-
Notifications
You must be signed in to change notification settings - Fork 23.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adding User to a Group not reflecting in subsequent tasks #66928
Comments
Files identified in the description: If these files are inaccurate, please update the |
Generally speaking, this is expected. Ansible uses ssh ControlPath for performance, which does not log into the target host between every task. As such, changes to that user like group modifications will not take immediate effect. You may need to use If you have further questions please stop by IRC or the mailing list:
|
So i tried with the suggested PLAY [Issue with Ansible Provisioning] *****************************************
TASK [Gathering Facts] *********************************************************
[DEPRECATION WARNING]: Distribution Ubuntu 18.04 on host default should use
/usr/bin/python3, but is using /usr/bin/python for backward compatibility with
prior Ansible releases. A future Ansible release will default to using the
discovered platform python for this host. See https://docs.ansible.com/ansible/
2.9/reference_appendices/interpreter_discovery.html for more information. This
feature will be removed in version 2.12. Deprecation warnings can be disabled
by setting deprecation_warnings=False in ansible.cfg.
ok: [default]
TASK [Create a group called test] **********************************************
changed: [default] => {"changed": true, "gid": 1002, "name": "test", "state": "present", "system": false}
TASK [Print out Command output for groups] *************************************
changed: [default] => {"changed": true, "cmd": ["groups"], "delta": "0:00:00.003497", "end": "2020-02-03 06:52:49.968317", "rc": 0, "start": "2020-02-03 06:52:49.964820", "stderr": "", "stderr_lines": [], "stdout": "vagrant", "stdout_lines": ["vagrant"]}
TASK [Add the user 'vagrant' to group test] ************************************
changed: [default] => {"append": true, "changed": true, "comment": ",,,", "group": 1000, "groups": "test", "home": "/home/vagrant", "move_home": false, "name": "vagrant", "shell": "/bin/bash", "state": "present", "uid": 1000}
[WARNING]: Reset is not implemented for this connection
TASK [Print out Command output for groups] *************************************
changed: [default] => {"changed": true, "cmd": ["groups"], "delta": "0:00:00.002220", "end": "2020-02-03 06:52:50.450301", "rc": 0, "start": "2020-02-03 06:52:50.448081", "stderr": "", "stderr_lines": [], "stdout": "vagrant", "stdout_lines": ["vagrant"]}
PLAY RECAP *********************************************************************
default : ok=5 changed=4 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
updated playbook- name: Issue with Ansible Provisioning
hosts: all
tasks:
- name: Create a group called test
group:
name: test
state: present
become: yes
- name: Print out Command output for groups
command: groups
- name: Add the user 'vagrant' to group test
user:
name: vagrant
append: true
groups: test
become: yes
- meta: reset_connection
- name: Print out Command output for groups
command: groups |
SUMMARY
Privileges of the user donot take effect after adding users to a group.
ISSUE TYPE
COMPONENT NAME
user
ANSIBLE VERSION
CONFIGURATION
OS / ENVIRONMENT
Vagrant Version: 2.2.6
vagrant plugin used : vagrant-vbguest (0.22.1, global)
Windows 10
Vagrantfile:
STEPS TO REPRODUCE
Use the above Vagrant file and the playbook below and then vagrant up
EXPECTED RESULTS
This creates plenty of issues as we add vagrant user to a particular group so that we can run the subsequent tasks using the privileges of that group. Without any choice we then have to run the subsequent tasks as root user which creates security issues.
However after the provisioning is complete and i login using 'vagrant ssh' then the groups command very well shows the output as
So there is some issue with Ansible not being able to refresh the new groups to which the user has been added.
ACTUAL RESULTS
The text was updated successfully, but these errors were encountered: