Hi There! On unix platform, ansible privilege escalation to “root” account from a ldap connected account seems to have an issue for password less “sudo su - root” setup.
I get the following error when ldap account tries to “sudo su - root” (with become:yes) setting.
failed: [hostname] (item={‘failed’: False, u’stat’: {u’exists’: False}, ‘ansible_loop_var’: u’item’, ‘item’: u’/apache/2.4.46’, u’invocation’: {u’module_args’: {u’follow’: False, u’get_checksum’: True, u’path’: u’apache/2.4.46’, u’checksum_algorithm’: u’sha1’, u’get_md5’: False, u’get_mime’: True, u’get_attributes’: True}}, u’changed’: False}) => {“ansible_loop_var”: “item”, “changed”: false, “item”: {“ansible_loop_var”: “item”, “changed”: false, “failed”: false, “invocation”: {“module_args”: {“checksum_algorithm”: “sha1”, “follow”: false, “get_attributes”: true, “get_checksum”: true, “get_md5”: false, “get_mime”: true, “path”: “/apache/2.4.46”}}, “item”: “/apache/2.4.46”, “stat”: {“exists”: false}}, “module_stderr”: “Shared connection to closed.\r\n”, “module_stdout”: “\r\n”, “msg”: “MODULE FAILURE\nSee stdout/stderr for the exact error”, “rc”: 1}
with password mode it works fine.
However with local accounts, this isn’t an issue even with or without password.
Can some one please suggest. TIA.
-N