I haven't been able to get doas on OpenBSD to work. Ansible is running on a
Linux Mint 17.3 host, and the remote host ("testhost") is OpenBSD 5.9,
fully patched. The remote host is connected via password-less ssh.
$ ansible --version
ansible 2.0.1.0
config file = /etc/ansible/ansible.cfg
configured module search path = Default w/o overrides
$ ansible testhost -i hosts -a "touch /testfile" --become
--become-method=doas --ask-become-pass
DOAS password:
testhost | FAILED | rc=0 >>
Timeout (12s) waiting for privilege escalation prompt:
This is the /etc/doas.conf on testhost
permit keepenv :wheel
Python version on testhost:
Python 2.7.11
Here it is again, this time with verbose output:
$ ansible -vvvv testhost -i hosts -a "touch /testfile" --become
--become-method=doas --ask-become-pass
Using /etc/ansible/ansible.cfg as config file
DOAS password:
Loaded callback minimal of type stdout, v2.0
<testhost> ESTABLISH SSH CONNECTION FOR USER: None
<testhost> SSH: EXEC ssh -C -vvv -o ControlMaster=auto -o
ControlPersist=60s -o KbdInteractiveAuthentication=no -o
PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey
-o PasswordAuthentication=no -o ConnectTimeout=10 -o
ControlPath=/home/me/.ansible/cp/ansible-ssh-%h-%p-%r -tt testhost '/bin/sh
-c '"'"'( umask 22 && mkdir -p "` echo
$HOME/.ansible/tmp/ansible-tmp-1464044553.85-229779171952967 `" && echo "`
echo $HOME/.ansible/tmp/ansible-tmp-1464044553.85-229779171952967 `" )'"'"''
<testhost> PUT /tmp/tmpgAeklK TO
/home/me/.ansible/tmp/ansible-tmp-1464044553.85-229779171952967/command
<testhost> SSH: EXEC sftp -b - -C -vvv -o ControlMaster=auto -o
ControlPersist=60s -o KbdInteractiveAuthentication=no -o
PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey
-o PasswordAuthentication=no -o ConnectTimeout=10 -o
ControlPath=/home/me/.ansible/cp/ansible-ssh-%h-%p-%r '[testhost]'
<testhost> ESTABLISH SSH CONNECTION FOR USER: None
<testhost> SSH: EXEC ssh -C -vvv -o ControlMaster=auto -o
ControlPersist=60s -o KbdInteractiveAuthentication=no -o
PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey
-o PasswordAuthentication=no -o ConnectTimeout=10 -o
ControlPath=/home/me/.ansible/cp/ansible-ssh-%h-%p-%r -tt testhost '/bin/sh
-c '"'"'doas -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo
BECOME-SUCCESS-ncepxastuenhdslngrhywykynqaiclzg; /bin/sh -c
'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'LANG=en_CA.UTF-8
LC_ALL=en_CA.UTF-8 LC_MESSAGES=en_CA.UTF-8 /usr/local/bin/python2.7
/home/me/.ansible/tmp/ansible-tmp-1464044553.85-229779171952967/command; rm
-rf "/home/me/.ansible/tmp/ansible-tmp-1464044553.85-229779171952967/" >
/dev/null
2>&1'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"''"'"'"'"'"'"'"'"''"'"''
testhost | FAILED | rc=0 >>
Timeout (12s) waiting for privilege escalation prompt:
I can get doas working with password-less root. Also, sudo works when
prompting for password, but I would prefer to not install sudo.
Am I doing something wrong?
Thank you.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/f304feac-a57c-437f-afa2-2d37504e0e83%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
