user is not allowed to execute '/bin/sh -c echo BECOME-SUCCESS

Riahi_Mohamed-Amine · September 28, 2018, 10:57pm

Hi

i’m trying to run may first playbook with become_user : cftadmin and i got this error msg :

fatal: [ANS_IAWGAP01]: FAILED! => {“changed”: false, “module_stderr”: “Failed to add the host to the list of known hosts (/tmp/$USER/ansible/configuration/known_hosts).\r\nSorry, user C405372 is not allowed to execute ‘/bin/sh -c echo BECOME-SUCCESS-yzuuugnflqcoylvtkjanapdugeokgrat; /usr/bin/python’ as cftadmin on iawgap01.\n”, “module_stdout”: “”, “msg”: “MODULE FAILURE”, “rc”: 1}

i put pipeline = True in ssh section :

ssh_args = -o GSSAPIAuthentication=yes -o UserKnownHostsFile=/tmp/$USER/ansible/configuration/known_hosts
scp_if_ssh=True
pipelining = true

can someone help me please ?

system · October 11, 2018, 7:04pm

It is a privilege escalation issue, recommend reading
https://docs.ansible.com/ansible/latest/user_guide/become.html
more specifically
https://docs.ansible.com/ansible/latest/user_guide/become.html#can-t-limit-escalation-to-certain-commands

Topic		Replies	Views
Ansible - Failed to add the host to the list of known hosts Ansible Developer	2	0	September 29, 2018
Sorry, user xxxxx is not allowed to execute '/bin/sh -c echo BECOME-SUCCESS Ansible Project	3	1	November 14, 2016
become module executable shell problem Ansible Project	1	2	November 14, 2016
user is not allowed to execute '/bin/sh -c Ansible Project	3	0	November 10, 2015
Become_user whose shell is /usr/sbin/nologin in Ansible 2.4 Ansible Project	9	0	October 5, 2017

user is not allowed to execute '/bin/sh -c echo BECOME-SUCCESS

Related topics