What was the last official release that worked for you? Also, are there any other ansible.cfg settings you've changed from their defaults?
On Thu, Mar 20, 2014 at 10:11 AM, Makimoto Marakatti <[email protected]>wrote: > By the way, I did forget to mention that I tried to give a passwordless > sudo access to the 'ansible' user. > And did not work. Got the same output. > Which leads me to think that sudo does not get called properly. > Just speculating thou.... > > > On Thursday, 20 March 2014 14:35:19 UTC, Makimoto Marakatti wrote: >> >> For the record I do have this on ansible.cfg: >> >> remote_tmp = /tmp >> >> >> On Thursday, 20 March 2014 14:34:06 UTC, Makimoto Marakatti wrote: >>> >>> Hi >>> >>> Pipelining is most definitely on. The speed advantage is great. I tried >>> disabling it and see, but the end result is the same. >>> >>> with pipelining on: >>> >>> $ ansible commando -sKom ping -vvvv >>> >>> sudo password: >>> <commando> ESTABLISH CONNECTION FOR USER: ansible >>> <commando> REMOTE_MODULE ping >>> <commando> EXEC ['ssh', '-C', '-vvv', '-o', 'PasswordAuthentication=no', >>> '-o', 'ControlMaster=auto', '-o', 'ControlPath=~/tmp/ansible- >>> ssh-%h-%p-%r', '-o', 'Port=22', '-o', 'KbdInteractiveAuthentication=no', >>> '-o', 'PreferredAuthentications=gssapi-with-mic,gssapi-keyex, >>> hostbased,publickey', '-o', 'PasswordAuthentication=no', '-o', >>> 'ConnectTimeout=30', 'commando', '/bin/sh -c \'sudo -k && sudo -H -S -p >>> "[sudo via ansible, key=eitjzleioedwxwlkwhlcyyraqeqvqzxk] password: " >>> -u root /bin/sh -c \'"\'"\'echo SUDO-SUCCESS- >>> eitjzleioedwxwlkwhlcyyraqeqvqzxk; /usr/bin/python\'"\'"\'\''] >>> EXEC previous known host file not found for commando >>> commando | FAILED => ssh connection closed waiting for sudo or su >>> password prompt >>> >>> >>> >>> without pipelining: >>> >>> $ ansible commando -sKom ping -vvvvv >>> sudo password: >>> <commando> ESTABLISH CONNECTION FOR USER: ansible >>> <commando> REMOTE_MODULE ping >>> <commando> EXEC ['ssh', '-C', '-tt', '-vvv', '-o', >>> 'PasswordAuthentication=no', '-o', 'ControlMaster=auto', '-o', >>> 'ControlPath=~/tmp/ansible-ssh-%h-%p-%r', '-o', 'Port=22', '-o', >>> 'KbdInteractiveAuthentication=no', '-o', 'PreferredAuthentications= >>> gssapi-with-mic,gssapi-keyex,hostbased,publickey', '-o', >>> 'PasswordAuthentication=no', '-o', 'ConnectTimeout=30', 'commando', "/bin/sh >>> -c 'mkdir -p /tmp/ansible-tmp-1395325848.27-139028944178673 && chmod >>> a+rx /tmp/ansible-tmp-1395325848.27-139028944178673 && echo >>> /tmp/ansible-tmp-1395325848.27-139028944178673'"] >>> EXEC previous known host file not found for commando >>> commando | FAILED => Authentication or permission failure. In some >>> cases, you may have been able to authenticate and did not have >>> permissions on the remote directory. Consider changing the remote temp >>> path in ansible.cfg to a path rooted in "/tmp". Failed command was:mkdir >>> -p /tmp/ansible-tmp-1395325848.27-139028944178673 && chmod a+rx /tmp/ >>> ansible-tmp-1395325848.27-139028944178673 && echo /tmp/ansible-tmp- >>> 1395325848.27-139028944178673, exited with result 1: mkdir: cannot >>> create directory `/tmp/ansible-tmp-1395325848.27-139028944178673': >>> Permission denied >>> >>> >>> >>> >>> On Thursday, 20 March 2014 14:29:07 UTC, Matt Martz wrote: >>>> >>>> Makimoto, >>>> >>>> Have you enabled 'pipelining = True' in your ansible.cfg file? >>>> >>>> If so, this is potentially the cause. Regardless, it would be nice to >>>> see the output of ansible -vvvv as that would help identify if pipelining >>>> is being used or not, or any other potential issues. >>>> >>>> -- >>>> Matt Martz >>>> [email protected] >>>> >>>> On March 20, 2014 at 9:05:26 AM, Makimoto Marakatti ([email protected]) >>>> wrote: >>>> >>>> >>>> Hi all >>>> >>>> I had few sudo issues in the past, and those got solved. Now after >>>> updating to latest release (1.5.3) the problem has resurfaced again. >>>> My master box has an ansible user. Which connects through ssh certs and >>>> has sudo rights to root on each of the remote boxes. >>>> I've got 62 boxes that are failing if I sudo to them with ansible. >>>> Those 62 are a mixture to rhel/centos 5.?/6.? 32/64. Nothing in common. >>>> Examples below are shown using a single box. >>>> >>>> So if I do not use sudo, it works: >>>> >>>> $ ansible commando -om ping >>>> commando | success >> {"changed": false, "ping": "pong"} >>>> >>>> Now with sudo: >>>> >>>> $ ansible commando -sKom ping >>>> sudo password: >>>> commando | FAILED => ssh connection closed waiting for sudo or su >>>> password prompt >>>> >>>> and yet: >>>> >>>> $ ssh commando >>>> Last login: Thu Mar 20 12:02:12 2014 from ansible_master.passmark.net >>>> [ansible@commando ~]$ sudo su - >>>> [sudo] password for ansible: >>>> [root@commando ~]# id >>>> uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6 >>>> (disk),10(wheel) >>>> >>>> I actually updated to dev as I was told that my previous sudo issues >>>> had been solved in the dev branch. Unfortunately no difference. (It got rid >>>> of the nagging "previous host file not found" message thou) >>>> >>>> Any help to try to clear this issue for once and for all would be very >>>> welcome indeed. >>>> >>>> Thanks >>>> >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "Ansible Project" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> To post to this group, send email to [email protected]. >>>> To view this discussion on the web visit https://groups.google.com/d/ >>>> msgid/ansible-project/74e9609c-e50e-46ea-8d34- >>>> ae331d47f52e%40googlegroups.com<https://groups.google.com/d/msgid/ansible-project/74e9609c-e50e-46ea-8d34-ae331d47f52e%40googlegroups.com?utm_medium=email&utm_source=footer> >>>> . >>>> For more options, visit https://groups.google.com/d/optout. >>>> >>>> -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/ed4c47a9-ec1f-4256-9bfc-4d45a54bfa5f%40googlegroups.com<https://groups.google.com/d/msgid/ansible-project/ed4c47a9-ec1f-4256-9bfc-4d45a54bfa5f%40googlegroups.com?utm_medium=email&utm_source=footer> > . > > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAFg%2Bn8Q%3DCm9dD4APCeTj%3DWyDMMhL5zHZQejGWj%3DyS87FAsO-hA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
