pytest-testinfra icon indicating copy to clipboard operation
pytest-testinfra copied to clipboard
verified publisher icon pytest-dev

Provide an example of how to use the ansible connection with sudo

Open erriapo opened this issue 7 years ago • 3 comments

I am unable to run the iptables functionality

def test_iptables_rules(host):
    rules = host.iptables.rules(table=u'filter', chain=u'INPUT')

How I invoke it

$ py.test-s --connection=ansible --ansible-inventory ./myhosts --hosts="agroup" mytest.py

In the same directory, I created ansible.cfg Note that I don't have ssh keys configured on the target hosts & I want the program to prompt for passwords i.e. using ssh-pass ?

[privilege_escalation]
become_ask_pass=True

[defaults]
remote_user=donaldtrump
ask_pass=True

The exception. Note that I had to hack the code to add the full path /sbin/iptables as the original code could not find the binary.

ansible.py                  62 INFO     RUN Ansible(u'shell', u'/sbin/iptables -t filter -S INPUT', {}): {'_ansible_no_log': False,
 '_ansible_parsed': True,
 'attempts': 1,
 u'changed': True,
 u'cmd': u'/sbin/iptables -t filter -S INPUT',
 u'delta': u'0:00:00.134311',
 u'end': u'2018-01-27 01:36:59.495112',
 u'invocation': {u'module_args': {u'_raw_params': u'/sbin/iptables -t filter -S INPUT',
                                  u'_uses_shell': True,
                                  u'chdir': None,
                                  u'creates': None,
                                  u'executable': None,
                                  u'removes': None,
                                  u'stdin': None,
                                  u'warn': True}},
 u'msg': u'non-zero return code',
 u'rc': 3,
 u'start': u'2018-01-27 01:36:59.360801',
 u'stderr': u"iptables v1.4.7: can't initialize iptables table `filter': Permission denied (you must be root)\nPerhaps iptables or your kernel needs to be upgraded.",
 'stderr_lines': [u"iptables v1.4.7: can't initialize iptables table `filter': Permission denied (you must be root)",
                  u'Perhaps iptables or your kernel needs to be upgraded.'],
 u'stdout': u'',
 'stdout_lines': []}
base.py                    241 INFO     RUN CommandResult(command=u'/sbin/iptables -t filter -S INPUT', exit_status=3, stdout=u'', stderr=u"iptables v1.4.7: can't initialize iptables table `filter': Permission denied (you must be root)\nPerhaps iptables or your kernel needs to be upgraded.")

I am using ansible 2.5.0 (devel dcc05093db) last updated 2018/01/11 16:00:37 (GMT -700)

$ pip freeze
ansible==2.5.0
attrs==17.4.0
ecdsa==0.13
funcsigs==1.0.2
Jinja2==2.10
MarkupSafe==1.0
paramiko==1.17.1
pluggy==0.6.0
py==1.5.2
pycrypto==2.6.1
pytest==3.3.2
PyYAML==3.12
six==1.11.0
testinfra==1.10.1

erriapo avatar Jan 27 '18 01:01 erriapo

Hi @erriapo,

I think this might help you :) https://testinfra.readthedocs.io/en/latest/modules.html#sudo

MCyprien avatar Feb 13 '18 10:02 MCyprien

Given https://github.com/philpep/testinfra/issues/285#issuecomment-365219564, I think this can be closed.

decentral1se avatar May 29 '19 09:05 decentral1se

hi how to make a sudo with escalation privilege ?

sudo su - postgres

spham avatar Sep 03 '22 07:09 spham