Reputation: 29
Ansible sudo su - user privilege escalation issue
My Environment uses work with Linux environments.
My Login process is 1. login to Linux box using my personal ID. 2. then switch to application id ==> sudo su - applicationID [this switch does not ask a password and takes me to the home domain_path for applicationID] 3. All tasks are performed here.
Can i implement the same switch through Ansible. Tried become, become_user and also remote_user nothing works I am getting multiple errors and not sure how to get thru. It also asks me for a password which i do not have. Saw multiple posts but cant understand the combination of sudo su - userID
Upvotes: 1
Views: 532
Answers (2)
Reputation: 173
If it's still giving you "Timeout (12s) waiting for privilege escalation prompt" error then it's missing the password prompt. So try giving the password prompt explicitly in become_exe like as the following.
- hosts: application
become: true
become_method: su
become_user: applicationID
become_exe: 'sudo -p "Password: " su -'
the above playbook will run the following command: sudo -p "Password: " su - applicationID -c "further commands mentioned on the tasks"
So your administrator must allow you to run su - applicationID -c * commands to make this technique work. and remember you must have to provide the --ask-become-pass or -K option while playing the playbook. Good luck.
Upvotes: 0
Reputation: 59557
Try this one:
- hosts: application
become: yes
become_exe: "sudo su - applicationID"
become_method: su
tasks:
Upvotes: 1
Related Questions
- Ansible non-root sudo user and "become" privilege escalation
- Ansible with "sudo su - "
- Ansible and "sudo su - "
- Ansible privilege escalation with limited sudo
- Ansible privilege escalation become with sudo -i
- Ansible privilege escalation prompt problem
- Ansible run commands with sudo but don't become root
- Using Ansible to run sudo /bin/su - username
- Unable to execute "sudo su -" in Ansible
- Using Ansible with sudo su