I have an ansible playblook running some tasks for my user, which I log in through ssh.
The user has root privileges by running following command in the terminal:
dzdo su -
It’s actually the only way (no sudo, no root password) to get root access.
Now, what I want to do is to switch my user to root at a certain point in my ansible-playbook, using this dzdo su - behavior.
How to do this?
as a workaround, you can change the file permission on linux to act as root for your target area.
That sounds like throwing all security out of the window.
Please refrain from giving this kind of useless advice...
Use become_method=dzdo
If they literally require you to type "dzdo su -", then you should talk to your security folks to get a saner policy. (There's likely hacks that can be done, but "hacks")
V/r,
James Cassell
oh yea? how’s that? Please do explain!
It’s the only way and there won’t be a change in the process soon, so I need to deal with it.
They provide me a VM with a login, where I only can have root access to login with the command dzdo su - for 1 week to prepare the VM for real usage.
I use this temporary dzdo root access to install sudo for further usage.
To automate this process I need to write an ansible playbook.
And I tried to use become_method=dzdo but this fails during the run of the playbook.
I think because I still need to specify the su - part of it.
Thanks
Hi,
Could you try this, before you want the task done with dzdo previleges.
become: yes
become_method: dzdo
It's the only way and there won't be a change in the process soon, so I need to deal with it.
They provide me a VM with a login, where I only can have root access to login with the command *dzdo su -* for 1 week to
prepare the VM for real usage.
I use this temporary dzdo root access to install sudo for further usage.
To automate this process I need to write an ansible playbook.
And I tried to use *become_method=dzdo *but this fails during the run of the playbook.
I think because I still need to specify the *su - *part of it.
You can try
become_flags: 'su -'
And please post the error message if it still fails.
Regards
Racke
I followed your suggestions, thanks for that.
I have now following task:
`
When I run my playbook, it fails with following error message.
fatal: [10.7.201.114]: FAILED! => {“changed”: false, “module_stderr”: “”, “module_stdout”: “”, “msg”: “MODULE FAILURE\nSee stdout/stderr for the exact error”, “rc”: 1}
Hi,
Does it requires become_flags? Could you try commenting out that one.
As requested I commented out the become_flags, which gives me the following task:
`
And this gives as result the same error
fatal: [10.7.201.114]: FAILED! => {“changed”: false, “module_stderr”: “”, “module_stdout”: “”, “msg”: “MODULE FAILURE\nSee stdout/stderr for the exact error”, “rc”: 1}
Hi,
Seems related to the particular module you are trying to use here.
Could you try performing this manually by ansible i.e. not by using playbook with debug mode enabled and see what error u see.
I would assume that you could run with -vvv and it will show you the stdout/stderr that indicates the failure in execution.