Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Pass sudo password with --ask-become-pass #429

Closed
ohmer1 opened this issue Nov 12, 2018 · 10 comments
Closed

Pass sudo password with --ask-become-pass #429

ohmer1 opened this issue Nov 12, 2018 · 10 comments

Comments

@ohmer1
Copy link

@ohmer1 ohmer1 commented Nov 12, 2018

Is there a way to pass sudo password with --ask-become-pass when using mitogen? I would like to avoid the adding of myuser ALL=(ALL:ALL) NOPASSWD:/usr/bin/python -c* in my sudoers configuration. If I don't, the playbook timeout because it waits after a password prompt. It works fine when using Ansible without mitogen.

@dw dw added the user-reported label Dec 10, 2018
@dw
Copy link
Member

@dw dw commented Jan 19, 2019

Thanks for reporting this, and apologies for the crazy delay replying. Mitogen should already support --ask-become-pass, so if you are seeing it hang at a prompt, that is a bug. Most likely sudo is producing some prompt that Mitogen does not recognize yet.

Would it be possible to include an excerpt from the failing run with '-vvv' enabled. The interesting lines look something like this:

[pid 19426] 08:04:05.106230 D mitogen.ctx.ssh.localhost: mitogen: hybrid_tty_create_child() pid=19599 stdio=18, tty=17, cmd: sudo -u root -H -- /usr/bin/python -c "import codecs,os,sys;_=codecs.decode;exec(_(_(\"eNqFkDFPwzAQhefmV2Q7W7Vauy0DkSyBOiAGhBQhOkCFktoBi9S2nLSm/HquKVKTMrDdp/fu3unlbCVdM/HGa0KTwGKPTJUiVC58EpolI5zVzs8IZ4Jzeuac9SmgKk68qV2jSd6H0IdVHyICBjYHjK+LFlO3qZQpqCJEYyEtrOpE/aU3u7Yoa93J010TpqWxU39oP5wF/HN0YRvLbnGvQ2Ocfcnm6y5W270JyHCb3z1zWMvh2smDWJOhwIY4BrI1rXvXNlPbeKNrZepMXF8tOAWa4I0YTKuJYPBw//TIOX+1gNkbp7BimizlGzmWrJzXFquFUAKdBF0oIhbzmaAMvo3HS5WXZ9+KQSzh2HvlfwOW3Xzq8sId/3P//VIMvvwBK0ur4Q==\".encode(),\"base64\"),\"zip\"))"
[pid 19426] 08:04:05.106417 D mitogen.ctx.ssh.localhost: mitogen: mitogen.sudo.Stream(u'local.19599').connect(): stdin=18, stdout=19, diag=17
[pid 19426] 08:04:05.110387 D mitogen.ctx.ssh.localhost: mitogen.sudo: mitogen.sudo.Stream(u'local.19599'): received '[sudo] password for dmw: '
[pid 19426] 08:04:05.110632 D mitogen.ctx.ssh.localhost: mitogen.sudo: mitogen.sudo.Stream(u'local.19599'): received '\n'
[pid 19426] 08:04:07.122505 D mitogen.ctx.ssh.localhost: mitogen.sudo: mitogen.sudo.Stream(u'local.19599'): received 'Sorry, try again.\n'
[pid 19426] 08:04:07.123098 D mitogen.ctx.ssh.localhost: mitogen.sudo: mitogen.sudo.Stream(u'local.19599'): received '[sudo] password for dmw: '
[pid 19426] 08:04:07.123537 D mitogen.ctx.ssh.localhost: mitogen: mitogen.sudo.Stream(u'local.19599').on_disconnect()

If you search for the last occurrence of "mitogen.sudo" in the log you should be able to find it.

