在远程服务器中,普通用户具有 sudo 访问权限,但未激活 NOPASSWD。sudo su - 命令要求输入用户密码。我尝试使用 Ansible 运行命令并提供 sudo 密码,但它不起作用,并出现“MODULE FAILURE\nSee stdout/stderr for the exact error”错误。请检查以下日志。
库存文件
[root@**-*****2 ~]# cat inventory
[prod]
10.***.***.250 ansible_user=m**** ansible_password=*******
它与普通用户一起工作
[root@****** ~]# ansible prod -m ping
10.***.***.250 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
但当我切换到成为
[root@****** ~]# ansible prod -m ping --become
10.***.***.250 | FAILED! => {
"msg": "Missing sudo password"
}
当我提供 Sudo 密码时。
[root@****** ~]# ansible prod -m ping --become -K
BECOME password:
10.***.***.250 | FAILED! => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"module_stderr": "Shared connection to 10.***.***.250 closed.\r\n",
"module_stdout": "\r\n",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 1
}
上述错误的详细输出是
10.***.***.250 | FAILED! => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"module_stderr": "OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 58: Applying options for *\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: done pid = 21356\r\ndebug3: mux_client_request_session: session request sent\r\ndebug1: mux_client_request_session: master session id: 2\r\ndebug3: mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received exit status from master 1\r\nShared connection to 10.***.***.250 closed.\r\n",
"module_stdout": "\r\n",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 1
}
在激活了 NOPASSWD 的 sudo 下,它可以正常工作。请提出建议。
答案1
这个问题已经回答了https://stackoverflow.com/questions/21870083/specify-sudo-password-for-ansible
主要寻找他们讨论的部分--ask-sudo-pass