Ansible ssh errors with script module on OpenSSH 6.6.1
143 views
Skip to first unread message
Patrick Glomski
Sep 16, 2015, 7:01:58 AM9/16/15
to Ansible Project
Hello,
TL;DR: recently upgraded OSes. script module no longer functions. May be due to new openssh version. Script runs correctly and ansible module doesn't seem to throw an error, so it looks like some kind of false positive when parsing ssh stderr stream.
FWIW, the ansible machine is scientific linux 7.1 and the host is scientific linux 6.6.
sl 7.1 output (openssh 6.6.1)
================
TASK: [update_os | run ls /] ***
<ansible-controlled> ESTABLISH CONNECTION FOR USER: root
<ansible-controlled> EXEC ssh -C -tt -v -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/root/.ansible/cp/ansible-ssh-%h-%p-%r" -o StrictHostKeyChecking=no -o IdentityFile="/home/pglomski/admin/ansible/live/id_rsa" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 ansible-controlled /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1442400130.74-270287235071224 && echo $HOME/.ansible/tmp/ansible-tmp-1442400130.74-270287235071224'
<ansible-controlled> PUT /home/pglomski/admin/ansible/live/roles/update_os/files/run_ls.sh TO /root/.ansible/tmp/ansible-tmp-1442400130.74-270287235071224/run_ls.sh
<ansible-controlled> EXEC ssh -C -tt -v -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/root/.ansible/cp/ansible-ssh-%h-%p-%r" -o StrictHostKeyChecking=no -o IdentityFile="/home/pglomski/admin/ansible/live/id_rsa" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 ansible-controlled /bin/sh -c 'chmod +rx /root/.ansible/tmp/ansible-tmp-1442400130.74-270287235071224/run_ls.sh'
<ansible-controlled> EXEC ssh -C -tt -v -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/root/.ansible/cp/ansible-ssh-%h-%p-%r" -o StrictHostKeyChecking=no -o IdentityFile="/home/pglomski/admin/ansible/live/id_rsa" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 ansible-controlled LANG=C LC_CTYPE=C /root/.ansible/tmp/ansible-tmp-1442400130.74-270287235071224/run_ls.sh
<ansible-controlled> EXEC ssh -C -tt -v -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/root/.ansible/cp/ansible-ssh-%h-%p-%r" -o StrictHostKeyChecking=no -o IdentityFile="/home/pglomski/admin/ansible/live/id_rsa" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 ansible-controlled /bin/sh -c 'rm -rf /root/.ansible/tmp/ansible-tmp-1442400130.74-270287235071224/ >/dev/null 2>&1'
failed: [pglomski] => {"changed": true, "failed": true, "failed_when_result": true, "rc": 0, "stdout_lines": ["bin\tdev homegfs localdisk misc opt\t root\t srv usr", "boot\tetc lib lost+found mnt\t optgfs sbin\t sys var", "cgroup\thome lib64 media\t net\t proc\t selinux tmp"]}
stderr: OpenSSH_6.6.1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 56: Applying options for *
debug1: auto-mux: Trying existing master
debug1: mux_client_request_session: master session id: 2
Shared connection to ansible-controlled closed.
stdout: bin dev homegfs localdisk misc opt root srv usr
boot etc lib lost+found mnt optgfs sbin sys var
cgroup home lib64 media net proc selinux tmp
FATAL: all hosts have already failed -- aborting
================
sl6.6 output (openssh 5.3.1)
================
TASK: [update_os | run ls /] ***
<ansible-controlled> ESTABLISH CONNECTION FOR USER: root on PORT 22 TO ansible-controlled
<ansible-controlled> EXEC /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1442400647.72-180222823303352 && echo $HOME/.ansible/tmp/ansible-tmp-1442400647.72-180222823303352'
<ansible-controlled> PUT /home/pglomski/admin/ansible/live/roles/update_os/files/run_ls.sh TO /root/.ansible/tmp/ansible-tmp-1442400647.72-180222823303352/run_ls.sh
<ansible-controlled> EXEC /bin/sh -c 'chmod +rx /root/.ansible/tmp/ansible-tmp-1442400647.72-180222823303352/run_ls.sh'
<ansible-controlled> EXEC LANG=C LC_CTYPE=C /root/.ansible/tmp/ansible-tmp-1442400647.72-180222823303352/run_ls.sh
<ansible-controlled> EXEC /bin/sh -c 'rm -rf /root/.ansible/tmp/ansible-tmp-1442400647.72-180222823303352/ >/dev/null 2>&1'
changed: [pglomski] => {"changed": true, "failed": false, "failed_when_result": false, "rc": 0, "stderr": "", "stdout": "bin\nboot\ncgroup\ndev\netc\nhome\nhomegfs\nlib\nlib64\nlocaldisk\nlost+found\nmedia\nmisc\nmnt\nnet\nopt\noptgfs\nproc\nroot\nsbin\nselinux\nsrv\nsys\ntmp\nusr\nvar\n", "stdout_lines": ["bin", "boot", "cgroup", "dev", "etc", "home", "homegfs", "lib", "lib64", "localdisk", "lost+found", "media", "misc", "mnt", "net", "opt", "optgfs", "proc", "root", "sbin", "selinux", "srv", "sys", "tmp", "usr", "var"]}
================
The entire ssh_config on both ansible control machines is defaults, but I'll attach the small uncommented portion on the sl7.1 ansible machine for reference anyway:
================
Host *
GSSAPIAuthentication yes
# If this option is set to yes then remote X11 clients will have full access
# to the original X11 display. As virtually no X11 client supports the untrusted
# mode correctly we set this to yes.
ForwardX11Trusted yes
# Send locale-related environment variables
SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
SendEnv LC_IDENTIFICATION LC_ALL LANGUAGE
SendEnv XMODIFIERS
================
I suppose it's useful to note that the problem is consistent between ansible 1.9.{1,2,3}. I didn't bother trying more than 3 versions.
Any help would be appreciated (ssh flags or similar to try if possible, bug fix in next version if not). I'd like to move forward to RHEL7 (SL7) at some point.
Thanks,
Patrick
TL;DR: recently upgraded OSes. script module no longer functions. May be due to new openssh version. Script runs correctly and ansible module doesn't seem to throw an error, so it looks like some kind of false positive when parsing ssh stderr stream.
FWIW, the ansible machine is scientific linux 7.1 and the host is scientific linux 6.6.
sl 7.1 output (openssh 6.6.1)
================
TASK: [update_os | run ls /] ***
<ansible-controlled> ESTABLISH CONNECTION FOR USER: root
<ansible-controlled> EXEC ssh -C -tt -v -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/root/.ansible/cp/ansible-ssh-%h-%p-%r" -o StrictHostKeyChecking=no -o IdentityFile="/home/pglomski/admin/ansible/live/id_rsa" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 ansible-controlled /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1442400130.74-270287235071224 && echo $HOME/.ansible/tmp/ansible-tmp-1442400130.74-270287235071224'
<ansible-controlled> PUT /home/pglomski/admin/ansible/live/roles/update_os/files/run_ls.sh TO /root/.ansible/tmp/ansible-tmp-1442400130.74-270287235071224/run_ls.sh
<ansible-controlled> EXEC ssh -C -tt -v -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/root/.ansible/cp/ansible-ssh-%h-%p-%r" -o StrictHostKeyChecking=no -o IdentityFile="/home/pglomski/admin/ansible/live/id_rsa" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 ansible-controlled /bin/sh -c 'chmod +rx /root/.ansible/tmp/ansible-tmp-1442400130.74-270287235071224/run_ls.sh'
<ansible-controlled> EXEC ssh -C -tt -v -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/root/.ansible/cp/ansible-ssh-%h-%p-%r" -o StrictHostKeyChecking=no -o IdentityFile="/home/pglomski/admin/ansible/live/id_rsa" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 ansible-controlled LANG=C LC_CTYPE=C /root/.ansible/tmp/ansible-tmp-1442400130.74-270287235071224/run_ls.sh
<ansible-controlled> EXEC ssh -C -tt -v -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/root/.ansible/cp/ansible-ssh-%h-%p-%r" -o StrictHostKeyChecking=no -o IdentityFile="/home/pglomski/admin/ansible/live/id_rsa" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 ansible-controlled /bin/sh -c 'rm -rf /root/.ansible/tmp/ansible-tmp-1442400130.74-270287235071224/ >/dev/null 2>&1'
failed: [pglomski] => {"changed": true, "failed": true, "failed_when_result": true, "rc": 0, "stdout_lines": ["bin\tdev homegfs localdisk misc opt\t root\t srv usr", "boot\tetc lib lost+found mnt\t optgfs sbin\t sys var", "cgroup\thome lib64 media\t net\t proc\t selinux tmp"]}
stderr: OpenSSH_6.6.1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 56: Applying options for *
debug1: auto-mux: Trying existing master
debug1: mux_client_request_session: master session id: 2
Shared connection to ansible-controlled closed.
