Hi Matt, thanks for this information. Version 2.3.0.0 isn't usable for me without this function.
Other point I mentioned is Ansible ignores the host configuration for become and become_method if I don't set them at ansible.cfg. What about this? I thought a host variable overwrites default configuration variables? Should "ansible_become" and "ansible_become_methode" defined at host level overwrite "become" and "become_methode" defined at ansible.cfg? Regards Stefan Am 19.04.2017 um 22:57 schrieb Matt Martz: > This was recently resolved > in https://github.com/ansible/ansible/pull/23710 and will be included > in an eventual 2.3.1 release. > > On Wed, Apr 19, 2017 at 3:29 PM, Stefan Klatt > <[email protected] <mailto:[email protected]>> > wrote: > > Hi, > > did anybody read my message? > > Regards > > Stefan > > Am 17.04.2017 um 18:13 schrieb Stefan Klatt: > > Hi > > > > from ansible 1.9 till 2.2.2.0 on centos 7 privilege escalation works > > really fine. I could access a server with a non privileged user > and a > > ssh key authentication and use as last step the privilege escalation > > with su. > > > > But with 2.3 I found this doesn't work any more. > > The ssh connection to the server works, I see the server accepts the > > public key for user "ansible", but after this ansible tries to > do the > > privilege escalation to user root and hangs. I think it waits > for the > > password. If I start the last code manual, it asks for it as the > next step. > > > > Other point: > > Ansible ignores the host configuration for become and > become_method if I > > don't set them at ansible.cfg. > > > > Paramiko doesn't work too. I tried it, same effect. There I have > > additionally the problem that paramiko has it's own key storage and > > stops (no input possible to the quest if want to add the key) if > the key > > is not there (I know the option "host_key_auto_add"). > > I think the handling should be optimized. > > > > ansible.cfg (all other options after this are remarked): > > > > [privilege_escalation] > > become=True > > #become_method=sudo > > become_method=su > > #become_user=root > > #become_ask_pass=False > > > > host configuration: > > > > ansible_become: yes > > ansible_become_user: root > > ansible_become_pass: XXXXX > > ansible_become_methode: su > > ansible_connection: ssh > > > > > > here the logs: > > > > [root@ansible host_vars]# ansible kronos.cac.local -m ping -vvvvv > > Using /etc/ansible/ansible.cfg as config file > > Loading callback plugin minimal of type stdout, v2.0 from > > > /usr/lib/python2.7/site-packages/ansible/plugins/callback/__init__.pyc > > META: ran handlers > > Using module file > > /usr/lib/python2.7/site-packages/ansible/modules/system/ping.py > > <kronos.cac.local> ESTABLISH SSH CONNECTION FOR USER: ansible > > <kronos.cac.local> SSH: ansible.cfg set ssh_args: > > (-C)(-o)(ControlMaster=auto)(-o)(ControlPersist=60s) > > <kronos.cac.local> SSH: ansible_password/ansible_ssh_pass not set: > > > > (-o)(KbdInteractiveAuthentication=no)(-o)(PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey)(-o)(PasswordAuthentication=no) > > <kronos.cac.local> SSH: > > ANSIBLE_REMOTE_USER/remote_user/ansible_user/user/-u set: > (-o)(User=ansible) > > <kronos.cac.local> SSH: ANSIBLE_TIMEOUT/timeout set: > (-o)(ConnectTimeout=10) > > <kronos.cac.local> SSH: PlayContext set ssh_common_args: () > > <kronos.cac.local> SSH: PlayContext set ssh_extra_args: () > > <kronos.cac.local> SSH: found only ControlPersist; added > ControlPath: > > (-o)(ControlPath=/root/.ansible/cp/25edd394cf) > > <kronos.cac.local> SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o > > ControlPersist=60s -o KbdInteractiveAuthentication=no -o > > > PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey > > -o PasswordAuthentication=no -o User=ansible -o ConnectTimeout=10 -o > > ControlPath=/root/.ansible/cp/25edd394cf kronos.cac.local > '/bin/sh -c > > '"'"'echo ~ && sleep 0'"'"'' > > <kronos.cac.local> (0, '/home/ansible\n', 'OpenSSH_6.6.1, OpenSSL > > 1.0.1e-fips 11 Feb 2013\r\ndebug1: Reading configuration data > > /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 56: Applying > > options for *\r\ndebug1: auto-mux: Trying existing master\r\ndebug1: > > Control socket "/root/.ansible/cp/25edd394cf" does not > exist\r\ndebug2: > > ssh_connect: needpriv 0\r\ndebug1: Connecting to kronos.cac.local > > [192.168.76.22] port 22.