0

I have 2 users: dashadmin and dash I have my target machine with settings that only allow access as privileged user dashadmin, root ssh has been locked. For security reasons i would like to keep user dash unpriviiged.

I am trying to administer a user account dash and run a command that requires using the unprivileged user dashbc the command requires conf file in the users home path...

Here is the play

- name: generate bls privatekey
  command: dash-cli bls generate
  become: yes
  become_user: dash
  register: bls

i get this error:

TASK [dashmn : After dashd started, generate masternode bls private key] ***************************************
fatal: [78.141.219.106]: FAILED! => {"msg": "Failed to set permissions on the temporary files Ansible needs to create when becoming an unprivileged user (rc: 1, err: chown: changing ownership of '/var/tmp/ansible-tmp-1594229288.4458573-404302-256218153903862/': Operation not permitted\nchown: changing ownership of '/var/tmp/ansible-tmp-1594229288.4458573-404302-256218153903862/AnsiballZ_command.py': Operation not permitted\n}). For information on working around this, see https://docs.ansible.com/ansible/become.html#becoming-an-unprivileged-user"}

2 questions:

What is the best way to run this command/bypass this error? what is the best way to store the output for later use?

unchained
  • 23
  • 6
  • 1) Your drush user does not have write access on /var/tmp, see the doc page pointed by your error: https://docs.ansible.com/ansible/become.html#becoming-an-unprivileged-user – β.εηοιτ.βε Jul 08 '20 at 17:53
  • 1
    2) You should look at either [Ansible Tower](https://www.ansible.com/products/tower) or its open source version [Ansible Tower AWX](https://github.com/ansible/awx) – β.εηοιτ.βε Jul 08 '20 at 17:55

1 Answers1

0

i think i found a way to avoid this, i will add the unprivileged user to sudoer list during setup and remove from sudoer after everything is installed.

unchained
  • 23
  • 6