reset of sudo users password in remote servers and fetch the hostname using anisble
by pantdk from LinuxQuestions.org on (#5J1QH)
Hi All,
Hope all are well. I am trying to reset the password of all remote server user. I have a user "ax_vaptlin" which is created in all the server. Now I am trying to reset the password on all the server. Therefore, I have created on Ansible server which can connect with all the server. But my commands are not working. Hence, need your input for fixing the issue.
Quote:
Quote:
Quote:
Hope all are well. I am trying to reset the password of all remote server user. I have a user "ax_vaptlin" which is created in all the server. Now I am trying to reset the password on all the server. Therefore, I have created on Ansible server which can connect with all the server. But my commands are not working. Hence, need your input for fixing the issue.
Quote:
| OS = RHEL7 [ax_vaptlin@ip-172-31-44-212 ~]$ ls -lart .ansible total 0 drwx------ 4 ax_vaptlin ax_vaptlin 27 May 7 12:41 . drwx------ 5 ax_vaptlin ax_vaptlin 287 May 19 09:55 .. drwx------ 2 ax_vaptlin ax_vaptlin 6 May 20 05:12 tmp drwx------ 2 ax_vaptlin ax_vaptlin 6 May 20 05:13 cp [ax_vaptlin@ip-172-31-44-212 ~]$ pwd /home/ax_vaptlin [ax_vaptlin@ip-172-31-44-212 ~]$ [ax_vaptlin@ip-172-31-44-212 ~]$ egrep -v "^#|^$" .ansible.cfg [defaults] host_key_checking = false sudo_user = [ax_vaptlin] ask_sudo_pass = False ask_pass = False inventory = /home/ax_vaptlin/server [inventory] [privilege_escalation] become=True become_method=sudo become_user=ax_vaptlin become_ask_pass=False [paramiko_connection] [ssh_connection] [persistent_connection] [accelerate] [selinux] [colors] [diff] [ax_vaptlin@ip-172-31-44-212 ~]$ [ax_vaptlin@ip-172-31-44-212 ~]$ ansible --version ansible 2.9.18 config file = /home/ax_vaptlin/.ansible.cfg configured module search path = [u'/home/ax_vaptlin/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /bin/ansible python version = 2.7.5 (default, Aug 13 2020, 02:51:10) [GCC 4.8.5 20150623 (Red Hat 4.8.5-39)] [ax_vaptlin@ip-172-31-44-212 ~]$ ping 10.10.220.52 PING 10.10.220.52 (10.10.220.52) 56(84) bytes of data. 64 bytes from 10.10.220.52: icmp_seq=1 ttl=255 time=0.655 ms 64 bytes from 10.10.220.52: icmp_seq=2 ttl=255 time=0.695 ms ^C --- 10.10.220.52 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1000ms rtt min/avg/max/mdev = 0.655/0.675/0.695/0.020 ms [ax_vaptlin@ip-172-31-44-212 ~]$ ping 10.10.220.19 PING 10.10.220.19 (10.10.220.19) 56(84) bytes of data. 64 bytes from 10.10.220.19: icmp_seq=1 ttl=64 time=0.644 ms 64 bytes from 10.10.220.19: icmp_seq=2 ttl=64 time=0.666 ms 64 bytes from 10.10.220.19: icmp_seq=3 ttl=64 time=0.675 ms ^C --- 10.10.220.19 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2000ms rtt min/avg/max/mdev = 0.644/0.661/0.675/0.032 ms [ax_vaptlin@ip-172-31-44-212 ~]$ [ax_vaptlin@ip-172-31-44-212 ~]$ sudo -l [sudo] password for ax_vaptlin: Matching Defaults entries for ax_vaptlin on ip-172-31-44-212: !visiblepw, always_set_home, match_group_by_gid, env_reset, env_keep="COLORS DISPLAY HOSTNAME HISTSIZE KDEDIR LS_COLORS", env_keep+="MAIL PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE", env_keep+="LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES", env_keep+="LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE", env_keep+="LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY", secure_path=/sbin\:/bin\:/usr/sbin\:/usr/bin User ax_vaptlin may run the following commands on ip-172-31-44-212: (ALL) ALL [ax_vaptlin@ip-172-31-44-212 ~]$ [ax_vaptlin@ip-172-31-44-212 ~]$ ansible linux -m command -a uptime -u ax_vaptlin -k SSH password: 172.31.14.1 | FAILED | rc=-1 >> Missing sudo password [ax_vaptlin@ip-172-31-44-212 ~]$ ansible linux -m setup -a 'filter=ansible_hostname' -b -k SSH password: 172.31.14.1 | FAILED! => { "msg": "Missing sudo password" } [ax_vaptlin@ip-172-31-44-212 ~]$ |
Quote:
| [ax_vaptlin@ip-172-31-44-212 ~]$ cat change-password.yml --- - hosts: all become: yes tasks: - name: Change user password user: name: ax_vaptlin update_password: always password: "{{ newpassword|password_hash('sha512') }}" [ax_vaptlin@ip-172-31-44-212 ~]$ |
Quote:
| [ax_vaptlin@ip-172-31-44-212 ~]$ ansible linux -m user -a "name=ax_vaptlin update_password=always password={{ newpassword|password_hash('sha512') }}" -b --extra-vars "newpassword=mypassword" -k SSH password: 172.31.14.1 | FAILED! => { "msg": "Missing sudo password" } |