Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

eos_user fails when setting privilege on new user #31680

Closed
dathelen opened this issue Oct 13, 2017 · 2 comments · Fixed by #32162
Closed

eos_user fails when setting privilege on new user #31680

dathelen opened this issue Oct 13, 2017 · 2 comments · Fixed by #32162
Labels
affects_2.4 This issue/PR affects Ansible v2.4 bug This issue/PR relates to a bug. module This issue/PR relates to a module. networking Network category support:network This issue/PR relates to code supported by the Ansible Network Team.

Comments

@dathelen
Copy link
Contributor

ISSUE TYPE
  • Bug Report
COMPONENT NAME

eos_user

ANSIBLE VERSION
ansible 2.4.0.0
  config file = None
  configured module search path = [u'/Users/dt/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python2.7/site-packages/ansible
  executable location = /usr/local/bin/ansible
  python version = 2.7.11 (default, Nov 13 2016, 20:35:45) [GCC 4.2.1 Compatible Apple LLVM 7.3.0 (clang-703.0.31)]
23:14:19 [dt:~/eosplus/cloud-deployment/ansible] develop(+6/-6)+* ±
CONFIGURATION
OS / ENVIRONMENT
SUMMARY

When creating a user with the eos_user module passing a value for the privilege attribute causes the play to fail if the user doesn't already exist

STEPS TO REPRODUCE
---
- hosts: mn100
  connection: local
  gather_facts: false

  tasks:
    - name: new user
      eos_user:
        provider: "{{ provider }}"
        name: will_fail
        state: present
        configured_password: test
        update_password: on_create
        privilege: 15
EXPECTED RESULTS

The expectation here is that the user will be created with a password and privilege level

ACTUAL RESULTS

We see the following error message:

on eapi

fatal: [mn100]: FAILED! => {
    "changed": false,
    "code": 1000,
    "failed": true,
    "invocation": {
        "module_args": {
            "aggregate": null,
            "auth_pass": null,
            "authorize": false,
            "configured_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
            "host": "mn100",
            "name": "will_fail",
            "nopassword": null,
            "password": "",
            "port": 443,
            "privilege": 15,
            "provider": {
                "auth_pass": null,
                "authorize": false,
                "host": "mn100",
                "password": "",
                "port": 443,
  1 ---
                "ssh_keyfile": null,
                "timeout": 10,
                "transport": "eapi",
                "use_ssl": true,
                "username": "admin",
                "validate_certs": false
            },
            "purge": false,
            "role": null,
            "ssh_keyfile": null,
            "sshkey": null,
            "state": "present",
            "timeout": 10,
            "transport": "cli",
            "update_password": "on_create",
            "url_password": "",
            "url_username": "admin",
            "use_ssl": true,
            "username": "admin",
            "validate_certs": false
        }
    },
    "msg": "CLI command 3 of 4 'username will_fail privilege 15' failed: could not run command"

on cli

fatal: [mn100]: FAILED! => {
    "changed": false,
    "commands": [
        "username will_fail privilege 15",
        "username will_fail secret ********"
    ],
    "failed": true,
    "invocation": {
        "module_args": {
            "aggregate": null,
            "auth_pass": null,
            "authorize": null,
            "configured_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
            "host": "mn100",
            "name": "will_fail",
            "nopassword": null,
            "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
            "port": null,
            "privilege": 15,
            "provider": {
                "auth_pass": null,
                "authorize": null,
                "host": "mn100",
                "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
                "port": null,
                "ssh_keyfile": null,
                "timeout": null,
                "transport": "cli",
                "use_ssl": null,
                "username": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
                "validate_certs": false
            },
            "purge": false,
            "role": null,
            "ssh_keyfile": null,
            "sshkey": null,
            "state": "present",
            "timeout": null,
            "transport": "cli",
            "update_password": "on_create",
            "use_ssl": true,
            "username": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
            "validate_certs": true
        }
    },
    "msg": "username will_fail privilege 15\r\n% Invalid input\r\nmn100...23:21:19#"

You can see in the cli version that the commands are coming in the wrong order. The privilege needs to be set after the user is created.
@ansibot
Copy link
Contributor

ansibot commented Oct 13, 2017

cc @privateip @trishnaguha
click here for bot help

@ansibot ansibot added affects_2.4 This issue/PR affects Ansible v2.4 bug_report module This issue/PR relates to a module. needs_triage Needs a first human triage before being processed. networking Network category support:network This issue/PR relates to code supported by the Ansible Network Team. labels Oct 13, 2017
@s-hertel s-hertel removed the needs_triage Needs a first human triage before being processed. label Oct 13, 2017
@trishnaguha
Copy link
Member

trishnaguha commented Oct 18, 2017
edited

resolved_by_pr #32162

@dathelen dathelen mentioned this issue Oct 26, 2017
Merged
trishnaguha pushed a commit that referenced this issue Oct 26, 2017
@dathelen @trishnaguha
eos_user: sends user secret first on user creation fixes #31680 (#32162)
602a618 
* fix command order

* add integration test

* test cleanup

* remove redudant commands
abadger pushed a commit that referenced this issue Oct 26, 2017
@dathelen @abadger
eos_user: sends user secret first on user creation fixes #31680 (#32162)
2340c7a 
* fix command order

* add integration test

* test cleanup

* remove redudant commands

(cherry picked from commit 602a618)
@ansibot ansibot added bug This issue/PR relates to a bug. and removed bug_report labels Mar 7, 2018
@ansible ansible locked and limited conversation to collaborators Apr 26, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
affects_2.4 This issue/PR affects Ansible v2.4 bug This issue/PR relates to a bug. module This issue/PR relates to a module. networking Network category support:network This issue/PR relates to code supported by the Ansible Network Team.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

eos_user: sends user secret first on user creation fixes #31680
4 participants
@dathelen @ansibot @trishnaguha @s-hertel