community.general.sesu – CA Privileged Access Manager

Note

This plugin is part of the community.general collection (version 4.2.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install community.general.

To use it in a playbook, specify: community.general.sesu.

Synopsis

  • This become plugins allows your remote/login user to execute commands as another user via the sesu utility.

Parameters

Parameter Choices/Defaults Configuration Comments
become_exe
string
Default:
"sesu"
ini entries:

[privilege_escalation]
become_exe = sesu

[sesu_become_plugin]
executable = sesu

env:ANSIBLE_BECOME_EXE
env:ANSIBLE_SESU_EXE
var: ansible_become_exe
var: ansible_sesu_exe
sesu executable
become_flags
string
Default:
"-H -S -n"
ini entries:

[privilege_escalation]
become_flags = -H -S -n

[sesu_become_plugin]
flags = -H -S -n

env:ANSIBLE_BECOME_FLAGS
env:ANSIBLE_SESU_FLAGS
var: ansible_become_flags
var: ansible_sesu_flags
Options to pass to sesu
become_pass
string
ini entries:

[sesu_become_plugin]
password = None

env:ANSIBLE_BECOME_PASS
env:ANSIBLE_SESU_PASS
var: ansible_become_password
var: ansible_become_pass
var: ansible_sesu_pass
Password to pass to sesu
become_user
string
Default:
""
ini entries:

[privilege_escalation]
become_user =

[sesu_become_plugin]
user =

env:ANSIBLE_BECOME_USER
env:ANSIBLE_SESU_USER
var: ansible_become_user
var: ansible_sesu_user
User you 'become' to execute the task

Authors

  • ansible (@nekonyuu)