Hi everybody, i need help please about escalation with sudo and the module ansible.posix.sysctl
In host_vars file :
ansible_user : admabord
ansible_password : xxxxx
ansible_become_user: admtech
ansible_become_password: xxxxx
ansible_become_method: sudo
In roles, tasks/main.yml
- name: Adjust value vm.swappiness
become: true
ansible.posix.sysctl:
name: vm.swappiness
value: '1'
state: present
sysctl_set: true
reload: true
register: swap
ignore_errors: true
- name: Debug vm.swappiness
# Comment
ansible.builtin.debug:
msg:
- "{{ swap }}"
In sudoers on remote server
admtech ALL = NOPASSWD: ALL
on remote server this is ok when use defaults ansible become flags
[admabord] $ sudo -H -S -p "xxxxxx" -u admtech /bin/sh -c "sudo touch /etc/test_file2"
[admabord] $ ll /etc/ |grep file2
-rw-r--r--. 1 root root 0 13 sept. 10:02 test_file2
or this is OK too
[admabord] $ sudo -H -S -p "admabord" -u admtech /bin/sh -c "sudo vi /etc/sysctl.conf"
the file sysctl.conf opened and i can write and save it
# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.default.rp_filter = 0
But this error appear with the tasks
"msg": "setting vm.swappiness failed: sysctl: permission denied on key 'vm.swappiness'\n"
I dont find what is my mistake
Is anybody has an idea please
Thanks,
Best regards