I have a ansible-playbook that has gather_facts set to true. But it fails to get the uid. Here is the error I am getting:
TASK [Gathering Facts] **************************************************************************************************************************************************************
The full traceback is:
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/ansible/executor/task_executor.py", line 144, in run
res = self._execute()
File "/usr/lib/python2.7/site-packages/ansible/executor/task_executor.py", line 516, in _execute
self._play_context = self._play_context.set_task_and_variable_override(task=self._task, variables=variables, templar=templar)
File "/usr/lib/python2.7/site-packages/ansible/playbook/play_context.py", line 335, in set_task_and_variable_override
new_info.remote_user = pwd.getpwuid(os.getuid()).pw_name
KeyError: 'getpwuid(): uid not found: 1001'
fatal: [localhost]: FAILED! => {
"msg": "Unexpected failure during module execution.",
"stdout": ""
}
Now, the 1001 uid is present in the setup:
$ echo $UID
1001
I am running this inside a container, could that be an issue? Any pointers to help debug this are appreciated. TIA.
I am running this inside a container, could that be an issue?
While that doesn't automatically make it a problem, it is perhaps relevant since you can more easily execute a process as an arbitrary UID inside a docker container. You don't typically see that problem on a virtual machine because in order to run anything on the virtual host, you have to actually be authenticated first, which almost always involves looking up all kinds of user information in /etc/passwd. However, there is usually no "login" process for a container, since it is just Linux namespace trickery
You can try it yourself by running docker run --rm -u 12345 ubuntu:18.04 id -a and observe uid=12345 gid=0(root) groups=0(root) but there is no entry in /etc/passwd for UID 12345 (notice the missing (something) after the uid= result)
2 solutions:
- hosts: all
gather_facts: no
or
ansible_test:
image: docker.io/major/ansible:fedora29
script:
- echo "tempuser:x:$(id -u):$(id -g):,,,:${HOME}:/bin/bash" >> /etc/passwd
- echo "tempuser:x:$(id -G | cut -d' ' -f 2)" >> /etc/group
- id
- ansible-playbook -i hosts playbook.yml
https://major.io/2019/03/22/running-ansible-in-openshift-with-arbitrary-uids/
Related
Using ansible i am logging in as LDAP user and then sudo/becoming the 'db2inst1' user to run some commands. The adhoc mode runs fine but if I try things using a playbooks I get an error that means I need to add the user to the sudoers files.
This works fine. (i had to edit some things out :) )
ansible all -i ftest.lst -e ansible_user=user#a.com -e "ansible_ssh_pass={{pass}}" -e "ansible_become_pass={{test_user}}" -e "#pass.yml" --vpas vault -a ". /home/db2inst1/sqllib/db2profile;db2pd -hadr -alldbs;whoami" -m raw -b --become-user=db2inst1
But connecting to the same box and using a playbook i get issues.
ansible-playbook -i ftest.lst -e target=test -e ansible_user=user#a.com -e "ansible_ssh_pass={{pass}}" -e "ansible_become_pass={{test_user}}" -e "#pass.yml" --vpas vault test.yml
The test.yml has
become: true
& become_user: "{{ instance }}"
with the instance = db2inst1 being passed it.
This spits out...
fatal: [hostname123.a]: FAILED! => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": false, "module_stderr": "Shared connection to hostname123.a closed.\r\n", "module_stdout": "\r\n", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}z
I am new to Ansible and I cannot solve an error: I use the ansible.builtin.shell to call the pcs utility (Pacemaker). The pcs is installed on the remote machine, and I can use it when I ssh that machine, but Ansible reports a 'command not found' error with error code 127.
Here is my inventory.yml:
---
all:
children:
centos7:
hosts:
UVMEL7:
ansible_host: UVMEL7
Here is my play-book, TestPcs.yaml:
---
- name: Test the execution of pcs command
hosts: UVMEL7
tasks:
- name: Call echo
ansible.builtin.shell: echo
- name: pcs
ansible.builtin.shell: pcs
Note: I also used the echo command to verify that I am corectly using ansible.builtin.shell.
I launch my play-book with: ansible-playbook -i inventory.yml TestPcs.yaml --user=traite
And I get this result:
PLAY [Test the execution of pcs command] *****************************************************************************************************************************************************************************************************
TASK [Gathering Facts] ***********************************************************************************************************************************************************************************************************************
ok: [UVMEL7]
TASK [Call echo] *****************************************************************************************************************************************************************************************************************************
changed: [UVMEL7]
TASK [pcs] ***********************************************************************************************************************************************************************************************************************************
fatal: [UVMEL7]: FAILED! => {"changed": true, "cmd": "pcs", "delta": "0:00:00.003490", "end": "2022-03-10 15:02:17.418475", "msg": "non-zero return code", "rc": 127, "start": "2022-03-10 15:02:17.414985", "stderr": "/bin/sh: pcs : commande introuvable", "stderr_lines": ["/bin/sh: pcs : commande introuvable"], "stdout": "", "stdout_lines": []}
PLAY RECAP ***********************************************************************************************************************************************************************************************************************************
UVMEL7 : ok=2 changed=1 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
The pcs command is failing and in stderr, there is a 'command not found' error.
On the other and, when I ssh the machine and run pcs command, the command is executed and returns 1 which is different from 127. It is normal that pcs returns an error: I simplified the test case to the strict minimum to keep my question short.
I expect Ansible to have the same behavior: Error on pcs with return code 1.
Here is what I did to simulate what Ansible does (Based on remarks by #Zeitounator): ssh <user>#<machine> '/bin/bash -c "echo $PATH"'
I get my default PATH as explained in the manual page of bash. In my system sh links to bash.