\r\ndebug2: fd 3 setting > O_NONBLOCK\r\ndebug1: > > fd 3 clearing O_NONBLOCK\r\ndebug1: Connection > established.\r\ndebug3: > > timeout: 10000 ms remain after connect\r\ndebug1: > permanently_set_uid: > > 0/0\r\ndebug3: Incorrect RSA1 identifier\r\ndebug3: Could not load > > "/root/.ssh/id_rsa" as a RSA1 public key\r\ndebug1: identity file > > /root/.ssh/id_rsa type 1\r\ndebug1: > > identity file /root/.ssh/id_rsa-cert type -1\r\ndebug1: identity > file > > /root/.ssh/id_dsa type -1\r\ndebug1: identity file > > /root/.ssh/id_dsa-cert type -1\r\ndebug1: identity file > > /root/.ssh/id_ecdsa type -1\r\ndebug1: identity file > > /root/.ssh/id_ecdsa-cert type -1\r\ndebug1: identity file > > /root/.ssh/id_ed25519 type -1\r\ndebug1: identity file > > /root/.ssh/id_ed25519-cert type -1\r\ndebug1: Enabling compatibility > > mode for protocol 2.0\r\ndebug1: Local version string > > SSH-2.0-OpenSSH_6.6.1\r\ndebug1: Remote protocol version 2.0, remote > > software version OpenSSH_6.6.1\r\ndebug1: match: OpenSSH_6.6.1 pat > > OpenSSH_6.6.1* compat 0x04000000\r\ndebug2: fd 3 setting > > O_NONBLOCK\r\ndebug3: load_hostkeys: loading entries for host > > "kronos.cac.local" from file "/root/.ssh/known_hosts"\r\ndebug3: > > load_hostkeys: found key type ECDSA in file > > /root/.ssh/known_hosts:13\r\ndebug3: load_hostkeys: loaded 1 > > keys\r\ndebug3: order_hostkeyalgs: prefer hostkeyalgs: > > [email protected] > > <mailto:[email protected]>,[email protected] > > <mailto:[email protected]>,[email protected] > > <mailto:[email protected]>,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521\r\ndebug1: > > SSH2_MSG_KEXINIT sent\r\ndebug1: SSH2_MSG_KEXINIT > received\r\ndebug2: > > kex_parse_kexinit: > > [email protected] > > <mailto:[email protected]>,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1\r\ndebug2: > > kex_parse_kexinit: > > [email protected] > > <mailto:[email protected]>,[email protected] > > <mailto:[email protected]>,[email protected] > > <mailto:[email protected]>,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > > <mailto:[email protected]>,ssh-ed25519,ssh-rsa,ssh-dss\r\ndebug2: > > kex_parse_kexinit: > > > > aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > > <mailto:[email protected]>,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] > <mailto:[email protected]>\r\ndebug2: > > kex_parse_kexinit: > > > > aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > > <mailto:[email protected]>,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] > <mailto:[email protected]>\r\ndebug2: > > kex_parse_kexinit: > > [email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > > <mailto:[email protected]>,hmac-md5,hmac-sha1,[email protected] > <mailto:[email protected]>,[email protected] > > <mailto:[email protected]>,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected] > <mailto:[email protected]>,hmac-sha1-96,hmac-md5-96\r\ndebug2: > > kex_parse_kexinit: > > [email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > > <mailto:[email protected]>,hmac-md5,hmac-sha1,[email protected] > <mailto:[email protected]>,[email protected] > > <mailto:[email protected]>,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected] > <mailto:[email protected]>,hmac-sha1-96,hmac-md5-96\r\ndebug2: > > kex_parse_kexinit: [email protected] > <mailto:[email protected]>,zlib,none\r\ndebug2: > > kex_parse_kexinit: [email protected] > <mailto:[email protected]>,zlib,none\r\ndebug2: > > kex_parse_kexinit: \r\ndebug2: kex_parse_kexinit: \r\ndebug2: > > kex_parse_kexinit: first_kex_follows 0 \r\ndebug2: > kex_parse_kexinit: > > reserved 0 \r\ndebug2: kex_parse_kexinit: > > [email protected] > > <mailto:[email protected]>,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1\r\ndebug2: > > kex_parse_kexinit: ssh-rsa,ecdsa-sha2-nistp256\r\ndebug2: > > kex_parse_kexinit: > > > > aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > > <mailto:[email protected]>,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] > <mailto:[email protected]>\r\ndebug2: > > kex_parse_kexinit: > > > > aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > > <mailto:[email protected]>,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] > <mailto:[email protected]>\r\ndebug2: > > kex_parse_kexinit: > > [email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > > <mailto:[email protected]>,hmac-md5,hmac-sha1,[email protected] > <mailto:[email protected]>,[email protected] > > <mailto:[email protected]>,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected] > <mailto:[email protected]>,hmac-sha1-96,hmac-md5-96\r\ndebug2: > > kex_parse_kexinit: > > [email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > <mailto:[email protected]>,[email protected] > > <mailto:[email protected]>,hmac-md5,hmac-sha1,[email protected] > <mailto:[email protected]>,[email protected] > > <mailto:[email protected]>,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[email protected] > <mailto:[email protected]>,hmac-sha1-96,hmac-md5-96\r\ndebug2: > > kex_parse_kexinit: none,[email protected] > <mailto:[email protected]>\r\ndebug2: kex_parse_kexinit: > > none,[email protected] <mailto:[email protected]>\r\ndebug2: > kex_parse_kexinit: \r\ndebug2: > > kex_parse_kexinit: \r\ndebug2: kex_parse_kexinit: > first_kex_follows 0 > > \r\ndebug2: kex_parse_kexinit: reserved 0 \r\ndebug2: mac_setup: > setup > > [email protected] > <mailto:[email protected]>\r\ndebug1: kex: server->client > aes128-ctr > > [email protected] <mailto:[email protected]> > [email protected] <mailto:[email protected]>\r\ndebug2: mac_setup: setup > > [email protected] > <mailto:[email protected]>\r\ndebug1: kex: client->server > aes128-ctr > > [email protected] <mailto:[email protected]> > [email protected] <mailto:[email protected]>\r\ndebug1: kex: > > [email protected] > <mailto:[email protected]> need=16 > dh_need=16\r\ndebug1: kex: > > [email protected] > <mailto:[email protected]> need=16 > dh_need=16\r\ndebug1: sending > > SSH2_MSG_KEX_ECDH_INIT\r\ndebug1: expecting > > SSH2_MSG_KEX_ECDH_REPLY\r\ndebug1: Server host key: ECDSA > > XX:XX:XX:XX:XX:XX:XX:XX:XX:XX\r\ndebug3: load_hostkeys: loading > entries > > for host "kronos.cac.local" from file > > "/root/.ssh/known_hosts"\r\ndebug3: load_hostkeys: found > > key type ECDSA in file /root/.ssh/known_hosts:13\r\ndebug3: > > load_hostkeys: loaded 1 keys\r\ndebug3: load_hostkeys: loading > entries > > for host "192.168.76.22" from file > "/root/.ssh/known_hosts"\r\ndebug3: > > load_hostkeys: found key type ECDSA in file > > /root/.ssh/known_hosts:3\r\ndebug3: load_hostkeys: loaded 1 > > keys\r\ndebug1: Host \'kronos.cac.local\' is known and matches > the ECDSA > > host key.\r\ndebug1: Found key in > /root/.ssh/known_hosts:13\r\ndebug1: > > ssh_ecdsa_verify: signature correct\r\ndebug2: > kex_derive_keys\r\ndebug2: > > set_newkeys: mode 1\r\ndebug1: SSH2_MSG_NEWKEYS sent\r\ndebug1: > > expecting SSH2_MSG_NEWKEYS\r\ndebug2: set_newkeys: mode 0\r\ndebug1: > > SSH2_MSG_NEWKEYS received\r\ndebug1: SSH2_MSG_SERVICE_REQUEST > > sent\r\ndebug2: service_accept: ssh-userauth\r\ndebug1: > > SSH2_MSG_SERVICE_ACCEPT received\r\ndebug2: key: /root/.ssh/id_rsa > > (0x7f6c8c9e4f30),\r\ndebug2: key: /root/.ssh/id_dsa > ((nil)),\r\ndebug2: > > key: /root/.ssh/id_ecdsa ((nil)),\r\ndebug2: key: > /root/.ssh/id_ed25519 > > ((nil)),\r\ndebug1: Authentications that can continue: > > publickey,gssapi-keyex,gssapi-with-mic,password\r\ndebug3: start > over, > > passed a different list > > publickey,gssapi-keyex,gssapi-with-mic,password\r\ndebug3: preferred > > gssapi-with-mic,gssapi-keyex,hostbased,publickey\r\ndebug3: > > authmethod_lookup gssapi-with-mic\r\ndebug3: > > remaining preferred: gssapi-keyex,hostbased,publickey\r\ndebug3: > > authmethod_is_enabled gssapi-with-mic\r\ndebug1: Next authentication > > method: gssapi-with-mic\r\ndebug1: Unspecified GSS failure. > Minor code > > may provide more information\nNo Kerberos credentials available > (default > > cache: KEYRING:persistent:0)\n\r\ndebug1: Unspecified GSS failure. > > Minor code may provide more information\nNo Kerberos credentials > > available (default cache: KEYRING:persistent:0)\n\r\ndebug2: we > did not > > send a packet, disable method\r\ndebug3: authmethod_lookup > > gssapi-keyex\r\ndebug3: remaining preferred: > > hostbased,publickey\r\ndebug3: authmethod_is_enabled > > gssapi-keyex\r\ndebug1: Next authentication method: > > gssapi-keyex\r\ndebug1: No valid Key exchange context\r\ndebug2: > we did > > not send a packet, disable method\r\ndebug3: authmethod_lookup > > publickey\r\ndebug3: remaining preferred: ,publickey\r\ndebug3: > > authmethod_is_enabled publickey\r\ndebug1: Next authentication > method: > > publickey\r\ndebug1: Offering RSA public key: > > /root/.ssh/id_rsa\r\ndebug3: send_pubkey_test\r\ndebug2: we sent a > > publickey packet, wait for reply\r\ndebug1: Server accepts key: > pkalg > > ssh-rsa blen 279\r\ndebug2: input_userauth_pk_ok: fp > > be:f1:a1:1c:0f:fb:3a:ff:f2:7a:80:8e:d9:94:7c:a0\r\ndebug3: > > sign_and_send_pubkey: RSA > XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX\r\ndebug1: > > key_parse_private2: missing begin marker\r\ndebug1: read PEM > private key > > done: type RSA\r\ndebug1: Enabling compression at level > 6.\r\ndebug1: > > Authentication succeeded (publickey).\r\nAuthenticated to > > kronos.cac.local ([192.168.76.22]:22).\r\ndebug1: setting up > multiplex > > master socket\r\ndebug3: muxserver_listen: temporary control path > > /root/.ansible/cp/25edd394cf.zeNNJ0Eut3wdd1A6\r\ndebug2: fd 4 > setting > > O_NONBLOCK\r\ndebug3: fd 4 is O_NONBLOCK\r\ndebug3: fd 4 is > > O_NONBLOCK\r\ndebug1: channel 0: new > > [/root/.ansible/cp/25edd394cf]\r\ndebug3: muxserver_listen: mux > listener > > channel 0 fd 4\r\ndebug2: fd 3 setting TCP_NODELAY\r\ndebug3: > > packet_set_tos: set IP_TOS 0x08\r\ndebug1: control_persist_detach: > > backgrounding master process\r\ndebug2: control_persist_detach: > > background process is 20385\r\ndebug2: fd 4 setting > > O_NONBLOCK\r\ndebug1: forking to background\r\ndebug1: Entering > > interactive session.\r\ndebug2: set_control_persist_exit_time: > schedule > > exit in 60 seconds\r\ndebug1: multiplexing control > connection\r\ndebug2: > > fd 5 setting O_NONBLOCK\r\ndebug3: fd 5 is O_NONBLOCK\r\ndebug1: > channel > > 1: new [mux-control]\r\ndebug3: channel_post_mux_listener: new mux > > channel 1 fd 5\r\ndebug3: mux_master_read_cb: channel 1: hello > > sent\r\ndebug2: set_control_persist_exit_time: cancel scheduled > > exit\r\ndebug3: mux_master_read_cb: channel 1 packet type > 0x00000001 len > > 4\r\ndebug2: process_mux_master_hello: channel 1 slave version > > 4\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: > > mux_client_forwards: request forwardings: 0 local, 0 > remote\r\ndebug3: > > mux_client_request_session: entering\r\ndebug3: > > mux_client_request_alive: entering\r\ndebug3: mux_master_read_cb: > > channel 1 packet type 0x10000004 len 4\r\ndebug2: > > process_mux_alive_check: channel 1: alive check\r\ndebug3: > > mux_client_request_alive: done pid = 20387\r\ndebug3: > > mux_client_request_session: session request sent\r\ndebug3: > > mux_master_read_cb: channel 1 packet type 0x10000002 len > 91\r\ndebug2: > > process_mux_new_session: channel 1: request tty 0, X 0, agent 0, > subsys > > 0, term "xterm", cmd "/bin/sh -c \'echo ~ && sleep 0\'", env > > 1\r\ndebug3: process_mux_new_session: got fds stdin 6, stdout 7, > stderr > > 8\r\ndebug2: fd 7 setting O_NONBLOCK\r\ndebug2: fd 8 setting > > O_NONBLOCK\r\ndebug1: channel 2: new [client-session]\r\ndebug2: > > process_mux_new_session: channel_new: 2 linked to control channel > > 1\r\ndebug2: channel 2: send open\r\ndebug2: callback > start\r\ndebug2: > > client_session2_setup: id 2\r\ndebug1: Sending > environment.\r\ndebug1: > > Sending env LANG = de_DE.UTF-8\r\ndebug2: channel 2: request env > confirm > > 0\r\ndebug1: Sending command: /bin/sh -c \'echo ~ && sleep > > 0\'\r\ndebug2: channel 2: request exec confirm 1\r\ndebug3: > > mux_session_confirm: sending success reply\r\ndebug2: callback > > done\r\ndebug2: channel 2: open confirm rwindow 0 rmax > 32768\r\ndebug1: > > mux_client_request_session: master session id: 2\r\ndebug2: > channel 2: > > rcvd adjust 2097152\r\ndebug2: channel_input_status_confirm: > > type 99 id 2\r\ndebug2: exec request accepted on channel > 2\r\ndebug1: > > client_input_channel_req: channel 2 rtype exit-status reply > 0\r\ndebug3: > > mux_exit_message: channel 2: exit message, exitval 0\r\ndebug1: > > client_input_channel_req: channel 2 rtype [email protected] > <mailto:[email protected]> reply > > 0\r\ndebug2: channel 2: rcvd eow\r\ndebug2: channel 2: > > close_read\r\ndebug2: channel 2: input open -> closed\r\ndebug2: > channel > > 2: rcvd eof\r\ndebug2: channel 2: output open -> drain\r\ndebug2: > > channel 2: obuf empty\r\ndebug2: channel 2: close_write\r\ndebug2: > > channel 2: output drain -> closed\r\ndebug2: channel 2: rcvd > > close\r\ndebug3: channel 2: will not send data after > close\r\ndebug2: > > channel 2: send close\r\ndebug2: channel 2: is dead\r\ndebug2: > channel > > 2: gc: notify user\r\ndebug3: mux_master_session_cleanup_cb: > entering > > for channel 2\r\ndebug2: channel 1: rcvd close\r\ndebug2: channel 1: > > output open -> drain\r\ndebug2: channel 1: close_read\r\ndebug2: > channel > > 1: input open -> closed\r\ndebug2: channel 2: gc: user > > detached\r\ndebug2: channel 2: is dead\r\ndebug2: channel 2: garbage > > collecting\r\ndebug1: channel 2: free: client-session, nchannels > > 3\r\ndebug3: channel 2: status: The following connections are > open:\r\n > > #2 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cc -1)\r\n\r\ndebug2: > > channel 1: obuf empty\r\ndebug2: channel 1: close_write\r\ndebug2: > > channel 1: output drain -> closed\r\ndebug2: channel 1: is dead > > (local)\r\ndebug2: channel 1: gc: notify user\r\ndebug3: > > mux_master_control_cleanup_cb: entering for channel 1\r\ndebug2: > channel > > 1: gc: user detached\r\ndebug2: channel 1: is dead > (local)\r\ndebug2: > > channel 1: garbage collecting\r\ndebug1: channel 1: free: > mux-control, > > nchannels 2\r\ndebug3: channel 1: status: The following > connections are > > open:\r\n\r\ndebug2: set_control_persist_exit_time: schedule > exit in 60 > > seconds\r\ndebug3: mux_client_read_packet: read header failed: > Broken > > pipe\r\ndebug2: Received exit status from master 0\r\n') > > <kronos.cac.local> ESTABLISH SSH CONNECTION FOR USER: ansible > > <kronos.cac.local> SSH: ansible.cfg set ssh_args: > > (-C)(-o)(ControlMaster=auto)(-o)(ControlPersist=60s) > > <kronos.cac.local> SSH: ansible_password/ansible_ssh_pass not set: > > > > (-o)(KbdInteractiveAuthentication=no)(-o)(PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey)(-o)(PasswordAuthentication=no) > > <kronos.cac.local> SSH: > > ANSIBLE_REMOTE_USER/remote_user/ansible_user/user/-u set: > (-o)(User=ansible) > > <kronos.cac.local> SSH: ANSIBLE_TIMEOUT/timeout set: > (-o)(ConnectTimeout=10) > > <kronos.cac.local> SSH: PlayContext set ssh_common_args: () > > <kronos.cac.local> SSH: PlayContext set ssh_extra_args: () > > <kronos.cac.local> SSH: found only ControlPersist; added > ControlPath: > > (-o)(ControlPath=/root/.ansible/cp/25edd394cf) > > <kronos.cac.local> SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o > > ControlPersist=60s -o KbdInteractiveAuthentication=no -o > > > PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey > > -o PasswordAuthentication=no -o User=ansible -o ConnectTimeout=10 -o > > ControlPath=/root/.ansible/cp/25edd394cf kronos.cac.local > '/bin/sh -c > > '"'"'( umask 77 && mkdir -p "` echo > > > /home/ansible/.ansible/tmp/ansible-tmp-1492441677.22-196285430121983 > `" > > && echo ansible-tmp-1492441677.22-196285430121983="` echo > > > /home/ansible/.ansible/tmp/ansible-tmp-1492441677.22-196285430121983 > `" > > ) && sleep 0'"'"'' > > <kronos.cac.local> (0, > > > > 'ansible-tmp-1492441677.22-196285430121983=/home/ansible/.ansible/tmp/ansible-tmp-1492441677.22-196285430121983\n', > > 'OpenSSH_6.6.1, OpenSSL 1.0.1e-fips 11 Feb 2013\r\ndebug1: Reading > > configuration data /etc/ssh/ssh_config\r\ndebug1: > /etc/ssh/ssh_config > > line 56: Applying options for *\r\ndebug1: auto-mux: Trying existing > > master\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug2: > > mux_client_hello_exchange: master version 4\r\ndebug3: > > mux_client_forwards: request forwardings: 0 local, 0 > remote\r\ndebug3: > > mux_client_request_session: entering\r\ndebug3: > > mux_client_request_alive: entering\r\ndebug3: > mux_client_request_alive: > > done pid = > > 20387\r\ndebug3: mux_client_request_session: session request > > sent\r\ndebug1: mux_client_request_session: master session id: > > 2\r\ndebug3: mux_client_read_packet: read header failed: Broken > > pipe\r\ndebug2: Received exit status from master 0\r\n') > > <kronos.cac.local> PUT /tmp/tmpuQPp6j TO > > > > /home/ansible/.ansible/tmp/ansible-tmp-1492441677.22-196285430121983/ping.py > > <kronos.cac.local> SSH: ansible.cfg set ssh_args: > > (-C)(-o)(ControlMaster=auto)(-o)(ControlPersist=60s) > > <kronos.cac.local> SSH: ansible_password/ansible_ssh_pass not set: > > > > (-o)(KbdInteractiveAuthentication=no)(-o)(PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey)(-o)(PasswordAuthentication=no) > > <kronos.cac.local> SSH: > > ANSIBLE_REMOTE_USER/remote_user/ansible_user/user/-u set: > (-o)(User=ansible) > > <kronos.cac.local> SSH: ANSIBLE_TIMEOUT/timeout set: > (-o)(ConnectTimeout=10) > > <kronos.cac.local> SSH: PlayContext set ssh_common_args: () > > <kronos.cac.local> SSH: PlayContext set sftp_extra_args: () > > <kronos.cac.local> SSH: found only ControlPersist; added > ControlPath: > > (-o)(ControlPath=/root/.ansible/cp/25edd394cf) > > <kronos.cac.local> SSH: EXEC sftp -b - -vvv -C -o > ControlMaster=auto -o > > ControlPersist=60s -o KbdInteractiveAuthentication=no -o > > > PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey > > -o PasswordAuthentication=no -o User=ansible -o ConnectTimeout=10 -o > > ControlPath=/root/.ansible/cp/25edd394cf '[kronos.cac.local]' > > <kronos.cac.local> (0, 'sftp> put /tmp/tmpuQPp6j > > > > /home/ansible/.ansible/tmp/ansible-tmp-1492441677.22-196285430121983/ping.py\n', > > 'OpenSSH_6.6.1, OpenSSL 1.0.1e-fips 11 Feb 2013\r\ndebug1: Reading > > configuration data /etc/ssh/ssh_config\r\ndebug1: > /etc/ssh/ssh_config > > line 56: Applying options for *\r\ndebug1: auto-mux: Trying existing > > master\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug2: > > mux_client_hello_exchange: master version 4\r\ndebug3: > > mux_client_forwards: request forwardings: 0 local, 0 > remote\r\ndebug3: > > mux_client_request_session: entering\r\ndebug3: > > mux_client_request_alive: entering\r\ndebug3: > mux_client_request_alive: > > done pid = 20387\r\ndebug3: mux_client_request_session: session > request > > sent\r\ndebug1: mux_client_request_session: master session id: > > 2\r\ndebug2: Remote version: 3\r\ndebug2: Server supports extension > > "[email protected] <mailto:[email protected]>" > revision 1\r\ndebug2: Server supports > > extension "[email protected] <mailto:[email protected]>" > revision 2\r\ndebug2: Server supports > > extension "[email protected] <mailto:[email protected]>" > revision 2\r\ndebug2: Server supports > > extension "[email protected] <mailto:[email protected]>" > revision 1\r\ndebug2: Server supports > > extension "[email protected] <mailto:[email protected]>" > revision 1\r\ndebug3: Sent message fd 6 > > T:16 I:1\r\ndebug3: SSH_FXP_REALPATH . -> /home/ansible size > > 0\r\ndebug3: Looking up /tmp/tmpuQPp6j\r\ndebug3: Sent message > fd 6 T:17 > > I:2\r\ndebug3: Received stat reply T:101 I:2\r\ndebug1: > Couldn\'t stat > > remote file: No such file or directory\r\ndebug3: Sent message > > SSH2_FXP_OPEN I:3 > > > > P:/home/ansible/.ansible/tmp/ansible-tmp-1492441677.22-196285430121983/ping.py\r\ndebug3: > > Sent message SSH2_FXP_WRITE I:4 O:0 S:32768\r\ndebug3: > SSH2_FXP_STATUS > > 0\r\ndebug3: In write loop, ack for 4 32768 bytes at > 0\r\ndebug3: Sent > > message SSH2_FXP_WRITE I:5 O:32768 S:23147\r\ndebug3: > SSH2_FXP_STATUS > > 0\r\ndebug3: In write loop, ack for 5 23147 bytes at > 32768\r\ndebug3: > > Sent message SSH2_FXP_CLOSE I:4\r\ndebug3: SSH2_FXP_STATUS > 0\r\ndebug3: > > mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: > > Received exit status from master 0\r\n') > > <kronos.cac.local> ESTABLISH SSH CONNECTION FOR USER: ansible > > <kronos.cac.local> SSH: ansible.cfg set ssh_args: > > (-C)(-o)(ControlMaster=auto)(-o)(ControlPersist=60s) > > <kronos.cac.local> SSH: ansible_password/ansible_ssh_pass not set: > > > > (-o)(KbdInteractiveAuthentication=no)(-o)(PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey)(-o)(PasswordAuthentication=no) > > <kronos.cac.local> SSH: > > ANSIBLE_REMOTE_USER/remote_user/ansible_user/user/-u set: > (-o)(User=ansible) > > <kronos.cac.local> SSH: ANSIBLE_TIMEOUT/timeout set: > (-o)(ConnectTimeout=10) > > <kronos.cac.local> SSH: PlayContext set ssh_common_args: () > > <kronos.cac.local> SSH: PlayContext set ssh_extra_args: () > > <kronos.cac.local> SSH: found only ControlPersist; added > ControlPath: > > (-o)(ControlPath=/root/.ansible/cp/25edd394cf) > > <kronos.cac.local> SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o > > ControlPersist=60s -o KbdInteractiveAuthentication=no -o > > > PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey > > -o PasswordAuthentication=no -o User=ansible -o ConnectTimeout=10 -o > > ControlPath=/root/.ansible/cp/25edd394cf kronos.cac.local > '/bin/sh -c > > '"'"'chmod u+x > > > /home/ansible/.ansible/tmp/ansible-tmp-1492441677.22-196285430121983/ > > > > /home/ansible/.ansible/tmp/ansible-tmp-1492441677.22-196285430121983/ping.py > > && sleep 0'"'"'' > > <kronos.cac.local> (0, '', 'OpenSSH_6.6.1, OpenSSL 1.0.1e-fips > 11 Feb > > 2013\r\ndebug1: Reading configuration data > > /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 56: Applying > > options for *\r\ndebug1: auto-mux: Trying existing > master\r\ndebug2: fd > > 3 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master > > version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 > local, > > 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: > > mux_client_request_alive: entering\r\ndebug3: > mux_client_request_alive: > > done pid = 20387\r\ndebug3: mux_client_request_session: session > request > > sent\r\ndebug1: mux_client_request_session: master > > session id: 2\r\ndebug3: mux_client_read_packet: read header failed: > > Broken pipe\r\ndebug2: Received exit status from master 0\r\n') > > <kronos.cac.local> ESTABLISH SSH CONNECTION FOR USER: ansible > > <kronos.cac.local> SSH: ansible.cfg set ssh_args: > > (-C)(-o)(ControlMaster=auto)(-o)(ControlPersist=60s) > > <kronos.cac.local> SSH: ansible_password/ansible_ssh_pass