@killua-eu
Copy link

@killua-eu killua-eu commented Jan 21, 2019

Hope this helps :)

TASK [mage-lxd : Ensure to have packaged lxd purged on localhost] ***********************************************************
task path: /home/killua/ansible/common/roles/mage-lxd/tasks/lxd-local.yml:9
[pid 31538] 18:58:49.835219 D mitogen: unix.connect(path='/tmp/mitogen_unix_RHAYjG')
[pid 31538] 18:58:49.836396 D mitogen: unix.connect(): local ID is 2033, remote is 0
[pid 31184] 18:58:49.875348 D mitogen: mitogen.parent.Stream(u'default').connect()
[pid 31184] 18:58:49.895409 D mitogen: create_child() child 31541 fd 62, parent 31184, cmd: /usr/bin/python2 -c "import codecs,os,sys;_=codecs.decode;exec(_(_(\"eNqFkEFLw0AQhc/Nr8htdunS7rZKNbCg9CAeRAhiDlokaTa6NN1dNknT+uudpkKTevA2H/Nm3uPFLJG2mjjtFKGBZ22PdBEiFNZvCI2CEc5542aEM8E5PXPM+uRxK068Lm2lSNwH34ekDy0CGlYHtC/TGl23oZQh5KlvtYEwNXm3VHu1buo0K1W3njaVn2baTN2h/rIGMOfoQjaW3eFO+Upb8xbNV52tMjvtkeE+fnjlsJLDs5MGsSTDBRviGMhW1/ZTmWijy7JJ7/auup1f82guxM0VBRrgo9brWhHB4Onx5Zlz/m4AA6xtjj3TYCk/yLHp3DplsF/wGdCJV2lOxGwhFpTBt3b4qXDyrEsYtBkcyy/cr8Gym0+FXqjb/9R/U4pByh92d61C\".encode(),\"base64\"),\"zip\"))"
[pid 31184] 18:58:49.896512 D mitogen: mitogen.parent.Stream(u'local.31541').connect(): child process stdin/stdout=62
[pid 31184] 18:58:49.925516 D mitogen: mitogen.parent.Stream(u'local.31541')._ec0_received()
[pid 31184] 18:58:49.943091 D mitogen: CallChain(Context(2034, u'local.31541')).call_async(): ansible_mitogen.target.init_child(candidate_temp_dirs=[u'~/.ansible/tmp', u'/var/tmp', u'/tmp'], log_level=10)
[pid 31184] 18:58:49.943546 D mitogen: _send_load_module(mitogen.parent.Stream(u'local.31541'), u'ansible.release')
[pid 31184] 18:58:49.944409 D mitogen: _send_load_module(mitogen.parent.Stream(u'local.31541'), u'ansible')
[pid 31184] 18:58:49.944715 D mitogen: _send_load_module(mitogen.parent.Stream(u'local.31541'), u'ansible.module_utils')
[pid 31184] 18:58:49.945016 D mitogen: _send_load_module(mitogen.parent.Stream(u'local.31541'), u'ansible.module_utils._text')
[pid 31184] 18:58:49.945236 D mitogen: _send_load_module(mitogen.parent.Stream(u'local.31541'), u'ansible.module_utils.common')
[pid 31184] 18:58:49.945448 D mitogen: _send_load_module(mitogen.parent.Stream(u'local.31541'), u'ansible.module_utils.common._collections_compat')
[pid 31184] 18:58:49.945665 D mitogen: _send_load_module(mitogen.parent.Stream(u'local.31541'), u'ansible.module_utils.common.file')
[pid 31184] 18:58:49.945872 D mitogen: _send_load_module(mitogen.parent.Stream(u'local.31541'), u'ansible.module_utils.common.process')
[pid 31184] 18:58:49.946075 D mitogen: _send_load_module(mitogen.parent.Stream(u'local.31541'), u'ansible.module_utils.parsing')
[pid 31184] 18:58:49.946271 D mitogen: _send_load_module(mitogen.parent.Stream(u'local.31541'), u'ansible.module_utils.parsing.convert_bool')
[pid 31184] 18:58:49.946473 D mitogen: _send_load_module(mitogen.parent.Stream(u'local.31541'), u'ansible.module_utils.pycompat24')
[pid 31184] 18:58:49.946675 D mitogen: _send_load_module(mitogen.parent.Stream(u'local.31541'), u'ansible.module_utils.six')
[pid 31184] 18:58:49.946896 D mitogen: _send_load_module(mitogen.parent.Stream(u'local.31541'), u'ansible.module_utils.basic')
[pid 31184] 18:58:49.947231 D mitogen: _send_load_module(mitogen.parent.Stream(u'local.31541'), u'ansible.module_utils.json_utils')
[pid 31184] 18:58:49.947742 D mitogen: _send_load_module(mitogen.parent.Stream(u'local.31541'), u'ansible_mitogen')
[pid 31184] 18:58:49.948002 D mitogen: _send_load_module(mitogen.parent.Stream(u'local.31541'), u'ansible_mitogen.target')
[pid 31184] 18:58:49.948246 D mitogen: _send_load_module(mitogen.parent.Stream(u'local.31541'), u'mitogen.compat')
[pid 31184] 18:58:49.948445 D mitogen: _send_load_module(mitogen.parent.Stream(u'local.31541'), u'mitogen.compat.functools')
[pid 31184] 18:58:49.948647 D mitogen: _send_load_module(mitogen.parent.Stream(u'local.31541'), u'mitogen.fork')
[pid 31184] 18:58:49.948852 D mitogen: _send_load_module(mitogen.parent.Stream(u'local.31541'), u'mitogen.parent')
[pid 31184] 18:58:49.949068 D mitogen: _send_load_module(mitogen.parent.Stream(u'local.31541'), u'mitogen.select')
[pid 31184] 18:58:49.949307 D mitogen: _send_load_module(mitogen.parent.Stream(u'local.31541'), u'mitogen.service')
[pid 31184] 18:58:49.949514 D mitogen: _send_load_module(mitogen.parent.Stream(u'local.31541'), u'ansible_mitogen.runner')
[pid 31184] 18:58:49.987645 D mitogen.ctx.local.31541: mitogen: Importer(): 'encodings.ascii' is submodule of a package we did not load
[pid 31184] 18:58:49.998106 D mitogen.ctx.local.31541: mitogen: Importer(): 'json.decoder' is submodule of a package we did not load
[pid 31184] 18:58:49.998474 D mitogen.ctx.local.31541: mitogen: Importer(): 'json.re' is submodule of a package we did not load
[pid 31184] 18:58:49.998811 D mitogen.ctx.local.31541: mitogen: Importer(): 'json.sys' is submodule of a package we did not load
[pid 31184] 18:58:49.999429 D mitogen.ctx.local.31541: mitogen: Importer(): 'json.struct' is submodule of a package we did not load
[pid 31184] 18:58:49.999689 D mitogen.ctx.local.31541: mitogen: Importer(): 'json.json' is submodule of a package we did not load
[pid 31184] 18:58:49.999887 D mitogen.ctx.local.31541: mitogen: Importer(): 'json.scanner' is submodule of a package we did not load
[pid 31184] 18:58:50.000106 D mitogen.ctx.local.31541: mitogen: Importer(): 'json._json' is submodule of a package we did not load
[pid 31184] 18:58:50.000286 D mitogen.ctx.local.31541: mitogen: Importer(): 'json.encoder' is submodule of a package we did not load
[pid 31184] 18:58:50.007861 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'mitogen.logging'
[pid 31184] 18:58:50.008140 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'mitogen.os'
[pid 31184] 18:58:50.009802 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'mitogen.random'
[pid 31184] 18:58:50.010844 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'mitogen.sys'
[pid 31184] 18:58:50.011573 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'mitogen.threading'
[pid 31184] 18:58:50.012401 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'mitogen.traceback'
[pid 31184] 18:58:50.013179 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'mitogen.mitogen'
[pid 31184] 18:58:50.021363 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'mitogen.codecs'
[pid 31184] 18:58:50.022010 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'mitogen.errno'
[pid 31184] 18:58:50.031495 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'mitogen.fcntl'
[pid 31184] 18:58:50.034467 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'mitogen.getpass'
[pid 31184] 18:58:50.041296 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'mitogen.inspect'
[pid 31184] 18:58:50.045456 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'mitogen.signal'
[pid 31184] 18:58:50.045711 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'mitogen.socket'
[pid 31184] 18:58:50.046094 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'mitogen.subprocess'
[pid 31184] 18:58:50.046281 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'mitogen.termios'
[pid 31184] 18:58:50.046420 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'mitogen.textwrap'
[pid 31184] 18:58:50.046551 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'mitogen.time'
[pid 31184] 18:58:50.046679 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'mitogen.zlib'
[pid 31184] 18:58:50.046801 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'mitogen.cStringIO'
[pid 31184] 18:58:50.046923 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'mitogen.functools'
[pid 31184] 18:58:50.048290 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'mitogen.compat.threading'
[pid 31184] 18:58:50.053929 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'mitogen.grp'
[pid 31184] 18:58:50.054134 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'mitogen.pprint'
[pid 31184] 18:58:50.055407 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'mitogen.pwd'
[pid 31184] 18:58:50.055634 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'mitogen.stat'
[pid 31184] 18:58:50.056684 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'ansible.module_utils.json'
[pid 31184] 18:58:50.067997 D mitogen.ctx.local.31541: mitogen: Importer(): 'ctypes.os' is submodule of a package we did not load
[pid 31184] 18:58:50.068981 D mitogen.ctx.local.31541: mitogen: Importer(): 'ctypes.sys' is submodule of a package we did not load
[pid 31184] 18:58:50.069196 D mitogen.ctx.local.31541: mitogen: Importer(): 'ctypes._ctypes' is submodule of a package we did not load
[pid 31184] 18:58:50.069346 D mitogen.ctx.local.31541: mitogen: Importer(): 'ctypes.struct' is submodule of a package we did not load
[pid 31184] 18:58:50.069485 D mitogen.ctx.local.31541: mitogen: Importer(): 'ctypes.ctypes' is submodule of a package we did not load
[pid 31184] 18:58:50.069639 D mitogen.ctx.local.31541: mitogen: Importer(): 'ctypes._endian' is submodule of a package we did not load
[pid 31184] 18:58:50.117006 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'ansible.module_utils.codecs'
[pid 31184] 18:58:50.117330 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'ansible.module_utils.ansible'
[pid 31184] 18:58:50.119516 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'ansible.module_utils.sys'
[pid 31184] 18:58:50.119823 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'ansible.module_utils.ast'
[pid 31184] 18:58:50.120298 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'ansible.module_utils.six.moves'
[pid 31184] 18:58:50.122626 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'ansible.module_utils.parsing.ansible'
[pid 31184] 18:58:50.130706 D mitogen.ctx.local.31541: ansible_mitogen.runner: EnvironmentFileWatcher(u'/home/killua/.pam_environment') installed; existing keys: []
[pid 31184] 18:58:50.132232 D mitogen.ctx.local.31541: ansible_mitogen.runner: EnvironmentFileWatcher(u'/etc/environment') installed; existing keys: [u'LANG']
[pid 31184] 18:58:50.133142 D mitogen.ctx.local.31541: mitogen: replaced Poller(0x7f1c84cc6e50) with EpollPoller(0x7f1c83224890) (new: 4 readers, 0 writers; old: 4 readers, 0 writers)
[pid 31184] 18:58:50.133461 D mitogen.ctx.local.31541: mitogen: Router(Broker(0x7f1c84cc6d10)).upgrade()
[pid 31184] 18:58:50.133843 D mitogen: IdAllocator(Router(Broker(0x7f3dc1184c90))): allocating [2035..3035)
[pid 31184] 18:58:50.134170 D mitogen: IdAllocator(Router(Broker(0x7f3dc1184c90))): allocating [2035..3035) to Context(2034, u'local.31541')
[pid 31184] 18:58:50.142877 D mitogen.ctx.local.31541: mitogen: mitogen.fork.Stream(u'default').connect()
[pid 31184] 18:58:50.143368 D mitogen.ctx.local.31541: mitogen: mitogen.fork.Stream(u'fork.31550').connect(): child process stdin/stdout=16
[pid 31184] 18:58:50.143720 D mitogen: Adding route to 2035 via mitogen.parent.Stream(u'local.31541')
[pid 31184] 18:58:50.143922 D mitogen: Router(Broker(0x7f3dc1184c90)).add_route(2035, mitogen.parent.Stream(u'local.31541'))
[pid 31184] 18:58:50.144446 D mitogen.ctx.local.31541: ansible_mitogen.target: Selected temp directory: u'/home/killua/.ansible/tmp' (from [u'/home/killua/.ansible/tmp', u'/var/tmp', u'/tmp', '/tmp', '/var/tmp', '/usr/tmp', '/home/killua/ansible/prod'])
