How Do You Run Ansible Playbooks on Managed Nodes That Run Shell Scripts That Require sudo?

Problem scenario
You run an Ansible playbook on a server as a remote user that is a sudoer on that same server.  But you get this error when you run the playbook: "sudo: a password is required\r\n", "msg": "MODULE FAILURE", "rc": 1}"   How do you troubleshoot this error?

You want to run Bash scripts via Ansible playbooks.  But these scripts will install packages and modify sensitive files.  These scripts need to be run as a sudoer.  How do you run Ansible playbooks on managed nodes that run shell scripts that require sudo?

Solution

Root cause
A non-Ansible component is the root cause.  The individual servers that are the managed nodes need to allow for a user to assume sudoer privileges without prompting for a password.

Procedures
You will need a user that is a sudoer that does not get prompted for a password when the user runs commands with sudo.  Create this user.  For this example we will call it "cooluser".  You may substitute "cooluser" with "jdoe" or whichever user will be the one to configured to run the Ansible playbooks.

1.  Run this command: sudo visudo

2.  Inside this file that you will be able to modify, find these two lines:

## Same thing without a password
# %wheel        ALL=(ALL)       NOPASSWD: ALL

3.  Enter this stanza (but replace "cooluser" with the username that will run the shell scripts) underneath the above lines:
cooluser ALL=(ALL)      NOPASSWD:ALL

4.  Save the changes.  Use shift-z, shift-z (e.g., "ZZ" with no quotes) to save the changes.

If you want to see how to write a sample playbook, see the article "How Do You Run an Ansible Playbook to Configure 2 GB of Swap Space on Every Linux Server?"

Leave a comment

Your email address will not be published.