0

I am trying to understand --become in order to use ansible to do some local task on my centos. I tried several ansible modules (copy, unarchive) with become that each result with diffetent kind of errors.

Platform used: centos 7

Ansible (installed in a python 3 virtual env) version:

(ansible) [maadam@linux update_centos]$ ansible --version
ansible 2.10.16
  config file = None
  configured module search path = ['/home/maadam/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/maadam/Sources/python/venv/ansible/lib64/python3.6/site-packages/ansible
  executable location = /home/maadam/Sources/python/venv/ansible/bin/ansible
  python version = 3.6.8 (default, Nov 16 2020, 16:55:22) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)]

I tried to reproduice the example provided by @techraf in this issue to test become: Using --become for ansible_connection=local.

I used the same playbook:

---
- hosts: localhost
  gather_facts: no
  connection: local
  tasks:
    - command: whoami
      register: whoami
    - debug:
        var: whoami.stdout

So I hope the same result as this:

(ansible) [maadam@linux update_centos]$ sudo whoami
root

Whithout become:

ansible) [maadam@linux update_centos]$ ansible-playbook playbook.yml 
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost
does not match 'all'

PLAY [localhost] ***************************************************************************************

TASK [command] *****************************************************************************************
changed: [localhost]

TASK [debug] *******************************************************************************************
ok: [localhost] => {
    "whoami.stdout": "maadam"
}

PLAY RECAP *********************************************************************************************
localhost                  : ok=2    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

With become I have this error:

(ansible) [maadam@linux update_centos]$ ansible-playbook playbook.yml --become
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost
does not match 'all'

PLAY [localhost] ***************************************************************************************

TASK [command] *****************************************************************************************
fatal: [localhost]: FAILED! => {"changed": false, "module_stderr": "/var/tmp/sclPip796: line 8: -H: command not found\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 127}

PLAY RECAP *********************************************************************************************
localhost                  : ok=0    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0

So I don't understand what I am missing with become.

Thanks for your helps

Garag
  • 101
  • 1
  • 1
  • 6
  • On what platform (Linux/Windows/Mac/something else) are you running Ansible? Have you set any options in `ansible.cfg`? Can you update your question to include the playbook with `become` so we can see exactly where you've placed it? – larsks Mar 11 '22 at 17:08
  • Hi, I haven't set any options on ansible.cfg. In the test, I didn't place become in the playbook, only use --become in the command line. – Garag Mar 14 '22 at 08:25

2 Answers2

0

in ansible.cfg file check for the become_method. you can use "sudo su -".

Venu Madhav Hari
  • 51
  • 1
  • 9
  • Hi, I put a file ansible.cfg in the same dir as my playbook: ``` (ansible) [maadam@linux update_centos]$ cat ansible.cfg [defaults] become_method = sudo su - ``` But I get the same error. – Garag Mar 14 '22 at 08:32
0

I don't know if I handle this correctly but if I run my playbook as root, I have no error:

(ansible) [maadam@linux update_centos]$ sudo ansible-playbook playbook.yml
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'

PLAY [localhost] **************************************************************************************************************************************************************************************************

TASK [command] ****************************************************************************************************************************************************************************************************
changed: [localhost]

TASK [debug] ******************************************************************************************************************************************************************************************************
ok: [localhost] => {
    "whoami.stdout": "root"
}

PLAY RECAP ********************************************************************************************************************************************************************************************************
localhost                  : ok=2    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Not sure it is the right way to doing things in local with ansible. Sure if you are already root, no need for privilege escalation.

Garag
  • 101
  • 1
  • 1
  • 6