Bug 1661483
Summary: | Ansible Job Templates fails because sudo password is not provided even though it is | ||
---|---|---|---|
Product: | Red Hat Satellite | Reporter: | Suraj Patil <supatil> |
Component: | Ansible - Configuration Management | Assignee: | Adam Ruzicka <aruzicka> |
Status: | CLOSED ERRATA | QA Contact: | Lukas Pramuk <lpramuk> |
Severity: | medium | Docs Contact: | |
Priority: | unspecified | ||
Version: | 6.4 | CC: | egolov, hmore, nshaik, zhunting |
Target Milestone: | 6.5.0 | Keywords: | Triaged |
Target Release: | Unused | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://projects.theforeman.org/issues/25764 | ||
Whiteboard: | |||
Fixed In Version: | tfm-rubygem-foreman_ansible-2.2.13 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2019-05-14 12:39:37 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Suraj Patil
2018-12-21 10:49:18 UTC
Upstream bug assigned to aruzicka Upstream bug assigned to aruzicka Upstream bug assigned to aruzicka Upstream bug assigned to aruzicka Upstream bug assigned to aruzicka Upstream bug assigned to aruzicka Upstream bug assigned to aruzicka Upstream bug assigned to aruzicka Upstream bug assigned to aruzicka Upstream bug assigned to aruzicka Upstream bug assigned to aruzicka Upstream bug assigned to aruzicka Upstream bug assigned to aruzicka Upstream bug assigned to aruzicka Upstream bug assigned to aruzicka Upstream bug assigned to aruzicka Upstream bug assigned to aruzicka Upstream bug assigned to aruzicka Upstream bug assigned to aruzicka Moving this bug to POST for triage into Satellite 6 since the upstream issue https://projects.theforeman.org/issues/25764 has been resolved. VERIFIED. @satellite-6.5.0-11.el7sat.noarch tfm-rubygem-foreman_ansible-2.2.14-2.el7sat.noarch by extending the manual reproducer described in comment#0: 1. @HOST: Create user demo and add it in the sudoers file # adduser demo # passwd demo --stdin <<<demo # echo 'demo ALL=(ALL) ALL' >> /etc/sudoers 2. @SAT: Change Administer > Settings > Remote Execution settingd SSH User [ demo ] Sudo password [ demo ] Effective User [ root ] 3. Run the REX job using any ansible template. ---- 1: 2: PLAY [all] ********************************************************************* 3: 4: TASK [Gathering Facts] ********************************************************* 5: ok: [host1.example.com] 6: 7: TASK [shell] ******************************************************************* 8: changed: [host1.example.com] 9: 10: TASK [debug] ******************************************************************* 11: ok: [host1.example.com] => { 12: "out": { 13: "changed": true, 14: "cmd": "id", 15: "delta": "0:00:00.005761", 16: "end": "2019-04-23 12:17:28.547989", 17: "failed": false, 18: "rc": 0, 19: "start": "2019-04-23 12:17:28.542228", 20: "stderr": "", 21: "stderr_lines": [], 22: "stdout": "uid=0(root) gid=0(root) groups=0(root) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023", 23: "stdout_lines": [ 24: "uid=0(root) gid=0(root) groups=0(root) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023" 25: ] 26: } 27: } 28: 29: PLAY RECAP ********************************************************************* 30: host1.example.com : ok=3 changed=1 unreachable=0 failed=0 31: 32: Exit status: 0 ---- >>> ansible job run successfully 4. @SAT: Change Administer > Settings > Remote Execution settings
SSH User [ demo ]
Sudo password [ badbadbad ]
Effective User [ root ]
5. Run the REX job using any ansible template.
----
1:
2:
PLAY [all] *********************************************************************
3:
4:
TASK [Gathering Facts] *********************************************************
5:
fatal: [host1.example.com]: FAILED! => {"msg": "Incorrect sudo password"}
6:
to retry, use: --limit @/tmp/foreman-playbook-227311a0-64b8-432a-96ac-447985733195.retry
7:
8:
PLAY RECAP *********************************************************************
9:
host1.example.com : ok=0 changed=0 unreachable=0 failed=1
10:
11:
Exit status: 2
----
>>> ansible job fails correctly with reasonable message to the user
6. @SAT: Change Administer > Settings > Remote Execution settings
SSH User [ demo ]
Sudo password [ ] (empty)
Effective User [ root ]
7. Run the REX job using any ansible template.
----
1:
2:
PLAY [all] *********************************************************************
3:
4:
TASK [Gathering Facts] *********************************************************
5:
fatal: [host1.example.com]: FAILED! => {"changed": false, "module_stderr": "Shared connection to host1.example.com closed.\r\n", "module_stdout": "sudo: a password is required\r\n", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}
6:
to retry, use: --limit @/tmp/foreman-playbook-2b28a84b-aaa9-49df-b1ea-e0d84dd74e38.retry
7:
8:
PLAY RECAP *********************************************************************
9:
host1.example.com : ok=0 changed=0 unreachable=0 failed=1
10:
11:
Exit status: 2
----
>>> ansible job fails correctly with the same message as described in reproducer
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2019:1222 |