failed to parse: SUDO-SUCCESS-ugbdmgqomyttgubummftugavvodrnugl when using mysql_user with password lookup

[William Hall-BrandFour]

Similar to this discussion https://groups.google.com/d/msg/ansible-project/aBE51ToAC7A/QC3jwdPOK4MJ

I am getting this error:

failed to parse: SUDO-SUCCESS-ugbdmgqomyttgubummftugavvodrnugl

I am trying to make use of the password lookup in mysql_user like so

    - name: create and/or update database user

      mysql_user:

        login_user={{ mysqluser }}

        login_password={{ mysqlpassword }}

        name={{ databaseuser }}

        password={{ lookup('password', '/tmp/passwordfile length=15') }}

        append_privs=yes

        priv={{ databasename }}.*:SELECT,INSERT,UPDATE,DELETE

I was previously using a similar play to get a password via an api and that worked so I know the syntax is correct, its just the introduction of the password lookup which seems to have broken things.

Client: Mac OS X 10.6.8

Server: Debian 7

Any ideas?

[James Cammarata]

Are you using sudo to execute this? In that case, you may be hitting this bug:

https://github.com/ansible/ansible/issues/5533

There are pull-requests open to address this, which I will be looking to test today.

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

[William Hall-BrandFour]

I never got the message to say there was a reply so sorry for the delay in getting back to you.

I have disabled sudo for that play and updated to ansible 1.5.3.

The play now works but does not create a file at /tmp/passwordfile and if I try to use an alternative directory, it errors completely differently

failed: [g.b4dev.com] => {"failed": true, "parsed": false}

invalid output was: Traceback (most recent call last):

  File "/home/wh/.ansible/tmp/ansible-tmp-1394795091.79-153729821362509/mysql_user", line 1561, in <module>

    main()

  File "/home/wh/.ansible/tmp/ansible-tmp-1394795091.79-153729821362509/mysql_user", line 459, in main

    changed = user_add(cursor, user, host, password, priv)

  File "/home/wh/.ansible/tmp/ansible-tmp-1394795091.79-153729821362509/mysql_user", line 158, in user_add

    cursor.execute("CREATE USER %s@%s IDENTIFIED BY %s", (user,host,password))

  File "/usr/lib/python2.7/dist-packages/MySQLdb/cursors.py", line 174, in execute

    self.errorhandler(self, exc, value)

  File "/usr/lib/python2.7/dist-packages/MySQLdb/connections.py", line 36, in defaulterrorhandler

    raise errorclass, errorvalue

_mysql_exceptions.OperationalError: (1396, "Operation CREATE USER failed for 'test'@'localhost'")

[James Cammarata]

What happens if you use debug: var={{ lookup('password', '/tmp/passwordfile length=15') }} ?

[James Cammarata]

Really though, this seems like your mysqluser/mysqlpassword variables are incorrect, or the user you're connecting as does not have the proper GRANT permissions to add/edit the user.

Can you run other actions with that user/passord?

[William Hall-BrandFour]

The MySQL account I use should be all singing all dancing.

I think I may have figured it out.

The debug command came back with a value but I couldn't find the passwordfile and then it occurred to me that the file might be local and sure enough it was.

Did I miss the part where the file lookup works on local files and not remote files?

[James Cammarata]

Yes, all lookups like that (and action_plugins too) occur locally on the machine running ansible, not remotely. Looking through http://docs.ansible.com/playbooks_lookups.html, it does not mention that specifically, so it would be good to add. Please feel free to open up a github issue for that.

Thanks!

[William Hall-BrandFour]

Done and done. Thank you for your help! :-)