I see that /etc/profile does the path manipulation that I need. However, it seems that because of the option -c, the bash is not started as login shell and therefore etc/profile is not sourced.
I end up doing the job manually:
---
- name: Test the execution of pcs command
hosts: UVMEL7
tasks:
- name: Call echo
ansible.builtin.shell: echo
- name: pcs
ansible.builtin.shell: source /etc/profile && pcs
Which executes pcs as expected.
To sum up, my executable was not executed because the folder holding it was not listed in my PATH environment variable. This was due to the fact that /bin/sh aka /bin/bash was called with the flag -c which prevents sourcing /etc/profile and other configuration files. The issue was 'solved' by sourcing manually the configuration file that correctly sets the PATH environment variable.
This is from a galaxy role (ashwin_sid.gaia_fw1) that I'm trying to implement.
Ansible version is 2.8.4
As part of the playbook it logs in, runs a show command. The output is then supposed to go to "BACKUP", but it throws this error: "The module file was not found in configured module paths. Additionally, core modules are missing".
This is the playbook:
serial: 1
gather_facts: no
tasks:
- name: BACKUP
import_role:
name: ashwin_sid.gaia_fw1
tasks_from: backup'
I think this where it breaks, where it references this file:
'- name: create dir
local_action: file path=={{ logdir | default('../BACKUP') }}/{{ r0.stdout }} state=directory'
This is the task with the error in verbose mode.
TASK [ashwin_sid.gaia_fw1 : create dir] ****************************************************************************************************************************************************************
task path: /app/sandbox/playbooks/ashwin_sid.gaia_fw1/tasks/backup.yml:23
<localhost> ESTABLISH LOCAL CONNECTION FOR USER: xxxxx
<localhost> EXEC /bin/sh -c 'echo ~xxxxx && sleep 0'
<localhost> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/xxxxx/.ansible/tmp/ansible-tmp-1569528903.45-71335581192935 `" && echo ansible-tmp-1569528903.45-71335581192935="` echo /home/xxxxx/.ansible/tmp/ansible-tmp-1569528903.45-71335581192935 `" ) && sleep 0'
fatal: [lab_B]: FAILED! => {
"msg": "The module file was not found in configured module paths. Additionally, core modules are missing. If this is a checkout, run 'git pull --rebase' to correct this problem."
}
I'm not sure what other information to provide?
I've created the "BACKUP" directory. I don't think it's a permissions issue. It logs in fine and I think it runs the command it just can't write?
You have an extra space in your playbook:
"local_action: file path=={{"
should be :
"local_action: file path=={{
The error shows an extra space after stating module not found:
'"msg": "The module file was not found...'
After removing that space, it should work for you.
My ansible command fails with error as below:
$ ansible all -i /tmp/myhosts -m shell -a 'uname -a' -u user1 -k
SSH password:
host1.mycomp.com | FAILED! => {
"changed": false,
"module_stderr": "",
"module_stdout": " File \"/home/user1/.ansible/tmp/ansible-tmp-1556597037.27-168849792658772/AnsiballZ_command.py\", line 39\r\n with open(module, 'wb') as f:\r\n ^\r\nSyntaxError: invalid syntax\r\n",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 1
}
I do not know how to See stdout/stderr from single command line. Any suggestion how to view std out/err would be great.
$ more /tmp/myhosts
[mybox]
host1.mycomp.com
[dev]
host1.mycomp.com
[allserver:children]
mybox
dev
[allserver:vars]
variable=somestring
/tmp/hosts has good permissions.
I'm also able to ssh to the target server using the userid
$ ssh user1#host1.mycomp.com
Password:
Last login: Tue Apr 30 00:03:57 2019 from 10.123.235.126
$ hostname
host1
ansible --version
2.7.1
Can you please help me overcome the error ?
I am currently running ansible 2.7 and I have the following playbook
info.yaml
---
- hosts: routers
gather_facts: true
tasks:
- name: show run
ios_command:
commands:
- show running-config
register: config
I have the following inventory file:
[local]
127.0.0.1 ansible_connection=local
[routers]
LAB-RTR-1
LAB-RTR-2
[routers:vars]
ansible_ssh_user= {{ cisco_user }}
ansible_ssh_pass= {{ cisco_pass }}
ansible_network_os=ios
ansible_connection=network_cli
ansible_become = yes
ansible_become_method = enable
anisble_become_pass = {{ auth_pass }}
Have the following in the vault
cisco_user: “admin”
cisco_pass: “password123”
auth_pass: “password123”
When i try to run this via cli like this:
ansible-playbook info.yaml --ask-vault-pass -vvv
I keep getting the following errors for some reason, and i can’t figure this out. I’ve been going crazy on this for the last few hours
The full traceback is:
Traceback (most recent call last):
File "/usr/bin/ansible-connection", line 106, in start
self.connection._connect()
File "/usr/lib/python2.7/site-packages/ansible/plugins/connection/network_cli.py", line 341, in _connect
self._terminal.on_become(passwd=auth_pass)
File "/usr/lib/python2.7/site-packages/ansible/plugins/terminal/ios.py", line 78, in on_become
raise AnsibleConnectionFailure('unable to elevate privilege to enable mode, at prompt [%s] with error: %s' % (prompt, e.message))
AnsibleConnectionFailure: unable to elevate privilege to enable mode, at prompt [None] with error: timeout value 10 seconds reached while trying to send command: enable
fatal: [LAB-RTR-1]: FAILED! => {
"msg": "unable to elevate privilege to enable mode, at prompt [None] with error: timeout value 10 seconds reached while trying to send command: enable"
}
Haven't used ansible in a while (but the above looks ok to me), and never with cisco, but I found an open issue that looks very similar to yours which you may want to keep an eye on:
https://github.com/ansible/ansible/issues/51436