<p>特别感谢帮助我理解我做错了什么的<a href="https://galaxy.ansible.com/GROG/" rel="nofollow">GROG</a>。在</p>
<p>基本上,我是在以非根用户身份运行Ansible playbook时尝试做<code>root</code>作业。最后,我创建了以下<code>bootstrap.yml</code>,并使用以下命令运行它:</p>
<p><code>ansible-playbook ./bootstrap.yml -u root -k</code></p>
<p>这将以root用户身份运行playbook,并使用root密码提示符,创建用户并建立sudo和无密码访问</p>
<pre><code> -
# file: bootstrap.yml
# Execute once as root user to create a public key and install it to your client machine(s) using the following command
# ansible-playbook ./auth-client.yml -u root -k
# This requires you to install GROG.management-user role from the Ansible Galaxy using this command:
# ansible-galaxy install GROG.management-user
# Add pdo user on remote machines
- hosts: all
tasks:
- name: Add remote users
user: name=pdo group=users
# Generate SSK keys at the localhost for pde user
- hosts: localhost
tasks:
- name: Provision local pdo user
user: name=pdo generate_ssh_key=yes ssh_key_bits=2048 ssh_key_file=.ssh/id_rsa
# Install public key into remote machine
- hosts: all
vars:
authorized_key_list:
- name: pdo
authorized_keys:
- key: "{{ lookup('file', '/home/pdo/.ssh/id_rsa.pub') }}"
state: present
roles:
- { role: GROG.authorized-key }
# Add sudo privileges for pdo user
- hosts: all
roles:
- { role: GROG.sudo, become: yes }
</code></pre>