For issuing commands to linux
ansible -m command -a "uname -a" localhost -u cyruslab -k
-mis the module
-ais the arguments, in this case we are issuing linux command
-uis the username
-kis ask for password
localhostis the ip address or hostname or the group name, the target device has to be included in the inventory file else ansible will reject even if the ip address/hostname exists
The result looks like this:
Privilege escalation with ansible
On this example, I want to use ansible to do this
chmod 777 and also
chown cyruslab:cyruslab /tmp/test.
ansible -m file -a "dest=/tmp/test mode=777 owner=cyruslab group=cyruslab" --become --become-method=sudo --become-user=root localhost -K
-mis the module, on file management the file module is used
-ais the argument, file module requires more arguments, mode is the file mode such as 777, 666, 644, 744, owner is the owner you want to change to, group is the group you want to change to.
--becomeis to indicate privilege escalation is required
--become-methodis the method to escalate privilege, on linux it has
sudoon cisco it has
--become-useris the privilege user you want to escalate to, on linux
sudois to become a root.
localhost, this can be hostname, ip address or a group specified within the inventory file
-K, not that this is a capital K which means ask for become password, in linux this is the