Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

module user, luseradd: error parsing arguments #48722

Closed
romain-dartigues opened this issue Nov 15, 2018 · 11 comments · Fixed by #55401
Closed

module user, luseradd: error parsing arguments #48722

romain-dartigues opened this issue Nov 15, 2018 · 11 comments · Fixed by #55401
Assignees
@bcoca @samdoran
Labels
affects_2.7 This issue/PR affects Ansible v2.7 bug This issue/PR relates to a bug. has_pr This issue has an associated PR. module This issue/PR relates to a module. needs_info This issue requires further information. Please answer any outstanding questions. support:core This issue/PR relates to code supported by the Ansible Engineering Team. system System category verified This issue has been verified/reproduced by maintainer

Comments

@romain-dartigues
Copy link
Contributor

SUMMARY

Module user fail creating users with local: true and with groups.

Note: this bug relates to #32199 (marked fixed by PR #32262) but is not the same.

ISSUE TYPE
  • Bug Report
COMPONENT NAME
  • module user
ANSIBLE VERSION
ansible 2.7.1
  config file = /home/rdartigues/playbook-swf/ansible.cfg
  configured module search path = [u'/home/rdartigues/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /home/rdartigues/.virtualenvs/ansible/lib/python2.7/site-packages/ansible
  executable location = /home/rdartigues/.virtualenvs/ansible/bin/ansible
  python version = 2.7.5 (default, Jul 13 2018, 13:06:57) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]
CONFIGURATION
ANSIBLE_NOCOWS(/home/rdartigues/playbook-swf/ansible.cfg) = True
CACHE_PLUGIN(/home/rdartigues/playbook-swf/ansible.cfg) = jsonfile
CACHE_PLUGIN_CONNECTION(/home/rdartigues/playbook-swf/ansible.cfg) = ./.facts/
CACHE_PLUGIN_TIMEOUT(/home/rdartigues/playbook-swf/ansible.cfg) = 3600
DEFAULT_GATHERING(/home/rdartigues/playbook-swf/ansible.cfg) = smart
DEFAULT_HASH_BEHAVIOUR(/home/rdartigues/playbook-swf/ansible.cfg) = merge
DEFAULT_HOST_LIST(/home/rdartigues/playbook-swf/ansible.cfg) = [u'/home/rdartigues/playbook-swf/inventory.ini']
DEFAULT_REMOTE_USER(/home/rdartigues/playbook-swf/ansible.cfg) = root
RETRY_FILES_ENABLED(/home/rdartigues/playbook-swf/ansible.cfg) = False
OS / ENVIRONMENT

Local OS:

LSB Version:    :core-4.1-ia32:core-4.1-noarch
Distributor ID: CentOS
Description:    CentOS Linux release 7.5.1804 (Core) 
Release:        7.5.1804
Codename:       Core

Target system:

$ lsb_release -a
LSB Version:    :core-4.1-amd64:core-4.1-noarch
Distributor ID: CentOS
Description:    CentOS Linux release 7.5.1804 (Core) 
Release:        7.5.1804
Codename:       Core

$ rpm -qa libuser
libuser-0.60-9.el7.x86_64
STEPS TO REPRODUCE
---
- hosts: [all]
  gather_facts: false
  tasks:
    - user:
        groups: ['adm', 'systemd-journal', 'users', 'wheel']
        createhome: false # with or without, same result
        local: true
        name: 'test_user'
...
EXPECTED RESULTS
  • no error
  • user is created
  • user is in supplementary groups
ACTUAL RESULTS
$ ansible-playbook debug.yml -l srv0206.example.net -Dvvv
ansible-playbook 2.7.1
  config file = /home/rdartigues/playbook-swf/ansible.cfg
  configured module search path = [u'/home/rdartigues/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /home/rdartigues/.virtualenvs/ansible/lib/python2.7/site-packages/ansible
  executable location = /home/rdartigues/.virtualenvs/ansible/bin/ansible-playbook
  python version = 2.7.5 (default, Jul 13 2018, 13:06:57) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]
Using /home/rdartigues/playbook-swf/ansible.cfg as config file
/home/rdartigues/playbook-swf/inventory.ini did not meet host_list requirements, check plugin documentation if this is unexpected
/home/rdartigues/playbook-swf/inventory.ini did not meet script requirements, check plugin documentation if this is unexpected
/home/rdartigues/playbook-swf/inventory.ini did not meet yaml requirements, check plugin documentation if this is unexpected
Parsed /home/rdartigues/playbook-swf/inventory.ini inventory source with ini plugin

