sesu – CA Privileged Access Manager

New in version 2.8.

Synopsis

  • This become plugins allows your remote/login user to execute commands as another user via the sesu utility.

Parameters

Parameter Choices/Defaults Configuration Comments
become_exe
-
Default:
"sesu"
ini entries:

[privilege_escalation]
become_exe = sesu

[sesu_become_plugin]
executable = sesu

env:ANSIBLE_BECOME_EXE
env:ANSIBLE_SESU_EXE
var: ansible_become_exe
var: ansible_sesu_exe
sesu executable
become_flags
-
Default:
"-H -S -n"
ini entries:

[privilege_escalation]
become_flags = -H -S -n

[sesu_become_plugin]
flags = -H -S -n

env:ANSIBLE_BECOME_FLAGS
env:ANSIBLE_SESU_FLAGS
var: ansible_become_flags
var: ansible_sesu_flags
Options to pass to sesu
become_pass
-
ini entries:

[sesu_become_plugin]
password = VALUE

env:ANSIBLE_BECOME_PASS
env:ANSIBLE_SESU_PASS
var: ansible_become_password
var: ansible_become_pass
var: ansible_sesu_pass
Password to pass to sesu
become_user
-
ini entries:

[privilege_escalation]
become_user = VALUE

[sesu_become_plugin]
user = VALUE

env:ANSIBLE_BECOME_USER
env:ANSIBLE_SESU_USER
var: ansible_become_user
var: ansible_sesu_user
User you 'become' to execute the task

Status

Authors

  • ansible (@nekonyuu)

Hint

If you notice any issues in this documentation, you can edit this document to improve it.

Hint

Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up.