that's a good point. haven't tried. Will try tomorrow at work and report back.
thanks! On Thursday, 20 March 2014 17:58:45 UTC, James Cammarata wrote: > > I see you've set you're setting the transport to ssh rather than smart, > when you're using EL 5/6, does the same issue occur if you set the > transport to paramiko or smart? > > > On Thu, Mar 20, 2014 at 11:25 AM, Makimoto Marakatti > <[email protected]<javascript:> > > wrote: > >> Hi >> >> Last working one was 1.5.1. >> And yes few changes to the cfg. Here the comments stripped version: >> >> [defaults] >> hostfile = /ansible/etc/hosts >> library = /usr/share/ansible >> remote_tmp = /tmp >> pattern = * >> forks = 5 >> poll_interval = 15 >> sudo_user = root >> transport = ssh >> remote_port = 22 >> connection = ssh >> timeout = 30 >> log_path = /ansible/log/ansible.log >> ansible_managed = Mantained by Ansible. Please refer to {host} to make >> changes in {file}. Direct edits to this file WILL BE overwritten. >> display_skipped_hosts = True >> error_on_undefined_vars = True >> action_plugins = /usr/share/ansible_plugins/action_plugins >> callback_plugins = /usr/share/ansible_plugins/callback_plugins >> connection_plugins = /usr/share/ansible_plugins/connection_plugins >> lookup_plugins = /usr/share/ansible_plugins/lookup_plugins >> vars_plugins = /usr/share/ansible_plugins/vars_plugins >> filter_plugins = /usr/share/ansible_plugins/filter_plugins >> [paramiko_connection] >> [ssh_connection] >> ssh_args = -o PasswordAuthentication=no -o ControlMaster=auto -o >> ControlPath=~/tmp/ansible-ssh-%h-%p-%r >> scp_if_ssh = True >> [accelerate] >> >> Normally pipelining is there also, but I just disabled it per advice on >> this thread. >> >> >> >> On Thursday, 20 March 2014 15:49:21 UTC, James Cammarata wrote: >> >>> What was the last official release that worked for you? Also, are there >>> any other ansible.cfg settings you've changed from their defaults? >>> >>> >>> On Thu, Mar 20, 2014 at 10:11 AM, Makimoto Marakatti >>> <[email protected]>wrote: >>> >>>> By the way, I did forget to mention that I tried to give a passwordless >>>> sudo access to the 'ansible' user. >>>> And did not work. Got the same output. >>>> Which leads me to think that sudo does not get called properly. >>>> Just speculating thou.... >>>> >>>> >>>> On Thursday, 20 March 2014 14:35:19 UTC, Makimoto Marakatti wrote: >>>>> >>>>> For the record I do have this on ansible.cfg: >>>>> >>>>> remote_tmp = /tmp >>>>> >>>>> >>>>> On Thursday, 20 March 2014 14:34:06 UTC, Makimoto Marakatti wrote: >>>>>> >>>>>> Hi >>>>>> >>>>>> Pipelining is most definitely on. The speed advantage is great. I >>>>>> tried disabling it and see, but the end result is the same. >>>>>> >>>>>> with pipelining on: >>>>>> >>>>>> $ ansible commando -sKom ping -vvvv >>>>>> >>>>>> sudo password: >>>>>> <commando> ESTABLISH CONNECTION FOR USER: ansible >>>>>> <commando> REMOTE_MODULE ping >>>>>> <commando> EXEC ['ssh', '-C', '-vvv', '-o', >>>>>> 'PasswordAuthentication=no', '-o', 'ControlMaster=auto', '-o', >>>>>> 'ControlPath=~/tmp/ansible-ssh-%h-%p-%r', '-o', 'Port=22', '-o', >>>>>> 'KbdInteractiveAuthentication=no', '-o', 'PreferredAuthentications= >>>>>> gssapi-with-mic,gssapi-keyex,hostbased,publickey', '-o', >>>>>> 'PasswordAuthentication=no', '-o', 'ConnectTimeout=30', 'commando', >>>>>> '/bin/sh >>>>>> -c \'sudo -k && sudo -H -S -p "[sudo via ansible, key= >>>>>> eitjzleioedwxwlkwhlcyyraqeqvqzxk] password: " -u root /bin/sh -c >>>>>> \'"\'"\'echo SUDO-SUCCESS-eitjzleioedwxwlkwhlcyyraqeqvqzxk; >>>>>> /usr/bin/python\'"\'"\'\''] >>>>>> EXEC previous known host file not found for commando >>>>>> commando | FAILED => ssh connection closed waiting for sudo or su >>>>>> password prompt >>>>>> >>>>>> >>>>>> >>>>>> without pipelining: >>>>>> >>>>>> $ ansible commando -sKom ping -vvvvv >>>>>> sudo password: >>>>>> <commando> ESTABLISH CONNECTION FOR USER: ansible >>>>>> <commando> REMOTE_MODULE ping >>>>>> <commando> EXEC ['ssh', '-C', '-tt', '-vvv', '-o', >>>>>> 'PasswordAuthentication=no', '-o', 'ControlMaster=auto', '-o', >>>>>> 'ControlPath=~/tmp/ansible-ssh-%h-%p-%r', '-o', 'Port=22', '-o', >>>>>> 'KbdInteractiveAuthentication=no', '-o', 'PreferredAuthentications= >>>>>> gssapi-with-mic,gssapi-keyex,hostbased,publickey', '-o', >>>>>> 'PasswordAuthentication=no', '-o', 'ConnectTimeout=30', 'commando', >>>>>> "/bin/sh >>>>>> -c 'mkdir -p /tmp/ansible-tmp-1395325848.27-139028944178673 && chmod >>>>>> a+rx /tmp/ansible-tmp-1395325848.27-139028944178673 && echo >>>>>> /tmp/ansible-tmp-1395325848.27-139028944178673'"] >>>>>> EXEC previous known host file not found for commando >>>>>> commando | FAILED => Authentication or permission failure. In some >>>>>> cases, you may have been able to authenticate and did not have >>>>>> permissions on the remote directory. Consider changing the remote >>>>>> temp path in ansible.cfg to a path rooted in "/tmp". Failed command >>>>>> was: mkdir -p /tmp/ansible-tmp-1395325848.27-139028944178673 &&chmod a >>>>>> +rx /tmp/ansible-tmp-1395325848.27-139028944178673 && echo /tmp/ >>>>>> ansible-tmp-1395325848.27-139028944178673, exited with result 1:mkdir >>>>>> : cannot create directory >>>>>> `/tmp/ansible-tmp-1395325848.27-139028944178673': >>>>>> Permission denied >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> On Thursday, 20 March 2014 14:29:07 UTC, Matt Martz wrote: >>>>>>> >>>>>>> Makimoto, >>>>>>> >>>>>>> Have you enabled 'pipelining = True' in your ansible.cfg file? >>>>>>> >>>>>>> If so, this is potentially the cause. Regardless, it would be nice >>>>>>> to see the output of ansible -vvvv as that would help identify if >>>>>>> pipelining is being used or not, or any other potential issues. >>>>>>> >>>>>>> -- >>>>>>> Matt Martz >>>>>>> [email protected] >>>>>>> >>>>>>> On March 20, 2014 at 9:05:26 AM, Makimoto Marakatti ( >>>>>>> [email protected]) wrote: >>>>>>> >>>>>>> >>>>>>> Hi all >>>>>>> >>>>>>> I had few sudo issues in the past, and those got solved. Now after >>>>>>> updating to latest release (1.5.3) the problem has resurfaced again. >>>>>>> My master box has an ansible user. Which connects through ssh certs >>>>>>> and has sudo rights to root on each of the remote boxes. >>>>>>> I've got 62 boxes that are failing if I sudo to them with ansible. >>>>>>> Those 62 are a mixture to rhel/centos 5.?/6.? 32/64. Nothing in common. >>>>>>> Examples below are shown using a single box. >>>>>>> >>>>>>> So if I do not use sudo, it works: >>>>>>> >>>>>>> $ ansible commando -om ping >>>>>>> commando | success >> {"changed": false, "ping": "pong"} >>>>>>> >>>>>>> Now with sudo: >>>>>>> >>>>>>> $ ansible commando -sKom ping >>>>>>> sudo password: >>>>>>> commando | FAILED => ssh connection closed waiting for sudo or su >>>>>>> password prompt >>>>>>> >>>>>>> and yet: >>>>>>> >>>>>>> $ ssh commando >>>>>>> Last login: Thu Mar 20 12:02:12 2014 from ansible_master.passmark. >>>>>>> net >>>>>>> [ansible@commando ~]$ sudo su - >>>>>>> [sudo] password for ansible: >>>>>>> [root@commando ~]# id >>>>>>> uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm >>>>>>> ),6(disk),10(wheel) >>>>>>> >>>>>>> I actually updated to dev as I was told that my previous sudo issues >>>>>>> had been solved in the dev branch. Unfortunately no difference. (It got >>>>>>> rid >>>>>>> of the nagging "previous host file not found" message thou) >>>>>>> >>>>>>> Any help to try to clear this issue for once and for all would be >>>>>>> very welcome indeed. >>>>>>> >>>>>>> Thanks >>>>>>> >>>>>>> -- >>>>>>> You received this message because you are subscribed to the Google >>>>>>> Groups "Ansible Project" group. >>>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>>> send an email to [email protected]. >>>>>>> To post to this group, send email to [email protected]. >>>>>>> To view this discussion on the web visit >>>>>>> https://groups.google.com/d/msgid/ansible-project/74e9609c- >>>>>>> e50e-46ea-8d34-ae331d47f52e%40googlegroups.com<https://groups.google.com/d/msgid/ansible-project/74e9609c-e50e-46ea-8d34-ae331d47f52e%40googlegroups.com?utm_medium=email&utm_source=footer> >>>>>>> . >>>>>>> For more options, visit https://groups.google.com/d/optout. >>>>>>> >>>>>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "Ansible Project" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> To post to this group, send email to [email protected]. >>>> To view this discussion on the web visit https://groups.google.com/d/ >>>> msgid/ansible-project/ed4c47a9-ec1f-4256-9bfc- >>>> 4d45a54bfa5f%40googlegroups.com<https://groups.google.com/d/msgid/ansible-project/ed4c47a9-ec1f-4256-9bfc-4d45a54bfa5f%40googlegroups.com?utm_medium=email&utm_source=footer> >>>> . >>>> >>>> For more options, visit https://groups.google.com/d/optout. >>>> >>> >>> > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/d93b0675-2d57-475f-b945-598f6fee0f21%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
