Super User Asked on January 5, 2022
I have to deal with a setup in "/etc/sudoers" that I can’t change because the servers in question are managed by a different team and they don’t want to change it.
I have root access only by sudoing to another account first. My account is only allowed to run the specific command "sudo su – admin" (no additional arguments can be appended). Then, as user "admin", I can run any root commands normally with sudo (e.g., "sudo vi /etc/shadow", etc.) or open a root shell with "sudo -s" or "sudo su -", etc.
I want to run Ansible ad-hoc commands and playbooks as root (e.g., "become: yes") on these servers from a different server that I control, but it would require that Ansible first run "sudo su – admin", then run the normal "sudo" command.
I know you can create custom become methods. This seems to me the way to solve this problem, but the specific solution is beyond me. Can anyone help with this?
BTW, if it helps, "NOPASSWD:" is set for both my account and "admin" in "/etc/sudoers".
you can use --become --become-user admin
on ansible adhoc or use yaml below on ansible playbook.
- name: Run a command as nobody
command: somecommand
become: yes
become_user: admin
become_method: su
if you need spesific become method you can use --become-method su
, the default --become-method
is sudo
.
Answered by nothinux on January 5, 2022
4 Asked on November 20, 2021 by user570593
1 Asked on November 20, 2021 by 3limin4t0r
1 Asked on November 20, 2021 by jagdish-jogal
2 Asked on November 20, 2021 by bharathyes
5 Asked on November 20, 2021 by pjs
1 Asked on November 20, 2021
1 Asked on November 20, 2021
2 Asked on November 20, 2021
0 Asked on November 20, 2021 by helpme_pls
1 Asked on November 20, 2021 by houss_gc
1 Asked on November 18, 2021
7 Asked on November 18, 2021 by falsky
1 Asked on November 18, 2021 by carl-roberts
Get help from others!
Recent Questions
Recent Answers
© 2023 AnswerBun.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP