sudo twice become method for Ansible

Super User Asked on January 5, 2022

I have to deal with a setup in "/etc/sudoers" that I can’t change because the servers in question are managed by a different team and they don’t want to change it.

I have root access only by sudoing to another account first. My account is only allowed to run the specific command "sudo su – admin" (no additional arguments can be appended). Then, as user "admin", I can run any root commands normally with sudo (e.g., "sudo vi /etc/shadow", etc.) or open a root shell with "sudo -s" or "sudo su -", etc.

I want to run Ansible ad-hoc commands and playbooks as root (e.g., "become: yes") on these servers from a different server that I control, but it would require that Ansible first run "sudo su – admin", then run the normal "sudo" command.

I know you can create custom become methods. This seems to me the way to solve this problem, but the specific solution is beyond me. Can anyone help with this?

BTW, if it helps, "NOPASSWD:" is set for both my account and "admin" in "/etc/sudoers".

One Answer

you can use --become --become-user admin on ansible adhoc or use yaml below on ansible playbook.

  - name: Run a command as nobody
    command: somecommand
    become: yes
    become_user: admin
    become_method: su

if you need spesific become method you can use --become-method su, the default --become-method is sudo.

Answered by nothinux on January 5, 2022

Add your own answers!

Related Questions

Freezes on HP Laptop, getting worse

2  Asked on November 20, 2021 by nbar


cant download a blob video

0  Asked on November 20, 2021 by helpme_pls


Excel 2016 New Window grayed out

1  Asked on November 18, 2021 by carl-roberts


Ask a Question

Get help from others!

© 2023 All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP