[ansible-project] Re: I may find a bug in ansible 1.5

[qiu jiawei]

I make an pull request 
https://github.com/ansible/ansible/pull/7148

在 2014年4月24日星期四UTC+8下午2时24分48秒，qiu jiawei写道：
>
> Oh I find more infomation that the worng machine's user could sudo without 
> passwd.
>
> 在 2014年4月24日星期四UTC+8下午12时28分27秒，qiu jiawei写道：
>>
>> I run an simple ansible module unarchive in ansible-playbook.
>> the module look like below:
>>
>> - name: untar the psutil module
>>  sudo: yes
>>  unarchive: src=psutil-2.1.0.tar.gz dest=/tmp/
>>
>>
>> then, the stange thing happen.
>> it crash at one machine.
>>
>> failed: [hadoop4] => {"failed": true, "item": ""}
>> msg: dest '/tmp/' must be an existing dir
>>
>> absolutely,the dir must exist
>>
>>
>> After some debug, I found the bug is locate 
>> at ansible/runner/connection_plugins/ paramiko_ssh.py
>> def exec_command(self, cmd, tmp_path, sudo_user=None, sudoable=False, 
>> executable='/bin/sh', in_data=None, su=None, su_user=None):
>>     ....
>>             try:    
>>                 chan.exec_command(shcmd)
>>                 if self.runner.sudo_pass or self.runner.su_pass:
>>                     while not sudo_output.endswith(prompt) and 
>> success_key not in sudo_output:
>>                         chunk = chan.recv(bufsize)
>>                         if not chunk:
>>                             if 'unknown user' in sudo_output:
>>                                 raise errors.AnsibleError(
>>                                     'user %s does not exist' % sudo_user)
>>                             else:   
>>                                 raise errors.AnsibleError('ssh connection 
>> ' +
>>                                     'closed waiting for password prompt')
>>                         sudo_output += chunk
>>                         print "sudo_op"
>>                         print sudo_output
>>                         print "end"
>>                     if success_key not in sudo_output:
>>                         if sudoable:
>>                             chan.sendall(self.runner.sudo_pass + '\n') 
>>                         elif su:
>>                             chan.sendall(self.runner.su_pass + '\n') 
>>             except socket.timeout:
>>                 raise errors.AnsibleError('ssh timed out waiting for 
>> sudo.\n' + sudo_output)
>>
>>         stdout = ''.join(chan.makefile('rb', bufsize))
>>         stderr = ''.join(chan.makefile_stderr('rb', bufsize))
>>         print "stdout"
>>         print stdout
>>         print "stderr"
>>         print stderr
>>
>>
>> after i add some print out code,I get the result look like below:
>> correct machine:
>> make sudo cmd
>> /bin/sh -c 'sudo -k && sudo -H -S -p "[sudo via ansible, 
>> key=bbjyibguhjvfwaabbsfzxyenmjrwggts] password: " -u root /bin/sh -c 
>> '"'"'echo SUDO-SUCCESS-bbjyibguhjvfwaabbsfzxyenmjrwggts; rc=0; [ -r "/tmp/" 
>> ] || rc=2; [ -f "/tmp/" ] || rc=1; [ -d "/tmp/" ] && echo 3 && exit 0; 
>> (/usr/bin/md5sum /tmp/ 2>/dev/null) || (/sbin/md5sum -q /tmp/ 2>/dev/null) 
>> || (/usr/bin/digest -a md5 /tmp/ 2>/dev/null) || (/sbin/md5 -q /tmp/ 
>> 2>/dev/null) || (/usr/bin/md5 -n /tmp/ 2>/dev/null) || (/bin/md5 -q /tmp/ 
>> 2>/dev/null) || (/usr/bin/csum -h MD5 /tmp/ 2>/dev/null) || (/bin/csum -h 
>> MD5 /tmp/ 2>/dev/null) || (echo "${rc}  /tmp/")'"'"''
>> prompt
>> [sudo via ansible, key=bbjyibguhjvfwaabbsfzxyenmjrwggts] password: 
>> success_key
>> SUDO-SUCCESS-bbjyibguhjvfwaabbsfzxyenmjrwggts
>> sudo_op
>> [sudo via ansible, key=bbjyibguhjvfwaabbsfzxyenmjrwggts] password: 
>> end
>> stdout
>>
>> SUDO-SUCCESS-bbjyibguhjvfwaabbsfzxyenmjrwggts
>> 3
>>
>> stderr
>>
>>
>> SUDO-SUCCESS-bbjyibguhjvfwaabbsfzxyenmjrwggts
>> 3
>> the worng machine
>> make sudo cmd
>> /bin/sh -c 'sudo -k && sudo -H -S -p "[sudo via ansible, 
>> key=gvmwhrpunjinmzgbhpwhmnxnzmhyzupt] password: " -u root /bin/sh -c 
>> '"'"'echo SUDO-SUCCESS-gvmwhrpunjinmzgbhpwhmnxnzmhyzupt; rc=0; [ -r "/tmp/" 
>> ] || rc=2; [ -f "/tmp/" ] || rc=1; [ -d "/tmp/" ] && echo 3 && exit 0; 
>> (/usr/bin/md5sum /tmp/ 2>/dev/null) || (/sbin/md5sum -q /tmp/ 2>/dev/null) 
>> || (/usr/bin/digest -a md5 /tmp/ 2>/dev/null) || (/sbin/md5 -q /tmp/ 
>> 2>/dev/null) || (/usr/bin/md5 -n /tmp/ 2>/dev/null) || (/bin/md5 -q /tmp/ 
>> 2>/dev/null) || (/usr/bin/csum -h MD5 /tmp/ 2>/dev/null) || (/bin/csum -h 
>> MD5 /tmp/ 2>/dev/null) || (echo "${rc}  /tmp/")'"'"''
>> prompt
>> [sudo via ansible, key=gvmwhrpunjinmzgbhpwhmnxnzmhyzupt] password: 
>> success_key
>> SUDO-SUCCESS-gvmwhrpunjinmzgbhpwhmnxnzmhyzupt
>> sudo_op
>> SUDO-SUCCESS-gvmwhrpunjinmzgbhpwhmnxnzmhyzupt
>> 3
>>
>> end
>> stdout
>>
>> stderr
>>
>>
>> It look like the the stdout shoule add back the sudo_output??
>>
>> And I want to know is it possible to reset some config for the worng 
>> machine to work right.
>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/e9a79d30-6be4-4b57-bfa7-eb1f331ac0f5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.