not able to create file using a user which has sudo rights - ansible

From cli I can create a file with sudo, and it won't ask for the password.
My new user does not have any password.
But when I use ansible it is not prompting for the password but giving error irrespective of a user has a password or not.
I even use--ask-pass but it is not working
- hosts: localhost
become: true
become_user: test-user
tasks:
- file:
path: "/tmp/test/rryyuu"
state: touch
ERROR:
fatal: [localhost]: FAILED! => {"ansible_facts": {}, "changed": false,
"failed_modules": {"setup": {"failed": true, "module_stderr": "sudo: a
password is required\n", "module_stdout": "", "msg": "MODULE
FAILURE\nSee stdout/stderr for the exact error", "rc": 1}}, "msg":
"The following modules failed to execute: setup\n"}

Related

I get an error when executing shell commands in ansible

- name: ls
shell: "ls"
I seem to get an error when I try to execute the shell command
Do I need to install anything?
FAILED! => {"changed": false, "cmd": "'/bin/bash -l' -c ls", "msg": "[Errno 2] No such file or directory: b'/bin/bash -l': b'/bin/bash -l'", "rc": 2, "stderr": "", "stderr_lines": [], "stdout": "", "stdout_lines": []}
I get the same error with cron.
- name: set cron
cron:
user: operation
name: hoge
special_time: reboot
job: "sh hoge.sh"
I am running on a mac and the installation is based on the following
https://docs.ansible.com/ansible/2.9_ja/installation_guide/intro_installation.html#from-pip

Ansible become user cannot run the command

My yml:
---
- hosts: all
gather_facts: yes
become: yes
become_method: sudo
become_user: or{{sid}}
tasks:
- name: Check the id
shell: whoami
register: id
Error:
fatal: [exlodbadm04 ]: FAILED! => {"changed": false, "module_stderr": "Shared connection to exlodbadm04 closed.\r\n", "module_stdout": "\r\nSorry, user tkounain is not allowed to execute '/bin/sh -c echo BECOME-SUCCESS-oaagrwuwwvqysbkjdrksyihaplvrowyf; /usr/bin/python /tmp/ansible-tmp-1575536551.48-205039480507144/setup.py' as oranew on ogexlonqdbadm04.og.ge.com.\r\n", "msg": "MODULE FAILURE", "rc": 1}
Im running it like this:
ansible-playbook tk.yml -e "sid=anew" --ask-sudo-pass --ask-pass

unable to fetch a binary path with ansible shell module

Team,
Works locally on my laptop manually but fails only when calling via ansible. Is ansible looking at it in different shell? I have ansible controller as MAC book.
I am trying to store the path of a binary in register variable but shell command is not executing.
- name: "Find kubectl binary"
register: kubectl_path
shell: which kubectl
args:
executable: /bin/bash
output:
TASK [Find kubectl binary] ***************************************************************************************************************
fatal: [target1]: FAILED! => {"changed": true, "cmd": "which kubectl", "delta": "0:00:00.007541", "end": "2019-10-01 17:17:45.515963", "msg": "non-zero return code", "rc": 1, "start": "2019-10-01 17:17:45.508422", "stderr": "", "stderr_lines": [], "stdout": "", "stdout_lines": []}

Ansible task fails, when creating extensions

While provisioning via Vagrant and Ansible I keep running into this issue.
TASK [postgresql : Create extensions] ******************************************
failed: [myapp] (item=postgresql_extensions) => {"changed": true, "cmd": "psql myapp -c 'CREATE EXTENSION IF NOT EXISTS postgresql_extensions;'", "delta": "0:00:00.037786", "end": "2017-04-01 08:37:34.805325", "failed": true, "item": "postgresql_extensions", "rc": 1, "start": "2017-04-01 08:37:34.767539", "stderr": "ERROR: could not open extension control file \"/usr/share/postgresql/9.3/extension/postgresql_extensions.control\": No such file or directory", "stdout": "", "stdout_lines": [], "warnings": []}
I'm using a railsbox.io generated playbook.
Turns out that railsbox.io is still using a deprecated syntax in the task.
- name: Create extensions
sudo_user: '{{ postgresql_admin_user }}'
shell: "psql {{ postgresql_db_name }} -c 'CREATE EXTENSION IF NOT EXISTS {{ item }};'"
with_items: postgresql_extensions
when: postgresql_extensions
The last line should use full jinja2 syntax.
when: '{{postgresql_extensions}}'

Ansible timezone module fails (different reasons on different OSes)

I decided to refactor some playbooks and give a try to the new timezone module.
The task I try is a verbatim copy of the example given in the manual page:
- name: set timezone to Asia/Tokyo
timezone:
name: Asia/Tokyo
It fails on each system I tried. Results for Vagrant machines:
On Debian 8 (debian/jessie64):
TASK [set timezone to Asia/Tokyo] **********************************************
fatal: [debian]: FAILED! => {"changed": false, "cmd": "/usr/bin/timedatectl set-timezone Asia/Tokyo", "failed": true, "msg": "Failed to set time zone: The name org.freedesktop.PolicyKit1 was not provided by any .service files", "rc": 1, "stderr": "Failed to set time zone: The name org.freedesktop.PolicyKit1 was not provided by any .service files\n", "stdout": "", "stdout_lines": []}
On CentOS 7 (centos/7) - different from Debian:
TASK [set timezone to Asia/Tokyo] **********************************************
fatal: [centos]: FAILED! => {"changed": false, "cmd": "/usr/bin/timedatectl set-timezone Asia/Tokyo", "failed": true, "msg": "Failed to set time zone: Interactive authentication required.", "rc": 1, "stderr": "Failed to set time zone: Interactive authentication required.\n", "stdout": "", "stdout_lines": []}
On Ubuntu 16.04 (ubuntu/xenial64) - same as CentOS, different from Debian:
TASK [set timezone to Asia/Tokyo] **********************************************
fatal: [ubuntu]: FAILED! => {"changed": false, "cmd": "/usr/bin/timedatectl set-timezone Asia/Tokyo", "failed": true, "msg": "Failed to set time zone: Interactive authentication required.", "rc": 1, "stderr": "Failed to set time zone: Interactive authentication required.\n", "stdout": "", "stdout_lines": []}
Am I missing something? Is there some dependency required?
timedatectl needs sudo privileges.
- name: set timezone to Asia/Tokyo
timezone:
name: Asia/Tokyo
become: yes
become_method: sudo
Check if dbus package is installed (tested on Ubuntu):
dpkg -l dbus
and install it with:
apt-get install -y dbus
else you get a error:
# /usr/bin/timedatectl
Failed to create bus connection: No such file or directory

Resources