We have a fairly restrictive procedure for creating new Centos 7 VMs on GCP.
- We create a VM from an image, then
- we log in with a so-called rescue user (let them be called
xyzRescue) who has a very long password - we
sutoroot(xyzRescuedoes not havesudorights), requiring another, different, very long password - add an admin user and their SSH key and a
sudoersentry for them
This works fine but is very slow.
I am trying to automate this with Ansible.
The attempt fails while gathering facts.
The command I use and its output is as follows
$ ansible-playbook -i new.hosts -u xyzRescue --become-user root --ask-pass --ask-become-pass --become-method=su sudoers.yml
SSH password: <entered xyzRescue's password>
BECOME password[defaults to SSH password]: <entered root's password>
PLAY [Configure sudo rights] ***********************************************************************************************************************************
TASK [Gathering Facts] *****************************************************************************************************************************************
fatal: [avm-p]: FAILED! => {}
MSG:
Timeout (62s) waiting for privilege escalation prompt:
PLAY RECAP *****************************************************************************************************************************************************
avm-p : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
The ansible playbook looks like this:
- name: Configure sudo rights
hosts: new_hosts
become: True
become_method: su
become_flags: "-"
roles:
- sudoers
I can't figure what I am doing wrong. Any ideas?