PLAYBOOK: debug.yml ***************************************************************************************
1 plays in debug.yml

PLAY [all] ************************************************************************************************
META: ran handlers

TASK [user] ***********************************************************************************************
task path: /home/rdartigues/playbook-swf/debug.yml:6
<srv0206.example.net> ESTABLISH SSH CONNECTION FOR USER: root
<srv0206.example.net> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=root -o ConnectTimeout=10 -o ControlPath=/home/rdartigues/.ansible/cp/7de40a45ac srv0206.example.net '/bin/sh -c '"'"'echo ~root && sleep 0'"'"''
<srv0206.example.net> (0, '/root\n', '')
<srv0206.example.net> ESTABLISH SSH CONNECTION FOR USER: root
<srv0206.example.net> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=root -o ConnectTimeout=10 -o ControlPath=/home/rdartigues/.ansible/cp/7de40a45ac srv0206.example.net '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-tmp-1542189136.9-150634927138129 `" && echo ansible-tmp-1542189136.9-150634927138129="` echo /root/.ansible/tmp/ansible-tmp-1542189136.9-150634927138129 `" ) && sleep 0'"'"''
<srv0206.example.net> (0, 'ansible-tmp-1542189136.9-150634927138129=/root/.ansible/tmp/ansible-tmp-1542189136.9-150634927138129\n', '')
Using module file /home/rdartigues/.virtualenvs/ansible/lib/python2.7/site-packages/ansible/modules/system/user.py
<srv0206.example.net> PUT /home/rdartigues/.ansible/tmp/ansible-local-297228xcR_R/tmppPjixB TO /root/.ansible/tmp/ansible-tmp-1542189136.9-150634927138129/AnsiballZ_user.py
<srv0206.example.net> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=root -o ConnectTimeout=10 -o ControlPath=/home/rdartigues/.ansible/cp/7de40a45ac '[srv0206.example.net]'
<srv0206.example.net> (0, 'sftp> put /home/rdartigues/.ansible/tmp/ansible-local-297228xcR_R/tmppPjixB /root/.ansible/tmp/ansible-tmp-1542189136.9-150634927138129/AnsiballZ_user.py\n', '')
<srv0206.example.net> ESTABLISH SSH CONNECTION FOR USER: root
<srv0206.example.net> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=root -o ConnectTimeout=10 -o ControlPath=/home/rdartigues/.ansible/cp/7de40a45ac srv0206.example.net '/bin/sh -c '"'"'chmod u+x /root/.ansible/tmp/ansible-tmp-1542189136.9-150634927138129/ /root/.ansible/tmp/ansible-tmp-1542189136.9-150634927138129/AnsiballZ_user.py && sleep 0'"'"''
<srv0206.example.net> (0, '', '')
<srv0206.example.net> ESTABLISH SSH CONNECTION FOR USER: root
<srv0206.example.net> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=root -o ConnectTimeout=10 -o ControlPath=/home/rdartigues/.ansible/cp/7de40a45ac -tt srv0206.example.net '/bin/sh -c '"'"'/usr/bin/python /root/.ansible/tmp/ansible-tmp-1542189136.9-150634927138129/AnsiballZ_user.py && sleep 0'"'"''
