I have setup an ansible user that can login with a ssh-key and sudo su - with no password but this appears not to work.

How do I fault find such an issue?

[svc_build@vuwunicorhsat01 ~]$ ansible-playbook site.yml

PLAY [build] *****************************************************************************************************************************************************************

TASK [Gathering Facts] *******************************************************************************************************************************************************
fatal: [vuwunicopatch8a.ods.vuw.ac.nz]: FAILED! => {“changed”: false, “module_stderr”: “Shared connection to vuwunicopatch8a.ods.vuw.ac.nz closed.\r\n”, “module_stdout”: “sudo: a password is required\r\n”, “msg”: “MODULE FAILURE\nSee stdout/stderr for the exact error”, “rc”: 1}
to retry, use: --limit @/home/svc_build/site.retry

PLAY RECAP *******************************************************************************************************************************************************************
vuwunicopatch8a.ods.vuw.ac.nz : ok=0 changed=0 unreachable=0 failed=1

[svc_build@vuwunicorhsat01 ~]$ ssh vuwunicopatch8a.ods.vuw.ac.nz -l svc_build
Activate the web console with: systemctl enable --now cockpit.socket

Last login: Wed Aug 14 08:26:56 2019 from 10.100.32.67
[svc_build@vuwunicopatch8a ~]$ sudo su -
Last login: Wed Aug 14 08:20:20 NZST 2019 on pts/0
[root@vuwunicopatch8a ~]# ^C
[root@vuwunicopatch8a ~]# logout
[svc_build@vuwunicopatch8a ~]$ logout
Connection to vuwunicopatch8a.ods.vuw.ac.nz closed.
[svc_build@vuwunicorhsat01 ~]$ more site.yml

Hi Steven,

Hi,

Thanks but I do not use a local sudoers file but sudo to root via Redhat’s IPA. It works OK now the sssd setup was corrupted or an ongoing bug maybe. Normally I’d expect something to appear in /var/log/secure but not in this case, hence confusion.