stdout: bin dev homegfs localdisk misc opt root srv usr
boot etc lib lost+found mnt optgfs sbin sys var
cgroup home lib64 media net proc selinux tmp
FATAL: all hosts have already failed -- aborting
================
sl6.6 output (openssh 5.3.1)
================
TASK: [update_os | run ls /] ***
<ansible-controlled> ESTABLISH CONNECTION FOR USER: root on PORT 22 TO ansible-controlled
<ansible-controlled> EXEC /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1442400647.72-180222823303352 && echo $HOME/.ansible/tmp/ansible-tmp-1442400647.72-180222823303352'
<ansible-controlled> PUT /home/pglomski/admin/ansible/live/roles/update_os/files/run_ls.sh TO /root/.ansible/tmp/ansible-tmp-1442400647.72-180222823303352/run_ls.sh
<ansible-controlled> EXEC /bin/sh -c 'chmod +rx /root/.ansible/tmp/ansible-tmp-1442400647.72-180222823303352/run_ls.sh'
<ansible-controlled> EXEC LANG=C LC_CTYPE=C /root/.ansible/tmp/ansible-tmp-1442400647.72-180222823303352/run_ls.sh
<ansible-controlled> EXEC /bin/sh -c 'rm -rf /root/.ansible/tmp/ansible-tmp-1442400647.72-180222823303352/ >/dev/null 2>&1'
changed: [pglomski] => {"changed": true, "failed": false, "failed_when_result": false, "rc": 0, "stderr": "", "stdout": "bin\nboot\ncgroup\ndev\netc\nhome\nhomegfs\nlib\nlib64\nlocaldisk\nlost+found\nmedia\nmisc\nmnt\nnet\nopt\noptgfs\nproc\nroot\nsbin\nselinux\nsrv\nsys\ntmp\nusr\nvar\n", "stdout_lines": ["bin", "boot", "cgroup", "dev", "etc", "home", "homegfs", "lib", "lib64", "localdisk", "lost+found", "media", "misc", "mnt", "net", "opt", "optgfs", "proc", "root", "sbin", "selinux", "srv", "sys", "tmp", "usr", "var"]}
================
The entire ssh_config on both ansible control machines is defaults, but I'll attach the small uncommented portion on the sl7.1 ansible machine for reference anyway:
================
Host *
GSSAPIAuthentication yes
# If this option is set to yes then remote X11 clients will have full access
# to the original X11 display. As virtually no X11 client supports the untrusted
# mode correctly we set this to yes.
ForwardX11Trusted yes
# Send locale-related environment variables
SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
SendEnv LC_IDENTIFICATION LC_ALL LANGUAGE
SendEnv XMODIFIERS
================
I suppose it's useful to note that the problem is consistent between ansible 1.9.{1,2,3}. I didn't bother trying more than 3 versions.
Any help would be appreciated (ssh flags or similar to try if possible, bug fix in next version if not). I'd like to move forward to RHEL7 (SL7) at some point.
Thanks,
Patrick
Reply all
Reply to author
Forward
0 new messages