<srv0206.example.net> (1, '\r\n{"msg": "Error parsing arguments: unknown option.\\nUsage: lusermod [-imLU?] [-i|--interactive] [-c|--gecos STRING]\\n        [-d|--directory STRING] [-m|--movedirectory] [-s|--shell STRING]\\n        [-u|--uid NUM] [-g|--gid NUM] [-l|--login STRING]\\n        [-P|--plainpassword STRING] [-p|--password STRING] [-L|--lock]\\n        [-U|--unlock] [--commonname=STRING] [--givenname=STRING]\\n        [--surname=STRING] [--roomnumber=STRING] [--telephonenumber=STRING]\\n        [--homephone=STRING] [-?|--help] [--usage] [OPTION...] user\\n", "failed": true, "rc": 1, "name": "test_user", "invocation": {"module_args": {"comment": null, "ssh_key_bits": 0, "update_password": "always", "non_unique": false, "force": false, "ssh_key_type": "rsa", "create_home": false, "password_lock": null, "ssh_key_passphrase": null, "uid": null, "home": null, "append": false, "skeleton": null, "ssh_key_comment": "ansible-generated on srv0206.example.net", "group": null, "system": false, "state": "present", "hidden": null, "local": true, "shell": null, "expires": null, "ssh_key_file": null, "groups": ["adm", "systemd-journal", "users", "wheel"], "move_home": false, "password": null, "seuser": null, "name": "test_user", "createhome": false, "remove": false, "login_class": null, "generate_ssh_key": null}}}\r\n', 'Shared connection to srv0206.example.net closed.\r\n')
<srv0206.example.net> ESTABLISH SSH CONNECTION FOR USER: root
<srv0206.example.net> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=root -o ConnectTimeout=10 -o ControlPath=/home/rdartigues/.ansible/cp/7de40a45ac srv0206.example.net '/bin/sh -c '"'"'rm -f -r /root/.ansible/tmp/ansible-tmp-1542189136.9-150634927138129/ > /dev/null 2>&1 && sleep 0'"'"''
<srv0206.example.net> (0, '', '')
fatal: [srv0206.example.net]: FAILED! => {
    "changed": false,
    "invocation": {
        "module_args": {
            "append": false,
            "comment": null,
            "create_home": false,
            "createhome": false,
            "expires": null,
            "force": false,
            "generate_ssh_key": null,
            "group": null,
            "groups": [
                "adm",
                "systemd-journal",
                "users",
                "wheel"
            ],
            "hidden": null,
            "home": null,
            "local": true,
            "login_class": null,
            "move_home": false,
            "name": "test_user",
            "non_unique": false,
            "password": null,
            "password_lock": null,
            "remove": false,
            "seuser": null,
            "shell": null,
            "skeleton": null,
            "ssh_key_bits": 0,
            "ssh_key_comment": "ansible-generated on srv0206.example.net",
            "ssh_key_file": null,
            "ssh_key_passphrase": null,
            "ssh_key_type": "rsa",
            "state": "present",
            "system": false,
            "uid": null,
            "update_password": "always"
        }
    },
    "msg": "Error parsing arguments: unknown option.\nUsage: lusermod [-imLU?] [-i|--interactive] [-c|--gecos STRING]\n        [-d|--directory STRING] [-m|--movedirectory] [-s|--shell STRING]\n        [-u|--uid NUM] [-g|--gid NUM] [-l|--login STRING]\n        [-P|--plainpassword STRING] [-p|--password STRING] [-L|--lock]\n        [-U|--unlock] [--commonname=STRING] [--givenname=STRING]\n        [--surname=STRING] [--roomnumber=STRING] [--telephonenumber=STRING]\n        [--homephone=STRING] [-?|--help] [--usage] [OPTION...] user\n",
    "name": "test_user",
    "rc": 1
}

