ansible-playbook with --ask-become-pass in hp-ux

214 views

Skip to first unread message

Jesus Vidal

unread,

Jul 14, 2016, 12:51:02 PM7/14/16

to Ansible Project

I've create a simple playbook to test connectivity from my ansible server to an hp-ux with --ask-become-pass module, and seem not to work.

What I can see follows:

The playbook is:

ansible/playbooks $ cat TPAM.yml

---

- hosts: all

gather_facts: no

become: yes

become_method: su

become_user: root

tasks:

- name: test uptime

command: uptime

- name: test uname

shell: uname

- debug: var=salida.stdout_lines

The output is:

test:/ansible/playbooks $ ansible-playbook -vvvv TPAM.yml --limit ignitep --ask-pass --ask-become-pass

/usr/lib64/python2.6/site-packages/pycrypto-2.6.1-py2.6-linux-x86_64.egg/Crypto/Util/number.py:57: PowmInsecureWarning: Not using mpz_powm_sec. You should rebuild using libgmp >= 5 to avoid timing attack vulnerability.

_warn("Not using mpz_powm_sec. You should rebuild using libgmp >= 5 to avoid timing attack vulnerability.", PowmInsecureWarning)

Using /etc/ansible/ansible.cfg as config file

SSH password:

SUDO password[defaults to SSH password]:

Loaded callback default of type stdout, v2.0

1 plays in TPAM.yml

PLAY ***************************************************************************

TASK [test uptime] *************************************************************

task path: /root/home/ansible/playbooks/TPAM.yml:11

<ignitep> ESTABLISH SSH CONNECTION FOR USER: None

<ignitep> SSH: EXEC sshpass -d15 ssh -C -vvv -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o Port=22 -o ConnectTimeout=20 -o ControlPath=/root/home/.ansible/cp/ansible-ssh-%h-%p-%r -tt ignitep '/bin/sh -c '"'"'( umask 22 && mkdir -p "` echo $HOME/.ansible/tmp/ansible-tmp-1468485137.48-269929385646625 `" && echo "` echo $HOME/.ansible/tmp/ansible-tmp-1468485137.48-269929385646625 `" )'"'"''

<ignitep> PUT /tmp/tmpsDJSrg TO /root/home/hpjsplu/.ansible/tmp/ansible-tmp-1468485137.48-269929385646625/command

<ignitep> SSH: EXEC sshpass -d15 sftp -b - -C -vvv -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o Port=22 -o ConnectTimeout=20 -o ControlPath=/root/home/.ansible/cp/ansible-ssh-%h-%p-%r '[ignite1p]'

<ignitep> ESTABLISH SSH CONNECTION FOR USER: None

<ignitep> SSH: EXEC sshpass -d15 ssh -C -vvv -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o Port=22 -o ConnectTimeout=20 -o ControlPath=/root/home/.ansible/cp/ansible-ssh-%h-%p-%r -tt ignitep '/bin/sh -c '"'"'su root -c /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-whqzbeicifjsmstsilrycwbbceaxbbre; /bin/sh -c '"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'LANG=C LC_ALL=C LC_MESSAGES=C /opt/opsware/agent/bin/python /root/home/.ansible/tmp/ansible-tmp-1468485137.48-269929385646625/command; rm -rf "/root/home/.ansible/tmp/ansible-tmp-1468485137.48-269929385646625/" > /dev/null 2>&1'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"'"''"'"'"'"'"'"'"'"''"'"''

fatal: [ignitep]: FAILED! => {"failed": true, "msg": "Timeout (22s) waiting for privilege escalation prompt: \r\nLast successful login for root: Thu Jul 14 12:15:03 MET-1METDST 2016 on pts/0 \r\nLast unsuccessful login for root: Thu Jul 14 10:32:17 MET-1METDST 2016 \r\n"}

NO MORE HOSTS LEFT *************************************************************

to retry, use: --limit @TPAM.retry

PLAY RECAP *********************************************************************

ignitep : ok=0 changed=0 unreachable=0 failed=1

And on the hp-ux side:

[ignitep]/#ps -fu ansible

UID PID PPID C STIME TTY TIME COMMAND

ansible 20327 20326 0 10:31:21 pts/0 0:00 /bin/sh -c su root -c /bin/sh -c 'echo BECOME-SUCCESS-ctrcszwvfkamwueotlgrsljqrldakowe; /bin/sh -c '"'"'LANG=C LC_ALL=C LC_MES

ansible 3886 20317 0 12:15:03 pts/2 0:00 sh -c /bin/sh -c 'su root -c /bin/sh -c '"'"'echo BECOME-SUCCESS-uxzopavnkcvuttztadjubhvoaocplmmi; /bin/sh -c '"'"'"'"'"'"'"'"

ansible 20326 20317 0 10:31:21 pts/0 0:00 sh -c /bin/sh -c 'su root -c /bin/sh -c '"'"'echo BECOME-SUCCESS-ctrcszwvfkamwueotlgrsljqrldakowe; /bin/sh -c '"'"'"'"'"'"'"'"

ansible 4115 20317 0 12:16:22 pts/4 0:00 sh -c /bin/sh -c 'su root -c /bin/sh -c '"'"'echo BECOME-SUCCESS-lwftyetdxewykflocdwpogkoqaqlesux; /bin/sh -c '"'"'"'"'"'"'"'"

ansible 3911 3886 0 12:15:03 pts/2 0:00 /bin/sh -c su root -c /bin/sh -c 'echo BECOME-SUCCESS-uxzopavnkcvuttztadjubhvoaocplmmi; /bin/sh -c '"'"'LANG=C LC_ALL=C LC_MES

ansible 20332 20330 0 10:31:42 pts/1 0:00 -sh

ansible 4116 4115 0 12:16:22 pts/4 0:00 /bin/sh -c su root -c /bin/sh -c 'echo BECOME-SUCCESS-lwftyetdxewykflocdwpogkoqaqlesux; /bin/sh -c '"'"'LANG=C LC_ALL=C LC_MES

and is needed to kill all these processes.

ansible version:

:/ansible/playbooks $ ansible --version

_warn("Not using mpz_powm_sec. You should rebuild using libgmp >= 5 to avoid timing attack vulnerability.", PowmInsecureWarning)

ansible 2.0.1.0

config file = /etc/ansible/ansible.cfg

configured module search path = /usr/share/my_modules/

On ansible host:

Red Hat Enterprise Linux Server release 6.7 (Santiago)

On client side:

HP-UX ignite1p B.11.31 U ia64 0430496670 unlimited-user license

With ansible it works fine:

ansible/playbooks $ ansible ignitep -m shell -a 'uptime' --ask-pass --ask-become-pass

_warn("Not using mpz_powm_sec. You should rebuild using libgmp >= 5 to avoid timing attack vulnerability.", PowmInsecureWarning)

SSH password:

SUDO password[defaults to SSH password]:

ignitep | SUCCESS | rc=0 >>

12:25pm up 8 days, 16:44, 5 users, load average: 0.04, 0.04, 0.03

Any ideas ?

Thanks in advance.

Jesús

Reply all

Reply to author

Forward

0 new messages