sudo twice become method for Ansible

Unix & Linux Asked on January 5, 2022

I have to deal with a setup in "/etc/sudoers" that I can’t change because the servers in question are managed by a different team and they don’t want to change it.

I have root access only by sudoing to another account first. My account is only allowed to run the specific command "sudo su – admin" (no additional arguments can be appended). Then, as user "admin", I can run any root commands normally with sudo (e.g., "sudo vi /etc/shadow", etc.) or open a root shell with "sudo -s" or "sudo su -", etc.

I want to run Ansible ad-hoc commands and playbooks as root (e.g., "become: yes") on these servers from a different server that I control, but it would require that Ansible first run "sudo su – admin", then run the normal "sudo" command.

I know you can create custom become methods. This seems to me the way to solve this problem, but the specific solution is beyond me. Can anyone help with this?

BTW, if it helps, "NOPASSWD:" is set for both my account and "admin" in "/etc/sudoers".

Add your own answers!

Related Questions

Why I cannot see filesystem in result of df -h?

0  Asked on October 31, 2021 by qmski


Postfix cannot start but dovecot is ok

1  Asked on October 31, 2021 by phan


Logging in with ‘su’ without entering a password

2  Asked on October 31, 2021 by user3561602


Ranger – open_with without suspending

3  Asked on October 31, 2021 by tigerjack


CentOS 8: Modular dependency problems

3  Asked on October 30, 2021 by aditya-k


Ask a Question

Get help from others!

© 2023 All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP