Hi, did anybody read my message?
Regards Stefan Am 17.04.2017 um 18:13 schrieb Stefan Klatt: > Hi > > from ansible 1.9 till 2.2.2.0 on centos 7 privilege escalation works > really fine. I could access a server with a non privileged user and a > ssh key authentication and use as last step the privilege escalation > with su. > > But with 2.3 I found this doesn't work any more. > The ssh connection to the server works, I see the server accepts the > public key for user "ansible", but after this ansible tries to do the > privilege escalation to user root and hangs. I think it waits for the > password. If I start the last code manual, it asks for it as the next step. > > Other point: > Ansible ignores the host configuration for become and become_method if I > don't set them at ansible.cfg. > > Paramiko doesn't work too. I tried it, same effect. There I have > additionally the problem that paramiko has it's own key storage and > stops (no input possible to the quest if want to add the key) if the key > is not there (I know the option "host_key_auto_add"). > I think the handling should be optimized. > > ansible.cfg (all other options after this are remarked): > > [privilege_escalation] > become=True > #become_method=sudo > become_method=su > #become_user=root > #become_ask_pass=False > > host configuration: > > ansible_become: yes > ansible_become_user: root > ansible_become_pass: XXXXX > ansible_become_methode: su > ansible_connection: ssh > > > here the logs: > > [root@ansible host_vars]# ansible kronos.cac.local -m ping -vvvvv > Using /etc/ansible/ansible.cfg as config file > Loading callback plugin minimal of type stdout, v2.0 from > /usr/lib/python2.7/site-packages/ansible/plugins/callback/__init__.pyc > META: ran handlers > Using module file > /usr/lib/python2.7/site-packages/ansible/modules/system/ping.py > <kronos.cac.local> ESTABLISH SSH CONNECTION FOR USER: ansible > <kronos.cac.local> SSH: ansible.cfg set ssh_args: > (-C)(-o)(ControlMaster=auto)(-o)(ControlPersist=60s) > <kronos.cac.local> SSH: ansible_password/ansible_ssh_pass not set: > (-o)(KbdInteractiveAuthentication=no)(-o)(PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey)(-o)(PasswordAuthentication=no) > <kronos.cac.local> SSH: > ANSIBLE_REMOTE_USER/remote_user/ansible_user/user/-u set: (-o)(User=ansible) > <kronos.cac.local> SSH: ANSIBLE_TIMEOUT/timeout set: (-o)(ConnectTimeout=10) > <kronos.cac.local> SSH: PlayContext set ssh_common_args: () > <kronos.cac.local> SSH: PlayContext set ssh_extra_args: () > <kronos.cac.local> SSH: found only ControlPersist; added ControlPath: > (-o)(ControlPath=/root/.ansible/cp/25edd394cf) > <kronos.cac.local> SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o > ControlPersist=60s -o KbdInteractiveAuthentication=no -o > PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey > -o PasswordAuthentication=no -o User=ansible -o ConnectTimeout=10 -o > ControlPath=/root/.ansible/cp/25edd394cf kronos.cac.local '/bin/sh -c > '"'"'echo ~ && sleep 0'"'"'' > <kronos.cac.local> (0, '/home/ansible\n', 'OpenSSH_6.6.1, OpenSSL > 1.0.1e-fips 11 Feb 2013\r\ndebug1: Reading configuration data > /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 56: Applying > options for *\r\ndebug1: auto-mux: Trying existing master\r\ndebug1: > Control socket "/root/.ansible/cp/25edd394cf" does not exist\r\ndebug2: > ssh_connect: needpriv 0\r\ndebug1: Connecting to kronos.cac.local > [192.168.76.22] port 22.\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug1: > fd 3 clearing O_NONBLOCK\r\ndebug1: Connection established.