PLAY RECAP ************************************************************************************************
srv0206.example.net    : ok=0    changed=0    unreachable=0    failed=1
@ansibot
Copy link
Contributor

ansibot commented Nov 15, 2018

Hi @romain-dartigues, thank you for submitting this issue!

click here for bot help

@ansibot
Copy link
Contributor

ansibot commented Nov 15, 2018

Files identified in the description:

If these files are inaccurate, please update the component name section of the description or use the !component bot command.

click here for bot help

@ansibot
Copy link
Contributor

ansibot commented Nov 15, 2018

cc @samdoran @sfromm
click here for bot help

@ansibot ansibot added affects_2.7 This issue/PR affects Ansible v2.7 bug This issue/PR relates to a bug. module This issue/PR relates to a module. needs_triage Needs a first human triage before being processed. support:core This issue/PR relates to code supported by the Ansible Engineering Team. labels Nov 15, 2018
@romain-dartigues
Copy link
Contributor Author

I would expect the module to gives the same results with and without local: true; but I would at the very least content myself with an error message telling me my combination is not supported by the module and a clear warning in the documentation.

To provide the same functionalities with local: true than without, the module should, after creating the user makes a lgroupmod --member-add={{ user }} {{ group }} for each additional groups requested.

@sivel sivel removed the needs_triage Needs a first human triage before being processed. label Nov 20, 2018
@vipulparashar
Copy link

Same issue - But with different error -

#49368

The full traceback is:
Traceback (most recent call last):
File "/Users/vipul.sharma/.ansible/tmp/ansible-tmp-1543581354.93-236985466746518/AnsiballZ_user.py", line 113, in
_ansiballz_main()
File "/Users/vipul.sharma/.ansible/tmp/ansible-tmp-1543581354.93-236985466746518/AnsiballZ_user.py", line 105, in _ansiballz_main
invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
File "/Users/vipul.sharma/.ansible/tmp/ansible-tmp-1543581354.93-236985466746518/AnsiballZ_user.py", line 48, in invoke_module
imp.load_module('main', mod, module, MOD_DESC)
File "/tmp/ansible_user_payload_5Pl_0V/main.py", line 2611, in
File "/tmp/ansible_user_payload_5Pl_0V/main.py", line 2568, in main
File "/tmp/ansible_user_payload_5Pl_0V/main.py", line 802, in user_info
File "/tmp/ansible_user_payload_5Pl_0V/main.py", line 797, in get_pwd_info
KeyError: 'getpwnam(): name not found: prometheus'

fatal: [3.121.234.237]: FAILED! => {
"changed": false,
"module_stderr": "Traceback (most recent call last):\n File "/Users/vipul.sharma/.ansible/tmp/ansible-tmp-1543581354.93-236985466746518/AnsiballZ_user.py", line 113, in \n _ansiballz_main()\n File "/Users/vipul.sharma/.ansible/tmp/ansible-tmp-1543581354.93-236985466746518/AnsiballZ_user.py", line 105, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File "/Users/vipul.sharma/.ansible/tmp/ansible-tmp-1543581354.93-236985466746518/AnsiballZ_user.py", line 48, in invoke_module\n imp.load_module('main', mod, module, MOD_DESC)\n File "/tmp/ansible_user_payload_5Pl_0V/main.py", line 2611, in \n File "/tmp/ansible_user_payload_5Pl_0V/main.py", line 2568, in main\n File "/tmp/ansible_user_payload_5Pl_0V/main.py", line 802, in user_info\n File "/tmp/ansible_user_payload_5Pl_0V/main.py", line 797, in get_pwd_info\nKeyError: 'getpwnam(): name not found: prometheus'\n",
"module_stdout": "",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 1
}

@ansibot ansibot added the system System category label Feb 17, 2019
@rdtechie
Copy link
Contributor

Got the same issue here. Looks like Ansible is using lusermod when local: true is specified. But this command doesn't support the -G parameter, hence the failure. The way to add a local user into a local group is to use lgroupmod -M <username> <group>. For now I have a workaround by using a shell command, but the user module should really support this.

@drawks
Copy link

drawks commented Apr 16, 2019
edited
Loading

@rdtechie's analysis is spot on, the luseradd command provided by libuser on every platform I've checked has no support for non-primary groups

@samdoran samdoran self-assigned this Apr 16, 2019
@samdoran samdoran added the verified This issue has been verified/reproduced by maintainer label Apr 16, 2019
@samdoran samdoran mentioned this issue Apr 16, 2019
Merged
@samdoran samdoran added the has_pr This issue has an associated PR. label Apr 16, 2019
@samdoran
Copy link
Contributor

Can you please test with #55401 and see if this fixes the issue? Thank you.

@bcoca
Copy link
Member

bcoca commented May 8, 2019

needs_info

@ansibot ansibot added the needs_info This issue requires further information. Please answer any outstanding questions. label May 8, 2019
@ansibot
Copy link
Contributor

ansibot commented Jun 9, 2019

@romain-dartigues This issue is waiting for your response. Please respond or the issue will be closed.

click here for bot help

@abadger abadger mentioned this issue Jun 29, 2019
Merged
@samdoran samdoran mentioned this issue Jul 19, 2019
Merged
@ansible ansible locked and limited conversation to collaborators Aug 5, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@bcoca bcoca

@samdoran samdoran

Labels
affects_2.7 This issue/PR affects Ansible v2.7 bug This issue/PR relates to a bug. has_pr This issue has an associated PR. module This issue/PR relates to a module. needs_info This issue requires further information. Please answer any outstanding questions. support:core This issue/PR relates to code supported by the Ansible Engineering Team. system System category verified This issue has been verified/reproduced by maintainer
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

User - Do not add incompatible flags in local mode samdoran/ansible
9 participants
@sivel @romain-dartigues @drawks @bcoca @samdoran @rdtechie @ansibot @vipulparashar and others