Script needs to be run as root error after already using become, become_user, and become_method

Question

Writing a task to run an install script and normally it would have to be run with : sudo ./install.sh

My task looks like:

    - name: Run the installer
      shell: "{{ tempdir_output.path }}/device_manager_osx*/install.sh"
      become: true
      become_method: sudo
      become_user: jenkins
      when: dm_version.stdout != device_manager_version

The error I am getting is:

TASK [Run the installer] **************************************************************************************************************
fatal: [mac-station-xx.firmware.xxxxxxx.com]: FAILED! => {"changed": true, "cmd": "/var/folders/l7/wjqfy72x1p7dd2d11qt6s_6h0000gp/T/ansible.ZuX4_Ttemp/device_manager_osx*/install.sh", "delta": "0:00:00.073814", "end": "2019-04-19 20:47:38.723407", "msg": "non-zero return code", "rc": 1, "start": "2019-04-19 20:47:38.649593", "stderr": "", "stderr_lines": [], "stdout": "ERROR: This script needs to be run as root.\nExample- sudo install.sh", "stdout_lines": ["ERROR: This script needs to be run as root.", "Example- sudo install.sh"]}

I have tried:

• Using just become: true to just get root permissions, but then the installer fails because it has to be installed under the jenkins user.

• Adding sudo in the shell ansible code block didn't work, it threw an error and said to use become methods.

Would appreciate any insight!

Answer 1

" have to be run with : sudo " and " has to be installed under the jenkins user." sound like contradiction to me.

the idea of installation script that supposed to run as some regular user, and have a part that needs to be run as superuser (sudo) does not seem consistent enough. It implies that the user granted sudo rights at least, which one have to ensure in advance anyways. (jenkins normally is not) The better way is decompose the installation into user and root parts and run them as separate tasks - that way you will not have "sudo after become" case that ansible i guess cannot handle by its design.

Alternatively, you may consider a reversed scenario when the installation starts as root, and does sudo to jenkins when required.

Answer 2

The bit of text in the Ansible output appears to be coming from the script itself:

ERROR: This script needs to be run as root.
Example- sudo install.sh

Without knowing what the install.sh script is doing, it's hard to say, but I suspect that it is expecting to run the commands inside as the "root" user.

If you or your team maintain the install.sh, it might be easier to move those steps into an Ansible playbook.