea it is to put passwords somewhere in clear text and how Vault could be used, yadda yadda.)

Sorry jpmens, this is a test environment and trying different ways.

I changed to ansible_become_password in the file but it is not recognized. Reverted back to naming it become_password and creating localhost file in host_vars with only 1 line with the password but it did not help

Both ansible_become_password and become_password are not recognized in the playbook

You are become_user: salam, effectively becoming salam.

Modifying users require root privileges.

If you remove become_user or set it to root you should be golden.

See https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_privilege_escalation.html#become-directives