[pid 31184] 18:58:50.145305 D mitogen.ctx.fork.31550: mitogen: register(Context(2034, 'parent'), mitogen.core.Stream('parent'))
[pid 31184] 18:58:50.145857 D mitogen.ctx.fork.31550: mitogen: Connected to Context(2034, 'parent'); my ID is 2035, PID is 31550
[pid 31184] 18:58:50.146297 D mitogen.ctx.fork.31550: mitogen: Recovered sys.executable: '/usr/bin/python2'
[pid 31184] 18:58:50.149883 D mitogen: CallChain(Context(2034, u'local.31541')).call_async(): mitogen.parent._proxy_connect(method_name=u'sudo', name=None, kwargs=Kwargs({u'username': u'root', u'profiling': False, u'sudo_path': None, u'python_path': [u'/usr/bin/python2'], 'unidirectional': True, u'debug': False, u'password': None, u'sudo_args': [u'-H', u'-S', u'-n'], u'connect_timeout': 10}))
[pid 31184] 18:58:50.151137 D mitogen: ModuleResponder(Router(Broker(0x7f3dc1184c90)))._on_get_module('mitogen.sudo')
[pid 31184] 18:58:50.151513 D mitogen: _send_load_module(mitogen.parent.Stream(u'local.31541'), u'mitogen.sudo')
[pid 31184] 18:58:50.154746 D mitogen.ctx.local.31541: mitogen: Importer(): master doesn't know 'mitogen.optparse'
[pid 31184] 18:58:50.170190 D mitogen.ctx.local.31541: mitogen: mitogen.sudo.Stream(u'default').connect()
[pid 31184] 18:58:50.191660 D mitogen.ctx.local.31541: mitogen: Importer(): 'encodings.base64_codec' is submodule of a package we did not load
[pid 31184] 18:58:50.198958 D mitogen.ctx.local.31541: mitogen: Importer(): 'encodings.base64' is submodule of a package we did not load
[pid 31184] 18:58:50.200646 D mitogen.ctx.local.31541: mitogen.sudo: sudo command line: ['sudo', '-u', u'root', '-H', u'/usr/bin/python2', '-c', u'import codecs,os,sys;_=codecs.decode;exec(_(_("eNqFkEFLw0AQhc/Nr8htdunS7jYWaWBB6UE8iBDEHrRI0mx0abq7bJKm9dc7TYUm9eBtPubNvMdL2EraauK0U4QGnrU90kWIUFi/JTQORjjnjZsRzgTn9MIJ65PHrTjzprSVIkkffB9WfWgR0LA6on2Z1ui6C6UMIU99qw2Eqcm7pTqoTVOnWam69bSp/DTTZuqO9Zc1gDlHV7Kx7A73ylfamrc4Wne2yuy1R4b75OGVw1oOz84axJIMF2yIYyA7XdtPZeKtLssmvTu4ahHNeRyJ+Y2gQAN81HpdKyIYPD2+PHPO3w1ggI3NsWcaLOUHOTWdW6cM9gs+AzrxKs2JmN1GC8rgWzv8VDh50a0YtBmcyi/cr8Gym8+FXqnb/9R/U4pByh92NK1D".encode(),"base64"),"zip"))']
[pid 31184] 18:58:50.209921 D mitogen.ctx.local.31541: mitogen: hybrid_tty_create_child() pid=31552 stdio=18, tty=17, cmd: sudo -u root -H /usr/bin/python2 -c "import codecs,os,sys;_=codecs.decode;exec(_(_(\"eNqFkEFLw0AQhc/Nr8htdunS7jYWaWBB6UE8iBDEHrRI0mx0abq7bJKm9dc7TYUm9eBtPubNvMdL2EraauK0U4QGnrU90kWIUFi/JTQORjjnjZsRzgTn9MIJ65PHrTjzprSVIkkffB9WfWgR0LA6on2Z1ui6C6UMIU99qw2Eqcm7pTqoTVOnWam69bSp/DTTZuqO9Zc1gDlHV7Kx7A73ylfamrc4Wne2yuy1R4b75OGVw1oOz84axJIMF2yIYyA7XdtPZeKtLssmvTu4ahHNeRyJ+Y2gQAN81HpdKyIYPD2+PHPO3w1ggI3NsWcaLOUHOTWdW6cM9gs+AzrxKs2JmN1GC8rgWzv8VDh50a0YtBmcyi/cr8Gym8+FXqnb/9R/U4pByh92NK1D\".encode(),\"base64\"),\"zip\"))"
[pid 31184] 18:58:50.213049 D mitogen.ctx.local.31541: mitogen: mitogen.sudo.Stream(u'local.31552').connect(): child process stdin/stdout=18
[pid 31184] 18:58:50.221723 D mitogen.ctx.local.31541: mitogen.sudo: mitogen.sudo.Stream(u'local.31552'): received '[sudo] password for killua: '
[pid 31184] 18:58:50.222477 D mitogen.ctx.local.31541: mitogen: mitogen.sudo.Stream(u'local.31552'): child process still alive, sending SIGTERM
[pid 31538] 18:58:50.225198 D mitogen: mitogen.core.Stream(u'unix_listener.31184').on_disconnect()
[pid 31184] 18:58:50.225767 D mitogen: mitogen.core.Stream(u'unix_client.31538').on_disconnect()
[pid 31538] 18:58:50.225757 D mitogen: Waker(Broker(0x7f3dc07c5f90) rfd=10, wfd=12).on_disconnect()
fatal: [kai02]: FAILED! => {
    "msg": "error occurred on host xps9350: sudo password is required"
}
	to retry, use: --limit @/home/killua/.ansible/retry-files/prod_kai02.retry

The failing task is here: https://github.com/vaizard/mage-lxd/blob/master/tasks/lxd-local.yml#L9 ... role is run with -b -K switches.

@dw
Copy link
Member

@dw dw commented Jan 22, 2019

Hey @killua-eu, would it be possible for you to confirm this problem still exists as of current master? It sounds like this is fixed literally today/last night, but I'm not 100%

On master there is also a new "mitogen_get_stack" action module available automatically, it gives you a dump of the parameters the extension thinks the user provided. If it is still broken, and the password is missing from there, it's another bug in the extension.

Thanks again for your help diagnosing this!

@dw dw added bug ansible labels Jan 22, 2019
@ohmer1
Copy link
Author

@ohmer1 ohmer1 commented Jan 22, 2019

Hi,

Still doesn't work from master:

[pid 28244] 10:14:45.880364 D mitogen.ctx.ssh.server.example.com: mitogen.sudo: mitogen.sudo.Stream(u'local.28915'): received '[sudo] Mot de passe de (myuser)\xc2\xa0: '
[pid 28244] 10:14:55.860413 D mitogen.ctx.ssh.server.example.com: mitogen: mitogen.sudo.Stream(u'local.28915').on_disconnect()
[pid 28244] 10:14:55.860749 D mitogen.ctx.ssh.server.example.com: mitogen: mitogen.parent.DiagLogStream(fd=17, u'local.28915').on_disconnect()
[pid 28244] 10:14:55.861181 D mitogen.ctx.ssh.server.example.com: mitogen: mitogen.sudo.Stream(u'local.28915'): child process still alive, sending SIGTERM

My server is using french locale, maybe this is why you don't detect the prompt?

