Let's say something like this is being returned.
TASK [Gathering Facts]
fatal: [server1.example.com]: FAILED! => {"msg": "Missing sudo password"}
I got this when attempting to connect to a target server as john.doe.
ansible-playbook testing.yml --inventory server1.example.com, --user john.doe
Almost always, this is due to the user (john.doe) not having sudo permission to run certain commands, and is typically resolved by "becoming" root or "becoming" a user that has sudo permission to the command that is returning "Missing sudo password". If you are not familiar with "become", check out my article Ansible - Understanding Become Privilege Escalation.
- Ansible - become command line (--become --become-user --become-method --ask-become-pass --become-flags)
- Use the become parameters in a playbook
- Use the become connection variables (uncommon)
- Use the become directives in ansible.cfg (very uncommon)
However, notice is this example that "Missing sudo password" is being returned when Gathering Facts, thus there wasn't a task being run that required "become". When I happened up this, I found that the user (john.doe) did not exist on the target server. The id command returned "no such user".
[root@server1 ~]# id john.doe
id: ‘john.doe’: no such user
And directory /home/john.doe did not exist.
~]# ls -l /home
drwx------. 3 root root 18 Feb 8 12:20 root
I used the useradd command to create john.doe user account on the target server.
[root@server1 ~]# useradd john.doe
Also, on the target server, there was a group named ansible_admins that had NOPASSWD sudo permissions.
~]# cat /etc/sudoers.d/ansible_admins
%ansible_admins ALL = (ALL) NOPASSWD: ALL
So I also used the usermod command to add john.doe to the ansible_admins group, granting john.doe NOPASSWD sudo.
[root@server1 ~]# usermod -aG ansible_admins john.doe
Did you find this article helpful?
If so, consider buying me a coffee over at