Privilege escalation errors - Ansible troubleshooting

Privilege escalation errors are one of the most common Ansible problems. In a live Playbook, we are going to troubleshoot starting from the error message. We are going to investigate the root cause of the problem and fix it.

Today we're going to talk about Ansible troubleshooting and specifically about privilege escalation errors.

I'm Luca Berton and welcome to today's episode of Ansible Pilot.

It happens when the connection user Ansible doesn't have the permission to perform the operation. The solution is simply to switch to the user with administrative rights. In Ansible you perform this operation enabling the become statement.

Behind the scenes Ansible is connecting to the target host using the normal user, switching to the administrative user and then executing the playbook code.

The standard privilege escalation method is sudo but more are available for example su, pfexec, doas, pbrun, dzdo, ksu, runas, machinectl, Centrify, etc.

Links

[Understanding privilege escalation: become](https://docs.ansible.com/ansible/latest/user_guide/become.html)

## Playbook

The best way of talking about Ansible troubleshooting is to jump in a live Playbook to show you practically the privilege escalation error and how to solve it!

error

``yaml


---
name: yum module Playbook
  hosts: all
  become: false
  tasks:
    - name: install package
      yum:
        name: git
        state: present

fix

`yaml


---
name: yum module Playbook
  hosts: all
  become: true
  tasks:
    - name: install package
      yum:
        name: git
        state: present

Now you know better how to troubleshoot the most common Ansible error about privilege escalation.