module - 运行时出错 become=yes 尝试获取 sudo 访问权限
问题描述
因此,我尝试使用 become=yes 运行 ansible 剧本,因为当我以普通用户身份运行它时,他没有权限并且剧本失败。但是如果我手动运行命令,他在服务器上具有 sudo 访问权限。当我在从属服务器上自己的主目录中执行操作时,我可以到达另一台服务器,并且 playbook 无需成为=yes 即可运行。但就是这样。当我使用 become=yes 时,我得到了这个错误,我不知道如何修复它。有人可以帮帮我吗。这是下面的错误
PLAY [install ansible] ************************************************************************************************************************************************************************************
TASK [Gathering Facts] ************************************************************************************************************************************************************************************
fatal: [h0011146.associatesys.local]: FAILED! => {"ansible_facts": {}, "changed": false, "failed_modules": {"setup": {"failed": true, "module_stderr": "Shared connection to h0011146.associatesys.local closed.\r\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}}, "msg": "The following modules failed to execute: setup\n"}
PLAY RECAP ************************************************************************************************************************************************************************************************
h0011146.associatesys.local : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
koebra@h0011145: /etc/ansible/roles>
这是我的主机文件
#
# It should live in /etc/ansible/hosts
#
# - Comments begin with the '#' character
# - Blank lines are ignored
# - Groups of hosts are delimited by [header] elements
# - You can enter hostnames or ip addresses
# - A hostname/ip can be a member of multiple groups
[slave]
h0011146.associatesys.local ansible_connection=ssh ansible_python_interpreter=/usr/bin/python # ansible_user=root
这是失败的剧本
---
- name: install ansible
hosts: slave
become: yes
tasks:
- name: install
yum:
name: ansible
state: latest
这是 -VVV 的全部输出
koebra@h0011145: /etc/ansible/roles> ansible-playbook ansible.yml
PLAY [install ansible] ************************************************************************************************************************************************************************************
TASK [Gathering Facts] ************************************************************************************************************************************************************************************
^C [ERROR]: User interrupted execution
koebra@h0011145: /etc/ansible/roles> ansible-playbook ansible.yml -vvv
ansible-playbook 2.9.10
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/home/koebra/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible-playbook
python version = 2.7.5 (default, Jun 11 2019, 14:33:56) [GCC 4.8.5 20150623 (Red Hat 4.8.5-39)]
Using /etc/ansible/ansible.cfg as config file
host_list declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
script declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
auto declined parsing /etc/ansible/hosts as it did not pass its verify_file() method
Parsed /etc/ansible/hosts inventory source with ini plugin
PLAYBOOK: ansible.yml *************************************************************************************************************************************************************************************
1 plays in ansible.yml
PLAY [install ansible] ************************************************************************************************************************************************************************************
TASK [Gathering Facts] ************************************************************************************************************************************************************************************
task path: /etc/ansible/roles/ansible.yml:3
<h0011146.associatesys.local> ESTABLISH SSH CONNECTION FOR USER: None
<h0011146.associatesys.local> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/home/koebra/.ansible/cp/8a6e5420a0 h0011146.associatesys.local '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
<h0011146.associatesys.local> (0, '/home/koebra\n', '')
<h0011146.associatesys.local> ESTABLISH SSH CONNECTION FOR USER: None
<h0011146.associatesys.local> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/home/koebra/.ansible/cp/8a6e5420a0 h0011146.associatesys.local '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo /home/koebra/.ansible/tmp `"&& mkdir /home/koebra/.ansible/tmp/ansible-tmp-1606933213.23-55559-199169178631287 && echo ansible-tmp-1606933213.23-55559-199169178631287="` echo /home/koebra/.ansible/tmp/ansible-tmp-1606933213.23-55559-199169178631287 `" ) && sleep 0'"'"''
