New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ansilbe become user with rootsh support #83148
Comments
Files identified in the description: None If these files are incorrect, please update the |
Rather than adding a support for existing become plugins, this should be implemented as a new become plugin that can be included in a collection. If you have further questions please stop by IRC or the mailing list:
See this page for a complete and up to date list of communication channels and their purposes: |
Summary
Hi, ansible currently has a problem with become_user functionality with rootsh shell. That's because of the following reason.
If we try to run commands using become_user: testuser using sudo method then ansible tries to run the following command:
sudo -u testuser /bin/sh -c "commands"
Now if we try to use rootsh using become_exe flags then it will try to run the following:
sudo rootsh -u testuser /bin/sh -c "commands"
which doesn't work as rootsh only supports
--
to run remote commands not/bin/sh -c
. for example: the following command will work for rootshsudo rootsh -u testuser -- "commands"
Now if ansible allows us to change that
/bin/sh -c
flag to -- then we can make it to use rootsh with ansible. So can you guys implement a new option to change the flags after-u testuser
portion? Thanks.Thanks.
Issue Type
Feature Idea
Component Name
become
become_user
become_flags
become_exe
Additional Information
I have tried using several solutions. Like from using the become_flags to use become_exe none works.
Also, I tried to change the executable shell to rootsh using
executable: /usr/bin/rootsh inside ansible config file. but it can't access rootsh without root access. So looks like the above is the only way.
Code of Conduct
The text was updated successfully, but these errors were encountered: