I just don't know what else to try. I've beat my head on this for 3 days
now and it's becoming obvious that either Ansible 2.3 is a complete
disaster, or the CentOS 7 package is a complete cluster. Here's my
problem. I am working on getting an ansible server to manage about 100
or so CentOS 6 servers. All have an unprivileged user account setup (up
to 3 years before I got here in April) but that user account isn't setup
with sudo access. The way to get to root is 'su'.
I'm not a newbie with Ansible as I used it extensively in my previous
position to manage ~70 or so Ubuntu servers. The Ansible is CentOS 7.
I'm working on getting Ansible to play nice with privilege escalation
using SU and NAFT has worked. Here's an example (very simple) playbook:
Because I'm having to use 'su' I have to either add the user password to
the inventory file or use the --ask-become-pass parameter to the command
line. Every time I do, I get this:
[root@ansible ~]# ansible-playbook playbooks/radtest.yml --ask-become-pass
SUDO password:
It bombs timing out on privilege escalation. Every single time. I'm
absolutely frustrated and am almost ready to throw ansible to the curb
for something that doesn't suck so bad. But before I do, I'm asking the
list, anyone seen anything like this before? I could post to the
ansible list, but it's a google group and God knows when I might get a
reply.
BTW, setting up root with key-only auth is an option, but would be a
real PITA to configure 100+ external servers by hand with the keys and
reconfig sshd for it.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos