-
Notifications
You must be signed in to change notification settings - Fork 23.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
delegate_to with remote_user on ansible 2.0 #13323
Comments
Closing This TicketHi! We believe the above commit should resolve this problem for you. This will also be included in the next major release. If you continue seeing any problems related to this issue, or if you have any further questions, please let us know by stopping by one of the two mailing lists, as appropriate:
Because this project is very active, we're unlikely to see comments made on closed tickets, but the mailing list is a great way to ask questions, or post if you don't think this particular issue is resolved. Thank you! |
@jimi-c Your commit does not fix this issue for me. |
@pujan14 odd, your example playbook in the same setup worked for me, as well as for another user testing it in IRC. Any other details you can provide? |
if the user is set at inventory level for the delegated host, that should override remote_user |
@bcoca I do not have delegated host in inventory file but it does go on that host. To connect to that host it uses my user account and not remote_user. I am installing ansible with "sudo pip install git+https://github.com/ansible/ansible" and that gets me current devel. |
I can still reproduce this with devel from today morning (2nd Dec). Can we please reopen this? |
@jimi-c I think I have found another detail that might help. If the delegate_to host is not in inventory it always uses my user but if I add that host in inventory and specify ansible_ssh_user there, it works but that means I can not specify remote_user at playbook level. |
Hrm, I didn't think that the delegated_to host would use the remote_user set at the task level, but I believe we can fix that easily. |
@pujan14 / @mgedmin I think this patch should fix this, if you'd like to test it out: https://gist.github.com/jimi-c/a25682ba838e09f1f56c |
I've done pretty extensive testing on this, using root/non-root local users and having remote_user set at the task and play levels, as well as via the ansible.cfg, and all scenarios work as expected. Based on that, I'm going to go ahead and merge that fix in now, and if either of you have any further problems let us know. |
Merged into both devel and stable-2.0. |
Confirming that the fix works for me. (Thank you for the speedy fix!) |
@jimi-c I feel bad about this but this still does not resolve issue for me. Did you test it with playbook I attached here? on ansible 1.9.4 it gives me root but on ansible devel as of now it gives me my username. ´´´
Also testvm2 is not part of inventory file, In case that changes anything. |
@pujan14 yes, I tested it with both root and non-root local users, and with remote_user set at various places in the playbook. Here's an example run when [jamesc@jimi testing]$ cat 13323.yml --- - hosts: awxlocal gather_facts: no become: yes tasks: - shell: whoami; hostname register: whoami delegate_to: ubuntu1404 remote_user: testing become: false - debug: msg="{{ whoami.stdout }}" [jamesc@jimi testing]$ ansible-playbook -vvv 13323.yml Using /etc/ansible/ansible.cfg as config file 1 plays in 13323.yml PLAY *************************************************************************** TASK [command] ***************************************************************** task path: /home/jamesc/testing/13323.yml:7 <192.168.122.113> ESTABLISH SSH CONNECTION FOR USER: testing <192.168.122.113> SSH: EXEC ssh -C -q -o ControlMaster=auto -o ControlPersist=60s -o ControlPath=/tmp/ansible-ssh-%h-%p-%r -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=testing -o ConnectTimeout=10 192.168.122.113 LANG=en_US.utf8 LC_ALL=en_US.utf8 LC_MESSAGES=en_US.utf8 /usr/bin/python changed: [awxlocal -> None] => {"changed": true, "cmd": "whoami; hostname", "delta": "0:00:00.002009", "end": "2015-12-04 13:02:39.307393", "invocation": {"module_args": {"_raw_params": "whoami; hostname", "_uses_shell": true}, "module_name": "command"}, "rc": 0, "start": "2015-12-04 13:02:39.305384", "stderr": "", "stdout": "testing\nubuntu1404", "stdout_lines": ["testing", "ubuntu1404"], "warnings": []} TASK [debug msg={{ whoami.stdout }}] ******************************************* task path: /home/jamesc/testing/13323.yml:13 ok: [awxlocal] => { "changed": false, "invocation": { "module_args": { "msg": "testing\nubuntu1404" }, "module_name": "debug" }, "msg": "testing\nubuntu1404" } PLAY RECAP ********************************************************************* awxlocal : ok=2 changed=1 unreachable=0 failed=0 My local user is jamesc, but you can see the remote user from whoami is coming back as |
Even today it did not resolve for me. I will test this today from other control machine. Looking at output, it looks like with my playbook ansible does not specify User=abc for ssh connection. I wonder why. Anyway if this bug is not reproducible, I'll use a work around and just specify this things at inventory level. Thanks for stinking with this 👍 |
So for the record, I am also hitting a similar problem, or a variation of. I have a server called karona.example.org, with a login 'misc', the same as the local control laptop. If I use this:
and I run it with:
, it should fail (since the remote _user is wrong). However, it do connect using my local login ('misc') and thus succeed. If I use:
it fail as expected (since it try to connect using mscherer, rather than misc). So the code likely change the remote_user only if the host is in the inventory, and do nothing if it isn't, hence the differing result we see. |
@jimi-c I am facing this problem again. |
@pujan14 could you please create a new issue for this? It most likely has a different root cause. |
I added issue #15259 which resembles pujan14's case. |
This is happening to me with Ansible 2.0.2.0. If |
We are seeing the same issue as @btobolaski |
Same problem here: Whenever i try to run a playbook and the task arrive to one that i have the argument delegate_to, using -vvvv i can see that on this task ansible choose to try to log with user None, meanwhile the other task where executed as another user. I think why you some of you could reproduce the bug. so, when host wich is a group made for example like this: The tasks fails, because use the user None to do the task. |
For anyone still running into this, a possible (though a bit hacky) workaround is to explicitly set the user in the
|
Issue Type: Bug Report (2.0 regression)
Ansible Version: 2.0.0 (devel)
Ansible Configuration: default
Environment: Ubuntu 14.04
Summary:
delegate_to does not use user specified with remote_user.
Steps To Reproduce:
Following playbook works correctly on 1.9.4 with output root and on devel it outputs normal user.
Expected Results:
Actual Results:
The text was updated successfully, but these errors were encountered: