**/usr/sbin/visudo - : No such file or directory error **.
While execute AWX template, we are getting above error, this template will validate list of sudoers files stored in project files path then move it to server path.
kubectl version
Client Version: v1.29.6+k3s2
Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3
Server Version: v1.29.6+k3s2
AWX 24.6.1
[root@server1 ~]# podman run -it quay.io/ansible/awx-ee:24.6.1 bash
bash-5.1$ ls -l /usr/sbin/
Display all 126 possibilities? (y or n)
bash-5.1$ ls -l /usr/sbin/visudo
ls: cannot access '/usr/sbin/visudo': No such file or directory
bash-5.1$
````
[root@server1 ~]# podman run -it quay.io/ansible/awx-ee:24.6.1 bash
bash-5.1$ ls -l /usr/sbin/
Display all 126 possibilities? (y or n)
bash-5.1$ ls -l /usr/sbin/visudo
ls: cannot access '/usr/sbin/visudo': No such file or directory
bash-5.1$
````
Are you trying to edit something with visudo locally inside your execution environment container or on a remote host? If you’re trying to edit on a remote host, delegating to 127.0.0.1 will just attempt to edit the file there inside the container and not on your target. If you’re trying to edit a file in your container, why not edit the image itself?
I think I understand your problem. You’re trying to valiidate a sudoers file thats in your project, which is actually inside the EE at run time. Unless you build a custom EE, you cannot validate in the manner you’re trying to do. Instead of trying to validate first using the shell module, use the copy module instead:
# This will never work from an inside an EE unless you build a custom EE.
- name: Validate sudoers files
shell: /usr/sbin/visudo -cf "{{ role_path }}/files/{{ item }}"
with_items:
- sudoers.file1
- sudoers.file2
- sudoers.file3
run_once: true
delegate_to: 127.0.0.1
changed_when: False
register: result
# What you should do is:
- name: Copy sudoers file over but validate the file first
ansible.builtin.copy
src: "{{ item }}"
dest: /etc/sudoers.d/{{ item }}"
mode: '0440'
owner: root
group: root
validate: /usr/sbin/visudo -csf %s
loop:
- sudoers.file1
- sudoers.file2
- sudoers.file3
Thank you @binbashroot for your analysis and suggestion.
i am using community.general module under my project’s collections folder, so i thought sudo will be taken care during execution time.
Regarding the Yml code
our intention is first validate the file locally and then copy to sudoers path based on some when condition and copy few files only , so i will try to refine the code and try again