<h0011146.associatesys.local> (0, 'ansible-tmp-1606933213.23-55559-199169178631287=/home/koebra/.ansible/tmp/ansible-tmp-1606933213.23-55559-199169178631287\n', '')
Using module file /usr/lib/python2.7/site-packages/ansible/modules/system/setup.py
<h0011146.associatesys.local> PUT /home/koebra/.ansible/tmp/ansible-local-55549z92f94/tmpO76wSg TO /home/koebra/.ansible/tmp/ansible-tmp-1606933213.23-55559-199169178631287/AnsiballZ_setup.py
<h0011146.associatesys.local> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/home/koebra/.ansible/cp/8a6e5420a0 '[h0011146.associatesys.local]'
<h0011146.associatesys.local> (0, 'sftp> put /home/koebra/.ansible/tmp/ansible-local-55549z92f94/tmpO76wSg /home/koebra/.ansible/tmp/ansible-tmp-1606933213.23-55559-199169178631287/AnsiballZ_setup.py\n', '')
<h0011146.associatesys.local> ESTABLISH SSH CONNECTION FOR USER: None
<h0011146.associatesys.local> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/home/koebra/.ansible/cp/8a6e5420a0 h0011146.associatesys.local '/bin/sh -c '"'"'chmod u+x /home/koebra/.ansible/tmp/ansible-tmp-1606933213.23-55559-199169178631287/ /home/koebra/.ansible/tmp/ansible-tmp-1606933213.23-55559-199169178631287/AnsiballZ_setup.py && sleep 0'"'"''
<h0011146.associatesys.local> (0, '', '')
<h0011146.associatesys.local> ESTABLISH SSH CONNECTION FOR USER: None
<h0011146.associatesys.local> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/home/koebra/.ansible/cp/8a6e5420a0 -tt h0011146.associatesys.local '/bin/sh -c '"'"'sudo -H -S -n -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-xlbmctdergsnsmfzmvctpkiayaendarz ; /usr/bin/python /home/koebra/.ansible/tmp/ansible-tmp-1606933213.23-55559-199169178631287/AnsiballZ_setup.py'"'"'"'"'"'"'"'"' && sleep 0'"'"''
Escalation succeeded
<h0011146.associatesys.local> (1, '', 'Shared connection to h0011146.associatesys.local closed.\r\n')
<h0011146.associatesys.local> Failed to connect to the host via ssh: Shared connection to h0011146.associatesys.local closed.
<h0011146.associatesys.local> ESTABLISH SSH CONNECTION FOR USER: None
<h0011146.associatesys.local> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/home/koebra/.ansible/cp/8a6e5420a0 h0011146.associatesys.local '/bin/sh -c '"'"'rm -f -r /home/koebra/.ansible/tmp/ansible-tmp-1606933213.23-55559-199169178631287/ > /dev/null 2>&1 && sleep 0'"'"''
<h0011146.associatesys.local> (0, '', '')
fatal: [h0011146.associatesys.local]: FAILED! => {
"ansible_facts": {},
"changed": false,
"failed_modules": {
"setup": {
"failed": true,
"module_stderr": "Shared connection to h0011146.associatesys.local closed.\r\n",
"module_stdout": "",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 1
}
},
"msg": "The following modules failed to execute: setup\n"
}
PLAY RECAP ************************************************************************************************************************************************************************************************
h0011146.associatesys.local : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
这是主服务器的 /VAR/LOG/MESSAGES 中的输出
Dec 2 12:33:40 h0011145 dzdo[56701]: WARN dz.common Username not found for given run as user cas. Error: No such file or directory
Dec 2 12:33:40 h0011145 adclient[2410]: INFO AUDIT_TRAIL|Centrify Suite|dzdo|1.0|4|dzdo granted|5|user=koebra(type:ad,koebra@PROD-AM.AMERITRADE.COM) pid=56701 utc=1606934020062 centrifyEventID=30004 DASessID=df052d84-b898-d44b-81ff-6eeced715fc4 DAInst=N/A status=GRANTED service=dzdo command=/usr/bin/tail runas=root role=ad.role.unix.admin/Unix env=(none) MfaRequired=false EntityName=prod-am.ameritrade.com\\h0011145
koebra@h0011145: /etc/ansible/roles>
解决方案
推荐阅读
- python - OpenCV2 错误:(-215:断言失败)'cv::resize',同时训练模型
- asp.net-core - ASP.NET 核心从 applicationsettings.json 读取数组
- excel - 日期不会出现在列表框的文本框中
- c++ - 为什么我们不更新路径压缩后不相交集的排名?
- google-play-console - 如何处理违反 Google Play 重复内容政策的行为?
- java - Spring Boot 2 - 在@Configuration 之前加载@Component
- swift - SwiftUI 在双栏导航中禁用滑出式抽屉
- laravel - 使用 Vue axios 将表单数据和参数传递给 Laravel 控制器
- c++ - 无法使用 cmake + vcpkg 在 VS Code 中包含 C++ 项目的库
- python - Plotly:如何从 x_axis 中删除未使用的值