not set: > > > > (-o)(KbdInteractiveAuthentication=no)(-o)(PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey)(-o)(PasswordAuthentication=no) > > <kronos.cac.local> SSH: > > ANSIBLE_REMOTE_USER/remote_user/ansible_user/user/-u set: > (-o)(User=ansible) > > <kronos.cac.local> SSH: ANSIBLE_TIMEOUT/timeout set: > (-o)(ConnectTimeout=10) > > <kronos.cac.local> SSH: PlayContext set ssh_common_args: () > > <kronos.cac.local> SSH: PlayContext set ssh_extra_args: () > > <kronos.cac.local> SSH: found only ControlPersist; added > ControlPath: > > (-o)(ControlPath=/root/.ansible/cp/25edd394cf) > > <kronos.cac.local> SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o > > ControlPersist=60s -o KbdInteractiveAuthentication=no -o > > > PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey > > -o PasswordAuthentication=no -o User=ansible -o ConnectTimeout=10 -o > > ControlPath=/root/.ansible/cp/25edd394cf -tt kronos.cac.local > '/bin/sh > > -c '"'"'su -s /bin/sh root -c '"'"'"'"'"'"'"'"'/bin/sh -c > > '"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'echo > > BECOME-SUCCESS-anvbpadyrpgikywkipnzmenksbuoyblm; /usr/bin/python > > > > /home/ansible/.ansible/tmp/ansible-tmp-1492441677.22-196285430121983/ping.py; > > rm -rf > > > "/home/ansible/.ansible/tmp/ansible-tmp-1492441677.22-196285430121983/" > >> /dev/null > > > 2>&1'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"''"'"'"'"'"'"'"'"' > > && sleep 0'"'"'' > > kronos.cac.local | FAILED! => { > > "failed": true, > > "msg": "Timeout (12s) waiting for privilege escalation prompt: " > > } > > > > Regards > > > > Stefan > > > > -- > *CaC, Computer and Communication* > Inhaber Stefan Klatt > End-2-End Senior Network Consultant > Triftstrasse 9 > 60528 Frankfurt > Germany > USt-IdNr.: DE260461592 > > Tel.: +49-(0)172-6807809 > Tel.: +49-(0)69-67808-900 > Fax: +49-(0)69-67808-837 > Email: [email protected] > <mailto:[email protected]> > Profil: http://www.cac-netzwerk.de/profil > <http://www.cac-netzwerk.de/profil> > > -- > You received this message because you are subscribed to the Google > Groups "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, > send an email to [email protected] > <mailto:ansible-project%[email protected]>. > To post to this group, send email to > [email protected] > <mailto:[email protected]>. > To view this discussion on the web visit > > https://groups.google.com/d/msgid/ansible-project/c175ba74-8caa-3a74-afb6-f8f642ffe941%40cac-netzwerk.de > > <https://groups.google.com/d/msgid/ansible-project/c175ba74-8caa-3a74-afb6-f8f642ffe941%40cac-netzwerk.de>. > For more options, visit https://groups.google.com/d/optout > <https://groups.google.com/d/optout>. > > > > > -- > Matt Martz > @sivel > sivel.net <http://sivel.net> > -- > You received this message because you are subscribed to the Google > Groups "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to [email protected] > <mailto:[email protected]>. > To post to this group, send email to [email protected] > <mailto:[email protected]>. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/CAD8N0v_v%2B7gnE4dZzqShQ31pdPMDkN9%3DR2ewVCMu_OYAsfnrsQ%40mail.gmail.com > <https://groups.google.com/d/msgid/ansible-project/CAD8N0v_v%2B7gnE4dZzqShQ31pdPMDkN9%3DR2ewVCMu_OYAsfnrsQ%40mail.gmail.com?utm_medium=email&utm_source=footer>. > For more options, visit https://groups.google.com/d/optout. -- *CaC, Computer and Communication* Inhaber Stefan Klatt End-2-End Senior Network Consultant Triftstrasse 9 60528 Frankfurt Germany USt-IdNr.: DE260461592 Tel.: +49-(0)172-6807809 Tel.: +49-(0)69-67808-900 Fax: +49-(0)69-67808-837 Email: [email protected] Profil: http://www.cac-netzwerk.de/profil -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/f7c0f8e1-bb7d-908b-aa2e-48ddbcaccb4e%40cac-netzwerk.de. For more options, visit https://groups.google.com/d/optout.
smime.p7s
Description: S/MIME Cryptographic Signature
