You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi, ansible currently has a problem with become_user functionality with rootsh shell. That's because of the following reason.
If we try to run commands using become_user: testuser using sudo method then ansible tries to run the following command:
sudo -u testuser /bin/sh -c "commands"
Now if we try to use rootsh using become_exe flags then it will try to run the following:
sudo rootsh -u testuser /bin/sh -c "commands"
which doesn't work as rootsh only supports -- to run remote commands not /bin/sh -c. for example: the following command will work for rootsh
sudo rootsh -u testuser -- "commands"
Now if ansible allows us to change that /bin/sh -c flag to -- then we can make it to use rootsh with ansible. So can you guys implement a new option to change the flags after -u testuser portion? Thanks.
Thanks.
Issue Type
Feature Idea
Component Name
become
become_user
become_flags
become_exe
Additional Information
I have tried using several solutions. Like from using the become_flags to use become_exe none works.
Also, I tried to change the executable shell to rootsh using
executable: /usr/bin/rootsh inside ansible config file. but it can't access rootsh without root access. So looks like the above is the only way.
Code of Conduct
I agree to follow the Ansible Code of Conduct
The text was updated successfully, but these errors were encountered:
Summary
Hi, ansible currently has a problem with become_user functionality with rootsh shell. That's because of the following reason.
If we try to run commands using become_user: testuser using sudo method then ansible tries to run the following command:
sudo -u testuser /bin/sh -c "commands"
Now if we try to use rootsh using become_exe flags then it will try to run the following:
sudo rootsh -u testuser /bin/sh -c "commands"
which doesn't work as rootsh only supports
--
to run remote commands not/bin/sh -c
. for example: the following command will work for rootshsudo rootsh -u testuser -- "commands"
Now if ansible allows us to change that
/bin/sh -c
flag to -- then we can make it to use rootsh with ansible. So can you guys implement a new option to change the flags after-u testuser
portion? Thanks.Thanks.
Issue Type
Feature Idea
Component Name
become
become_user
become_flags
become_exe
Additional Information
I have tried using several solutions. Like from using the become_flags to use become_exe none works.
Also, I tried to change the executable shell to rootsh using
executable: /usr/bin/rootsh inside ansible config file. but it can't access rootsh without root access. So looks like the above is the only way.
Code of Conduct
The text was updated successfully, but these errors were encountered: