Project

General

Profile

Bug #30899

Le playbook d'installation échoue si lancée par un sudoers NOPASSWD

Added by Paul Marillonnet 5 months ago. Updated 5 months ago.

Status:
Nouveau
Priority:
Normal
Assignee:
-
Target version:
-
Start date:
26 Feb 2019
Due date:
% Done:

0%

Patch proposed:
No
Planning:
No

Description

Avec le paquet debian ansible 2.7.7+dfsg-1 :

$ ansible-playbook -i tenants-inventory.yml install.yml

PLAY [publik multitenants installation] *******************************************************

TASK [Gathering Facts] ************************************************************************
ok: [localhost]

TASK [facts : guess username (can be overidden in options/inventory)] *************************
changed: [localhost -> localhost]

TASK [facts : set user variable] **************************************************************
ok: [localhost]

TASK [base : Install system packages dependencies] ********************************************
ok: [localhost]

TASK [base : create the postgresql user named paul] *******************************************
fatal: [localhost]: FAILED! => {"changed": false, "module_stderr": "sudo: il est nécessaire de saisir un mot de passe\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}
    to retry, use: --limit @/home/paul/publik-devinst/install.retry

PLAY RECAP ************************************************************************************
localhost                  : ok=4    changed=1    unreachable=0    failed=1   

History

#1 Updated by Emmanuel Cazenave 5 months ago

  • Status changed from Nouveau to Rejeté

RTFM :) : https://doc-publik.entrouvert.com/dev/installation-developpeur/

$ ansible-playbook -i tenants-inventory.yml -K install.yml

#2 Updated by Paul Marillonnet 5 months ago

Merci...

#3 Updated by Emmanuel Cazenave 5 months ago

  • Status changed from Rejeté to Nouveau
  • Subject changed from Le playbook d'installation ne demande pas le mot de passe sudo to Le playbook d'installation échoue si lancée par un sudoers NOPASSWD

Et donc en fait puisque ton utilisateur est un 'sudoers NOPASSWD', la commande devrait passer tel quelle je pense, sans le -K qui n'a aucun sens dans cette situation.

Et là tu tombes peut-être là dedans, à creuser : https://github.com/ansible/ansible/issues/14022.

#4 Updated by Paul Marillonnet 5 months ago

Bizarre bizarre, je ne comprends plus.

paul@amok:~/publik-devinst$ su
Mot de passe : 
root@amok:/home/paul/publik-devinst# exit
paul@amok:~/publik-devinst$ ansible-playbook -K -i tenants-inventory.yml --become-method=su install.yml
SU password: 

PLAY [publik multitenants installation] *******************************************************************************************************************************************************

TASK [Gathering Facts] ************************************************************************************************************************************************************************
ok: [localhost]

TASK [facts : guess username (can be overidden in options/inventory)] *************************************************************************************************************************
changed: [localhost -> localhost]

TASK [facts : set user variable] **************************************************************************************************************************************************************
ok: [localhost]

TASK [base : Install system packages dependencies] ********************************************************************************************************************************************
ok: [localhost]

TASK [base : create the postgresql user named paul] *******************************************************************************************************************************************
fatal: [localhost]: FAILED! => {"changed": false, "module_stderr": "su: Échec d'authentification\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}
    to retry, use: --limit @/home/paul/publik-devinst/install.retry

PLAY RECAP ************************************************************************************************************************************************************************************
localhost                  : ok=4    changed=1    unreachable=0    failed=1 

Also available in: Atom PDF