使用'sudo bash'来提高ansible的用户权限 [英] using 'sudo bash' to elevate user permission with ansible

问题描述

我目前正在一个系统上，成为root的唯一方法是通过命令"sudo bash".我的意图是使用Ansible安装依赖项并配置文件，并且当前记录的特权升级方法不适用于当前的系统设置.

I am currently working on a system that the only way to become root is via the command "sudo bash". My intentions are to use Ansible to install dependencies and configure files, and the currently documented methods of privilege escalation do not work with my current system setup.

推荐答案

如果仅提供 sudo bash ，那么与控制端之间的<->远程主机连接就不是很好的选择因为这是权限提升功能的已知限制.

If only sudo bash is available for you, then ansible with a controler <-> remote host connection is not a good candidate as this is a known limitation of the privilege escalation feature.

为进一步说明，使用当前 remote_user 作为临时python序列化文件，将Ansible模块命令发送到远程主机.对于特权升级，这些文件使用 sudo 运行.在此处此处查看详细说明..

To explain a bit further, Ansible module commands are sent to the remote host using the current remote_user as temporary python serialized files. For privilege escalation, those files are run with sudo. See a more detailed description of how this works here.

直接在主机上成为root(在您的剧本中定位localhost)之后，您仍然可以运行ansible.您可能需要看看 ansible拉动让您可以从git之类的VCS中获取并运行剧本.

You can still run ansible after becoming root directly on the host (targeting localhost in you playbook). You may want to have a look at ansible pull which will let you fetch and run a playbook out of a VCS like git.

这篇关于使用'sudo bash'来提高ansible的用户权限的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！