Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Global sudo setting from the ansible.cfg is not read #3447

Closed
tonk opened this issue Jul 5, 2013 · 5 comments
Closed

Global sudo setting from the ansible.cfg is not read #3447

tonk opened this issue Jul 5, 2013 · 5 comments

Comments

@tonk
Copy link
Contributor

tonk commented Jul 5, 2013

When I try to run a playbook with

ansible-playbook test.yml

and with sudo_user in ansible.cfg, the sudo is not honored.

When supplying the --sudo commandline option things work as expected.

This in version 1.3
@mpdehaan
Copy link
Contributor

mpdehaan commented Jul 5, 2013

Thanks.

Just to confirm?

Are you setting sudo=True in the config file in addition to also setting sudo_user?

@tonk
Copy link
Contributor Author

tonk commented Jul 5, 2013

That is what I tried, but that's not working. I also set it in the playbook that includes all the others, but that doesn't work either.

At this moment, the only one working is --sudo on the command line.

@tonk
Copy link
Contributor Author

tonk commented Jul 5, 2013 

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=
Config file: q.cfg
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=
[defaults]
hostfile = /etc/ansible/hosts
library = /usr/share/ansible
module_name = command
remote_tmp = $HOME/.ansible/tmp
pattern = *
forks = 25
timeout = 10
poll_interval = 15
sudo = True
sudo_user = root
log_path = /var/log/ansible.log
transport = smart
remote_port = 22
remote_user = ansible
private_key_file = /etc/ansible/.ssh/id_rsa
ansible_managed = %Y-%m-%d %H:%M
[paramiko_connection]
[ssh_connection]
ssh_args=-o PasswordAuthentication=no -o ControlMaster=auto -o ControlPersist=60s -o ControlPath=/tmp/ansible-ssh-%h-%p-%r
scp_if_ssh=True
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=
Ansible command: ANSIBLE_SSH_ARGS='' ANSIBLE_KEEP_REMOTE_FILES=1 ANSIBLE_NOCOWS=1 ANSIBLE_CONFIG=/etc/ansible/q.cfg ansible-playbook  -vvv --forks=1   testplay/main.yml
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=


PLAY [master] *****************************************************************

GATHERING FACTS ***************************************************************
<master> ESTABLISH CONNECTION FOR USER: ansible on PORT 22 TO master
<master> EXEC /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-1373040371.28-126918517754906 && chmod a+rx $HOME/.ansible/tmp/ansible-1373040371.28-126918517754906 && echo $HOME/.ansible/tmp/ansible-1373040371.28-126918517754906'
<master> REMOTE_MODULE setup
<master> PUT /tmp/tmpTpTcm8 TO /etc/ansible/.ansible/tmp/ansible-1373040371.28-126918517754906/setup
<master> EXEC /bin/sh -c '/usr/bin/python /etc/ansible/.ansible/tmp/ansible-1373040371.28-126918517754906/setup'
ok: [master]

TASK: [Test a playbook for sudo] **********************************************
<master> ESTABLISH CONNECTION FOR USER: ansible on PORT 22 TO master
<master> EXEC /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-1373040371.69-144388088999172 && chmod a+rx $HOME/.ansible/tmp/ansible-1373040371.69-144388088999172 && echo $HOME/.ansible/tmp/ansible-1373040371.69-144388088999172'
<master> EXEC /bin/sh -c 'rc=0; [ -r "/etc/sysconfig/network.tst" ] || rc=2; [ -f "/etc/sysconfig/network.tst" ] || rc=1; [ -d "/etc/sysconfig/network.tst" ] && rc=3; (/usr/bin/md5sum /etc/sysconfig/network.tst 2>/dev/null) || (/sbin/md5sum -q /etc/sysconfig/network.tst 2>/dev/null) || (/usr/bin/digest -a md5 /etc/sysconfig/network.tst 2>/dev/null) || (/sbin/md5 -q /etc/sysconfig/network.tst 2>/dev/null) || (/usr/bin/md5 -n /etc/sysconfig/network.tst 2>/dev/null) || (/bin/md5 -q /etc/sysconfig/network.tst 2>/dev/null) || (echo "${rc}  /etc/sysconfig/network.tst")'
<master> PUT /tmp/tmpA7n51N TO /etc/ansible/.ansible/tmp/ansible-1373040371.69-144388088999172/source
<master> PUT /tmp/tmp1NWRsW TO /etc/ansible/.ansible/tmp/ansible-1373040371.69-144388088999172/copy
<master> EXEC /bin/sh -c '/usr/bin/python /etc/ansible/.ansible/tmp/ansible-1373040371.69-144388088999172/copy'
failed: [master] => {"failed": true}
msg: Destination /etc/sysconfig not writable

FATAL: all hosts have already failed -- aborting

PLAY RECAP ********************************************************************
           to retry, use: --limit @/var/tmp/ansible/main.retry

master                     : ok=1    changed=0    unreachable=0    failed=1

@tonk
Copy link
Contributor Author

tonk commented Jul 5, 2013

Removing -o ControlPersist=60s from the SSH configs doesn't help either (I do run this on CentOS 6 where OpenSSH doesn't support ControlPersist)/

Placing sudo: True in the playbook works, but only for that single playbook.

But looking further into this, sudo is not a defined option for the ansible.cfg, right?

So, when I do specify sudo_user then one can be sure that sudo is needed, so if sudo_user is defined
in the config file, sudo should become True

@tonk
Copy link
Contributor Author

tonk commented Jul 5, 2013

Added a pull request to repair this

mpdehaan pushed a commit that referenced this issue Jul 5, 2013
@tonk
Repair issue #3447
37ee361
mpdehaan added a commit that referenced this issue Jul 5, 2013
@mpdehaan
Merge pull request #3450 from tonk/sudo
14818af 
Repair issue #3447
@tonk tonk closed this as completed Jul 6, 2013
@ansible ansible locked and limited conversation to collaborators Apr 24, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mpdehaan @tonk