Reputation: 1965
Ansible privilege escalation --become
Once upon a time (I think before version 1.9) we could use -s for sudo on command line. Now it does not work. I am using version 2.85 on Ubuntu 18.04.
$ ansible all -m apt -a “name=httpd state=latest” - this should give error lack of privilege, but instead ERROR! Extraneous options or arguments
$ ansible -s all -m apt -a “name=httpd state=latest” - this used to work once upon a time. Also instead of -s tried -b and --become - all give- ERROR! Extraneous options or arguments
Also tried --become-user=root - same error
Is this command line syntax wrong- has all this changed over time?
How do we solve this - just use playbooks?
Update 1
The quote issue copy paste out of ms word - in word somehow it converts " to “ - that is how that transformation happened. So just use notepad.
Now replaced “ ” with " " and -b option.
Tried this it went further
ansible -b all -m apt -a "name=httpd state=latest"
But it fails: [WARNING]: Could not find aptitude. Using apt-get instead
x.x.x.x | FAILED! => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"cache_update_time": 1570925983,
"cache_updated": false,
"changed": false,
"msg": "'/usr/bin/apt-get -y -o \"Dpkg::Options::=--force-confdef\" -o \"Dpkg::Options::=--force-confold\" install 'httpd'' failed: E: Package 'httpd' has no installation candidate\n",
"rc": 100, ...
Not sure what this error means means - "install 'httpd'' failed: E: Package 'httpd' has no installation candidate". The target machine is ubuntu 18.04
This command works
apache2 (for debian) with -b (for sudo):
ansible -b all -m apt -a "name=apache2 state=latest"
Upvotes: 1
Views: 1314
Answers (3)
Reputation: 2568
As mentioned above, httpd is called as apache2 in Ubuntu, so you can use the below command.
ansible all -m apt -a "name=apache2 state=latest"
Upvotes: 1
Reputation: 927
The issue is that Ubuntu doesn't have a package named httpd which is explained in the error message here: failed: E: Package 'httpd' has no installation candidate
The Red Hat family of distros (RHEL, CentOS, and Fedora) calls it httpd because that's technically what the upstream project name is, where as the Debian family of distros (which Ubuntu belongs to as a descendent of Debian) calls it apache2 because in the heyday of the LAMP stack the httpd service was commonly known as simply "Apache" and we're currently on major revision 2.
Upvotes: 4
Reputation: 2095
I think you just need to replace your quotes with simple double or single quote marks:
ansible all -m apt -a "name=httpd state=latest"
or
ansible all -m apt -a 'name=httpd state=latest'
Your shell probably isn't recognising the open/close quote marks you're using so ansible is getting “name=httpd as the argument to the -a option and doesn't know what to do with state=latest”.
Upvotes: 1
Related Questions
- Ansible sudo su - user privilege escalation issue
- Ansible non-root sudo user and "become" privilege escalation
- Ansible privilege escalation with limited sudo
- Ansible privilege escalation become with sudo -i
- Operation requires privilege escalation
- Elevate to Privilege Level
- Ansible privilege escalation prompt problem
- Understanding privilege escalation in ansible
- Ansible - correct way for privilege elevation
- ansible roles as command line arg