\r\ndebug3: > timeout: 10000 ms remain after connect\r\ndebug1: permanently_set_uid: > 0/0\r\ndebug3: Incorrect RSA1 identifier\r\ndebug3: Could not load > "/root/.ssh/id_rsa" as a RSA1 public key\r\ndebug1: identity file > /root/.ssh/id_rsa type 1\r\ndebug1: > identity file /root/.ssh/id_rsa-cert type -1\r\ndebug1: identity file > /root/.ssh/id_dsa type -1\r\ndebug1: identity file > /root/.ssh/id_dsa-cert type -1\r\ndebug1: identity file > /root/.ssh/id_ecdsa type -1\r\ndebug1: identity file > /root/.ssh/id_ecdsa-cert type -1\r\ndebug1: identity file > /root/.ssh/id_ed25519 type -1\r\ndebug1: identity file > /root/.ssh/id_ed25519-cert type -1\r\ndebug1: Enabling compatibility > mode for protocol 2.0\r\ndebug1: Local version string > SSH-2.0-OpenSSH_6.6.1\r\ndebug1: Remote protocol version 2.0, remote > software version OpenSSH_6.6.1\r\ndebug1: match: OpenSSH_6.6.1 pat > OpenSSH_6.6.1* compat 0x04000000\r\ndebug2: fd 3 setting > O_NONBLOCK\r\ndebug3: load_hostkeys: loading entries for host > "kronos.cac.local" from file "/root/.ssh/known_hosts"\r\ndebug3: > load_hostkeys: found key type ECDSA in file > /root/.ssh/known_hosts:13\r\ndebug3: load_hostkeys: loaded 1 > keys\r\ndebug3: order_hostkeyalgs: prefer hostkeyalgs: > [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521\r\ndebug1: > SSH2_MSG_KEXINIT sent\r\ndebug1: SSH2_MSG_KEXINIT received\r\ndebug2: > kex_parse_kexinit: > [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1\r\ndebug2: > kex_parse_kexinit: > [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected],[email protected],[email protected],[email protected],ssh-ed25519,ssh-rsa,ssh-dss\r\ndebug2: > kex_parse_kexinit: > aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]\r\ndebug2: > kex_parse_kexinit: > aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]\r\ndebug2: > kex_parse_kexinit: > [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96\r\ndebug2: > kex_parse_kexinit: > [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96\r\ndebug2: > kex_parse_kexinit: [email protected],zlib,none\r\ndebug2: > kex_parse_kexinit: [email protected],zlib,none\r\ndebug2: > kex_parse_kexinit: \r\ndebug2: kex_parse_kexinit: \r\ndebug2: > kex_parse_kexinit: first_kex_follows 0 \r\ndebug2: kex_parse_kexinit: > reserved 0 \r\ndebug2: kex_parse_kexinit: > [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1\r\ndebug2: > kex_parse_kexinit: ssh-rsa,ecdsa-sha2-nistp256\r\ndebug2: > kex_parse_kexinit: > aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]\r\ndebug2: > kex_parse_kexinit: > aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected]\r\ndebug2: > kex_parse_kexinit: > [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96\r\ndebug2: > kex_parse_kexinit: > [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-md5,hmac-sha1,[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96\r\ndebug2: > kex_parse_kexinit: none,[email protected]\r\ndebug2: kex_parse_kexinit: > none,[email protected]\r\ndebug2: kex_parse_kexinit: \r\ndebug2: > kex_parse_kexinit: \r\ndebug2: kex_parse_kexinit: first_kex_follows 0 > \r\ndebug2: kex_parse_kexinit: reserved 0 \r\ndebug2: mac_setup: setup > [email protected]\r\ndebug1: kex: server->client aes128-ctr > [email protected] [email protected]\r\ndebug2: mac_setup: setup > [email protected]\r\ndebug1: kex: client->server aes128-ctr > [email protected] [email protected]\r\ndebug1: kex: > [email protected] need=16 dh_need=16\r\ndebug1: kex: > [email protected] need=16 dh_need=16\r\ndebug1: sending > SSH2_MSG_KEX_ECDH_INIT\r\ndebug1: expecting > SSH2_MSG_KEX_ECDH_REPLY\r\ndebug1: Server host key: ECDSA > XX:XX:XX:XX:XX:XX:XX:XX:XX:XX\r\ndebug3: load_hostkeys: loading entries > for host "kronos.cac.local" from file > "/root/.ssh/known_hosts"\r\ndebug3: load_hostkeys: found > key type ECDSA in file /root/.ssh/known_hosts:13\r\ndebug3: > load_hostkeys: loaded 1 keys\r\ndebug3: load_hostkeys: loading entries > for host "192.168.76.22" from file "/root/.ssh/known_hosts"\r\ndebug3: > load_hostkeys: found key type ECDSA in file > /root/.ssh/known_hosts:3\r\ndebug3: load_hostkeys: loaded 1 > keys\r\ndebug1: Host \'kronos.cac.local\' is known and matches the ECDSA > host key.\r\ndebug1: Found key in /root/.ssh/known_hosts:13\r\ndebug1: > ssh_ecdsa_verify: signature correct\r\ndebug2: kex_derive_keys\r\ndebug2: > set_newkeys: mode 1\r\ndebug1: SSH2_MSG_NEWKEYS sent\r\ndebug1: > expecting SSH2_MSG_NEWKEYS\r\ndebug2: set_newkeys: mode 0\r\ndebug1: > SSH2_MSG_NEWKEYS received\r\ndebug1: SSH2_MSG_SERVICE_REQUEST > sent\r\ndebug2: service_accept: ssh-userauth\r\ndebug1: > SSH2_MSG_SERVICE_ACCEPT received\r\ndebug2: key: /root/.ssh/id_rsa > (0x7f6c8c9e4f30),\r\ndebug2: key: /root/.ssh/id_dsa ((nil)),\r\ndebug2: > key: /root/.ssh/id_ecdsa ((nil)),\r\ndebug2: key: /root/.ssh/id_ed25519 > ((nil)),\r\ndebug1: Authentications that can continue: > publickey,gssapi-keyex,gssapi-with-mic,password\r\ndebug3: start over, > passed a different list > publickey,gssapi-keyex,gssapi-with-mic,password\r\ndebug3: preferred > gssapi-with-mic,gssapi-keyex,hostbased,publickey\r\ndebug3: > authmethod_lookup gssapi-with-mic\r\ndebug3: > remaining preferred: gssapi-keyex,hostbased,publickey\r\ndebug3: > authmethod_is_enabled gssapi-with-mic\r\ndebug1: Next authentication > method: gssapi-with-mic\r\ndebug1: Unspecified GSS failure. Minor code > may provide more information\nNo Kerberos credentials available (default > cache: KEYRING:persistent:0)\n\r\ndebug1: Unspecified GSS failure. > Minor code may provide more information\nNo Kerberos credentials > available (default cache: KEYRING:persistent:0)\n\r\ndebug2: we did not > send a packet, disable method\r\ndebug3: authmethod_lookup > gssapi-keyex\r\ndebug3: remaining preferred: > hostbased,publickey\r\ndebug3: authmethod_is_enabled > gssapi-keyex\r\ndebug1: Next authentication method: > gssapi-keyex\r\ndebug1: No valid Key exchange context\r\ndebug2: we did > not send a packet, disable method\r\ndebug3: authmethod_lookup > publickey\r\ndebug3: remaining preferred: ,publickey\r\ndebug3: > authmethod_is_enabled publickey\r\ndebug1: Next authentication method: > publickey\r\ndebug1: Offering RSA public key: > /root/.ssh/id_rsa\r\ndebug3: send_pubkey_test\r\ndebug2: we sent a > publickey packet, wait for reply\r\ndebug1: Server accepts key: pkalg > ssh-rsa blen 279\r\ndebug2: input_userauth_pk_ok: fp > be:f1:a1:1c:0f:fb:3a:ff:f2:7a:80:8e:d9:94:7c:a0\r\ndebug3: > sign_and_send_pubkey: RSA XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX\r\ndebug1: > key_parse_private2: missing begin marker\r\ndebug1: read PEM private key > done: type RSA\r\ndebug1: Enabling compression at level 6.\r\ndebug1: > Authentication succeeded (publickey).\r\nAuthenticated to > kronos.cac.local ([192.168.76.22]:22).\r\ndebug1: setting up multiplex > master socket\r\ndebug3: muxserver_listen: temporary control path > /root/.ansible/cp/25edd394cf.zeNNJ0Eut3wdd1A6\r\ndebug2: fd 4 setting > O_NONBLOCK\r\ndebug3: fd 4 is O_NONBLOCK\r\ndebug3: fd 4 is > O_NONBLOCK\r\ndebug1: channel 0: new > [/root/.ansible/cp/25edd394cf]\r\ndebug3: muxserver_listen: mux listener > channel 0 fd 4\r\ndebug2: fd 3 setting TCP_NODELAY\r\ndebug3: > packet_set_tos: set IP_TOS 0x08\r\ndebug1: control_persist_detach: > backgrounding master process\r\ndebug2: control_persist_detach: > background process is 20385\r\ndebug2: fd 4 setting > O_NONBLOCK\r\ndebug1: forking to background\r\ndebug1: Entering > interactive session.\r\ndebug2: set_control_persist_exit_time: schedule > exit in 60 seconds\r\ndebug1: multiplexing control connection\r\ndebug2: > fd 5 setting O_NONBLOCK\r\ndebug3: fd 5 is O_NONBLOCK\r\ndebug1: channel > 1: new [mux-control]\r\ndebug3: channel_post_mux_listener: new mux > channel 1 fd 5\r\ndebug3: mux_master_read_cb: channel 1: hello > sent\r\ndebug2: set_control_persist_exit_time: cancel scheduled > exit\r\ndebug3: mux_master_read_cb: channel 1 packet type 0x00000001 len > 4\r\ndebug2: process_mux_master_hello: channel 1 slave version > 4\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: > mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: > mux_client_request_session: entering\r\ndebug3: > mux_client_request_alive: entering\r\ndebug3: mux_master_read_cb: > channel 1 packet type 0x10000004 len 4\r\ndebug2: > process_mux_alive_check: channel 1: alive check\r\ndebug3: > mux_client_request_alive: done pid = 20387\r\ndebug3: > mux_client_request_session: session request sent\r\ndebug3: > mux_master_read_cb: channel 1 packet type 0x10000002 len 91\r\ndebug2: > process_mux_new_session: channel 1: request tty 0, X 0, agent 0, subsys > 0, term "xterm", cmd "/bin/sh -c \'echo ~ && sleep 0\'", env > 1\r\ndebug3: process_mux_new_session: got fds stdin 6, stdout 7, stderr > 8\r\ndebug2: fd 7 setting O_NONBLOCK\r\ndebug2: fd 8 setting > O_NONBLOCK\r\ndebug1: channel 2: new [client-session]\r\ndebug2: > process_mux_new_session: channel_new: 2 linked to control channel > 1\r\ndebug2: channel 2: send open\r\ndebug2: callback start\r\ndebug2: > client_session2_setup: id 2\r\ndebug1: Sending environment.\r\ndebug1: > Sending env LANG = de_DE.UTF-8\r\ndebug2: channel 2: request env confirm > 0\r\ndebug1: Sending command: /bin/sh -c \'echo ~ && sleep > 0\'\r\ndebug2: channel 2: request exec confirm 1\r\ndebug3: > mux_session_confirm: sending success reply\r\ndebug2: callback > done\r\ndebug2: channel 2: open confirm rwindow 0 rmax 32768\r\ndebug1: > mux_client_request_session: master session id: 2\r\ndebug2: channel 2: > rcvd adjust 2097152\r\ndebug2: channel_input_status_confirm: > type 99 id 2\r\ndebug2: exec request accepted on channel 2\r\ndebug1: > client_input_channel_req: channel 2 rtype exit-status reply 0\r\ndebug3: > mux_exit_message: channel 2: exit message, exitval 0\r\ndebug1: > client_input_channel_req: channel 2 rtype [email protected] reply > 0\r\ndebug2: channel 2: rcvd eow\r\ndebug2: channel 2: > close_read\r\ndebug2: channel 2: input open -> closed\r\ndebug2: channel > 2: rcvd eof\r\ndebug2: channel 2: output open -> drain\r\ndebug2: > channel 2: obuf empty\r\ndebug2: channel 2: close_write\r\ndebug2: > channel 2: output drain -> closed\r\ndebug2: channel 2: rcvd > close\r\ndebug3: channel 2: will not send data after close\r\ndebug2: > channel 2: send close\r\ndebug2: channel 2: is dead\r\ndebug2: channel > 2: gc: notify user\r\ndebug3: mux_master_session_cleanup_cb: entering > for channel 2\r\ndebug2: channel 1: rcvd close\r\ndebug2: channel 1: > output open -> drain\r\ndebug2: channel 1: close_read\r\ndebug2: channel > 1: input open -> closed\r\ndebug2: channel 2: gc: user > detached\r\ndebug2: channel 2: is dead\r\ndebug2: channel 2: garbage > collecting\r\ndebug1: channel 2: free: client-session, nchannels > 3\r\ndebug3: channel 2: status: The following connections are open:\r\n > #2 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cc -1)\r\n\r\ndebug2: > channel 1: obuf empty\r\ndebug2: channel 1: close_write\r\ndebug2: > channel 1: output drain -> closed\r\ndebug2: channel 1: is dead > (local)\r\ndebug2: channel 1: gc: notify user\r\ndebug3: > mux_master_control_cleanup_cb: entering for channel 1\r\ndebug2: channel > 1: gc: user detached\r\ndebug2: channel 1: is dead (local)\r\ndebug2: > channel 1: garbage collecting\r\ndebug1: channel 1: free: mux-control, > nchannels 2\r\ndebug3: channel 1: status: The following connections are > open:\r\n\r\ndebug2: set_control_persist_exit_time: schedule exit in 60 > seconds\r\ndebug3: mux_client_read_packet: read header failed: Broken > pipe\r\ndebug2: Received exit status from master 0\r\n') > <kronos.cac.local> ESTABLISH SSH CONNECTION FOR USER: ansible > <kronos.cac.local> SSH: ansible.cfg set ssh_args: > (-C)(-o)(ControlMaster=auto)(-o)(ControlPersist=60s) > <kronos.cac.local> SSH: ansible_password/ansible_ssh_pass not set: > (-o)(KbdInteractiveAuthentication=no)(-o)(PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey)(-o)(PasswordAuthentication=no) > <kronos.cac.local> SSH: > ANSIBLE_REMOTE_USER/remote_user/ansible_user/user/-u set: (-o)(User=ansible) > <kronos.cac.local> SSH: ANSIBLE_TIMEOUT/timeout set: (-o)(ConnectTimeout=10) > <kronos.cac.local> SSH: PlayContext set ssh_common_args: () > <kronos.cac.local> SSH: PlayContext set ssh_extra_args: () > <kronos.cac.local> SSH: found only ControlPersist; added ControlPath: > (-o)(ControlPath=/root/.ansible/cp/25edd394cf) > <kronos.cac.local> SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o > ControlPersist=60s -o KbdInteractiveAuthentication=no -o > PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey > -o PasswordAuthentication=no -o User=ansible -o ConnectTimeout=10 -o > ControlPath=/root/.ansible/cp/25edd394cf kronos.cac.local '/bin/sh -c > '"'"'( umask 77 && mkdir -p "` echo > /home/ansible/.ansible/tmp/ansible-tmp-1492441677.22-196285430121983 `" > && echo ansible-tmp-1492441677.22-196285430121983="` echo > /home/ansible/.ansible/tmp/ansible-tmp-1492441677.22-196285430121983 `" > ) && sleep 0'"'"'' > <kronos.cac.local> (0, > 'ansible-tmp-1492441677.22-196285430121983=/home/ansible/.ansible/tmp/ansible-tmp-1492441677.22-196285430121983\n', > 'OpenSSH_6.6.1, OpenSSL 1.0.1e-fips 11 Feb 2013\r\ndebug1: Reading > configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config > line 56: Applying options for *\r\ndebug1: auto-mux: Trying existing > master\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug2: > mux_client_hello_exchange: master version 4\r\ndebug3: > mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: > mux_client_request_session: entering\r\ndebug3: > mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: > done pid = > 20387\r\ndebug3: mux_client_request_session: session request > sent\r\ndebug1: mux_client_request_session: master session id: > 2\r\ndebug3: mux_client_read_packet: read header failed: Broken > pipe\r\ndebug2: Received exit status from master 0\r\n') > <kronos.cac.local> PUT /tmp/tmpuQPp6j TO > /home/ansible/.ansible/tmp/ansible-tmp-1492441677.22-196285430121983/ping.py > <kronos.cac.local> SSH: ansible.cfg set ssh_args: > (-C)(-o)(ControlMaster=auto)(-o)(ControlPersist=60s) > <kronos.cac.local> SSH: ansible_password/ansible_ssh_pass not set: > (-o)(KbdInteractiveAuthentication=no)(-o)(PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey)(-o)(PasswordAuthentication=no) > <kronos.cac.local> SSH: > ANSIBLE_REMOTE_USER/remote_user/ansible_user/user/-u set: (-o)(User=ansible) > <kronos.cac.local> SSH: ANSIBLE_TIMEOUT/timeout set: (-o)(ConnectTimeout=10) > <kronos.cac.local> SSH: PlayContext set ssh_common_args: () > <kronos.cac.local> SSH: PlayContext set sftp_extra_args: () > <kronos.cac.local> SSH: found only ControlPersist; added ControlPath: > (-o)(ControlPath=/root/.ansible/cp/25edd394cf) > <kronos.cac.local> SSH: EXEC sftp -b - -vvv -C -o ControlMaster=auto -o > ControlPersist=60s -o KbdInteractiveAuthentication=no -o > PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey > -o PasswordAuthentication=no -o User=ansible -o ConnectTimeout=10 -o > ControlPath=/root/.ansible/cp/25edd394cf '[kronos.cac.local]' > <kronos.cac.local> (0, 'sftp> put /tmp/tmpuQPp6j > /home/ansible/.ansible/tmp/ansible-tmp-1492441677.22-196285430121983/ping.py\n', > 'OpenSSH_6.6.1, OpenSSL 1.0.1e-fips 11 Feb 2013\r\ndebug1: Reading > configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config > line 56: Applying options for *\r\ndebug1: auto-mux: Trying existing > master\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug2: > mux_client_hello_exchange: master version 4\r\ndebug3: > mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: > mux_client_request_session: entering\r\ndebug3: > mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: > done pid = 20387\r\ndebug3: mux_client_request_session: session request > sent\r\ndebug1: mux_client_request_session: master session id: > 2\r\ndebug2: Remote version: 3\r\ndebug2: Server supports extension > "[email protected]" revision 1\r\ndebug2: Server supports > extension "[email protected]" revision 2\r\ndebug2: Server supports > extension "[email protected]" revision 2\r\ndebug2: Server supports > extension "[email protected]" revision 1\r\ndebug2: Server supports > extension "[email protected]" revision 1\r\ndebug3: Sent message fd 6 > T:16 I:1\r\ndebug3: SSH_FXP_REALPATH . -> /home/ansible size > 0\r\ndebug3: Looking up /tmp/tmpuQPp6j\r\ndebug3: Sent message fd 6 T:17 > I:2\r\ndebug3: Received stat reply T:101 I:2\r\ndebug1: Couldn\'t stat > remote file: No such file or directory\r\ndebug3: Sent message > SSH2_FXP_OPEN I:3 > P:/home/ansible/.ansible/tmp/ansible-tmp-1492441677.22-196285430121983/ping.py\r\ndebug3: > Sent message SSH2_FXP_WRITE I:4 O:0 S:32768\r\ndebug3: SSH2_FXP_STATUS > 0\r\ndebug3: In write loop, ack for 4 32768 bytes at 0\r\ndebug3: Sent > message SSH2_FXP_WRITE I:5 O:32768 S:23147\r\ndebug3: SSH2_FXP_STATUS > 0\r\ndebug3: In write loop, ack for 5 23147 bytes at 32768\r\ndebug3: > Sent message SSH2_FXP_CLOSE I:4\r\ndebug3: SSH2_FXP_STATUS 0\r\ndebug3: > mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: > Received exit status from master 0\r\n') > <kronos.cac.local> ESTABLISH SSH CONNECTION FOR USER: ansible > <kronos.cac.local> SSH: ansible.cfg set ssh_args: > (-C)(-o)(ControlMaster=auto)(-o)(ControlPersist=60s) > <kronos.cac.local> SSH: ansible_password/ansible_ssh_pass not set: > (-o)(KbdInteractiveAuthentication=no)(-o)(PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey)(-o)(PasswordAuthentication=no) > <kronos.cac.local> SSH: > ANSIBLE_REMOTE_USER/remote_user/ansible_user/user/-u set: (-o)(User=ansible) > <kronos.cac.local> SSH: ANSIBLE_TIMEOUT/timeout set: (-o)(ConnectTimeout=10) > <kronos.cac.local> SSH: PlayContext set ssh_common_args: () > <kronos.cac.local> SSH: PlayContext set ssh_extra_args: () > <kronos.cac.local> SSH: found only ControlPersist; added ControlPath: > (-o)(ControlPath=/root/.ansible/cp/25edd394cf) > <kronos.cac.local> SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o > ControlPersist=60s -o KbdInteractiveAuthentication=no -o > PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey > -o PasswordAuthentication=no -o User=ansible -o ConnectTimeout=10 -o > ControlPath=/root/.ansible/cp/25edd394cf kronos.cac.local '/bin/sh -c > '"'"'chmod u+x > /home/ansible/.ansible/tmp/ansible-tmp-1492441677.22-196285430121983/ > /home/ansible/.ansible/tmp/ansible-tmp-1492441677.22-196285430121983/ping.py > && sleep 0'"'"'' > <kronos.cac.local> (0, '', 'OpenSSH_6.6.1, OpenSSL 1.0.1e-fips 11 Feb > 2013\r\ndebug1: Reading configuration data > /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 56: Applying > options for *\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd > 3 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master > version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, > 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: > mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: > done pid = 20387\r\ndebug3: mux_client_request_session: session request > sent\r\ndebug1: mux_client_request_session: master > session id: 2\r\ndebug3: mux_client_read_packet: read header failed: > Broken pipe\r\ndebug2: Received exit status from master 0\r\n') > <kronos.cac.local> ESTABLISH SSH CONNECTION FOR USER: ansible > <kronos.cac.local> SSH: ansible.cfg set ssh_args: > (-C)(-o)(ControlMaster=auto)(-o)(ControlPersist=60s) > <kronos.cac.local> SSH: ansible_password/ansible_ssh_pass not set: > (-o)(KbdInteractiveAuthentication=no)(-o)(PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey)(-o)(PasswordAuthentication=no) > <kronos.cac.local> SSH: > ANSIBLE_REMOTE_USER/remote_user/ansible_user/user/-u set: (-o)(User=ansible) > <kronos.cac.local> SSH: ANSIBLE_TIMEOUT/timeout set: (-o)(ConnectTimeout=10) > <kronos.cac.local> SSH: PlayContext set ssh_common_args: () > <kronos.cac.local> SSH: PlayContext set ssh_extra_args: () > <kronos.cac.local> SSH: found only ControlPersist; added ControlPath: > (-o)(ControlPath=/root/.ansible/cp/25edd394cf) > <kronos.cac.local> SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o > ControlPersist=60s -o KbdInteractiveAuthentication=no -o > PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey > -o PasswordAuthentication=no -o User=ansible -o ConnectTimeout=10 -o > ControlPath=/root/.ansible/cp/25edd394cf -tt kronos.cac.local '/bin/sh > -c '"'"'su -s /bin/sh root -c '"'"'"'"'"'"'"'"'/bin/sh -c > '"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'echo > BECOME-SUCCESS-anvbpadyrpgikywkipnzmenksbuoyblm; /usr/bin/python > /home/ansible/.ansible/tmp/ansible-tmp-1492441677.22-196285430121983/ping.py; > rm -rf > "/home/ansible/.ansible/tmp/ansible-tmp-1492441677.22-196285430121983/" >> /dev/null > 2>&1'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"''"'"'"'"'"'"'"'"' > && sleep 0'"'"'' > kronos.cac.local | FAILED! => { > "failed": true, > "msg": "Timeout (12s) waiting for privilege escalation prompt: " > } > > Regards > > Stefan > -- *CaC, Computer and Communication* Inhaber Stefan Klatt End-2-End Senior Network Consultant Triftstrasse 9 60528 Frankfurt Germany USt-IdNr.: DE260461592 Tel.: +49-(0)172-6807809 Tel.: +49-(0)69-67808-900 Fax: +49-(0)69-67808-837 Email: [email protected] Profil: http://www.cac-netzwerk.de/profil -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/c175ba74-8caa-3a74-afb6-f8f642ffe941%40cac-netzwerk.de. For more options, visit https://groups.google.com/d/optout.
smime.p7s
Description: S/MIME Cryptographic Signature
