I am attempting to automate placing node-exporter on some UAT servers. Our provided method of privilege escalation to our admin user is "sudo su - "
Ansible docs make it clear that chaining become methods isn't possible, but is there a work around that https://github.com/ansible/ansible/issues/12686 suggests there might be?
I have tried changing become vars to various values without any success, below is my last attempt based on comment https://github.com/ansible/ansible/issues/12686#issuecomment-190797861
I've spent a couple days on this now, and I'm now desperate for any advice.
Host file
[uat]
<hostname> ansible_ssh_host=<ip> ansible_become_method=su ansible_become_exe="sudo su -"
Task in play
...
- block:
- name: make directory for node-exporter binary
file:
path: "{{ item }}"
state: directory
with_items:
- "/path/to/node_exporter/"
- "/path/to/node_exporter/{{ node_exporter_file_version }}/"
- name: Copy in node_exporter binaries
copy:
src: "/source/path/to/node-exporter/"
dest: "/path/to/node_exporter/{{ node_exporter_file_version }}/"
mode: 0755
become: yes
become_user: <adminusername>
Running with command
ansible-playbook -vvv -i hosts.yml -u myusername playbook.yml --key-file "/path/to/mykey/key.pem"
Expected output being that I am able to workaround and switch users via "sudo su - "
Actual output
'/bin/sh -c '"'"'sudo su - <adminusername> -c '"'"'"'"'"'"'"'"'/bin/sh -c '"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-rxcfkqxtswaomrarlagdciztyugguruj; /usr/bin/python /var/tmp/ansible-tmp-1565704895.88-81237659333192/stat.py'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"''"'"'"'"'"'"'"'"' && sleep 0'"'"''
fatal: [<hostname>]: FAILED! => {
"msg": "Timeout (12s) waiting for privilege escalation prompt: "
}
From the output, it looks like it should be working. Thank you for reading