@ohmer1
Copy link
Author

@ohmer1 ohmer1 commented Jan 22, 2019

$ ANSIBLE_STRATEGY=mitogen_linear ansible -m mitogen_get_stack -b -k server.example.com
SSH password: 
SUDO password[defaults to SSH password]: 
server.example.com | CHANGED => {
    "changed": true, 
    "result": [
        {
            "kwargs": {
                "check_host_keys": "enforce", 
                "connect_timeout": 10, 
                "hostname": "server.example.com", 
                "identities_only": false, 
                "identity_file": null, 
                "password": "***********", 
                "port": null, 
                "python_path": null, 
                "ssh_args": [
                    "-C", 
                    "-o", 
                    "ControlMaster=auto", 
                    "-o", 
                    "ControlPersist=60s", 
                    "-o", 
                    "ForwardAgent=yes"
                ], 
                "ssh_debug_level": null, 
                "ssh_path": "ssh", 
                "username": null
            }, 
            "method": "ssh"
        }, 
        {
            "enable_lru": true, 
            "kwargs": {
                "connect_timeout": 10, 
                "password": "***********", 
                "python_path": null, 
                "sudo_args": [
                    "-H", 
                    "-S", 
                    "-n", 
                    "-H", 
                    "-S", 
                    "-n", 
                    "-E"
                ], 
                "sudo_path": null, 
                "username": "root"
            }, 
            "method": "sudo"
        }
    ]
}

Password have been manually replaced with "******"

@dw
Copy link
Member

@dw dw commented Jan 22, 2019

This helps a lot! Yes, there is not support for i18n strings yet, but it is a simple fix.

Thanks, this should be a relatively easy job now.

@killua-eu
Copy link

@killua-eu killua-eu commented Jan 22, 2019

Hey @dw , my issue is resolved with current master 🎆.

While testing this, I noticed one more thing which might probably go into a new issue, nonetheless its somewhat related, so I'll paste it here. While testing master, for some reason the ssh agent didn't unlock my ssh key file. Using mitogen, the emitted error is not very helpful

TASK [Gathering Facts] ******************************************************************************************************
fatal: [kai02]: UNREACHABLE! => {"changed": false, "msg": "SSH authentication is incorrect", "unreachable": true}

vanilla ansible does this in the same situation:

TASK [Gathering Facts] ******************************************************************************************************
Enter passphrase for key '/home/killua/.ssh/id_ed25519': 
fatal: [kai02]: FAILED! => {"msg": "Timeout (12s) waiting for privilege escalation prompt: "}

Users unfamiliar with the slightly different behaviour of mitogen might need a bit of time to figure the essence of the problem.

@dw
Copy link
Member

@dw dw commented Jan 22, 2019

I think that's a variant of https://github.com/dw/mitogen/issues/335 -- we must handle both ssh-agent prompt and SSH-internal prompt. It might be the same code, or almost the same code, unsure.

It hasn't been done basically because nobody has complained loudly about it :) I'll push it up the list.

@killua-eu
Copy link

@killua-eu killua-eu commented Jan 22, 2019

Well, it's not a big one, but it's something that forces you to think according the lines of "if something doesn't work, first try disabling mitogen". There have been less and less situations like this for me recently, so actually thanks lots for taking care, you really make ansible way more usable :) As my experiences with mitogen go sofar, the resolved sudo problems and the #335 would make the library feel production ready to me 🎉

@dw
Copy link
Member

@dw dw commented Jan 29, 2019

@killua-eu your points are very valid. The trouble with something with so many knobs Ansible and one pair of hands is that it takes time :)

I'll bump the interactive password/host keys prompt up the list, otherwise i18n sudo prompt support is on master now, and #494 is opened to track i18nification of the other connection methods

Thanks for reporting this!

@dw dw closed this Jan 29, 2019
dw added a commit that referenced this issue Jan 29, 2019
dw added a commit that referenced this issue Jan 29, 2019
dw added a commit that referenced this issue Jan 29, 2019
dw added a commit that referenced this issue Jan 29, 2019
* commit 'fe74577':
  Use develop mode in tox
  issue #429: fix sudo regression.
  misc: rename to scripts. tab completion!!
  core: Latch._wake improvements
  issue #498: prevent crash on double 'disconnect' signal.
  issue #413: don't double-propagate DEL_ROUTE to parent.
  issue #498: wrap Router dict mutations in a lock
  issue #429: enable en_US locale to unbreak debops test.
  issue #499: fix another mind-numbingly stupid vanilla inconsistency
  issue #497: do our best to cope with crap upstream code
  ssh: fix test to match updated log format.
  issue #429: update Changelog.
  issue #429: update Changelog.
  issue #429: teach sudo about every know i18n password string.
  issue #429: install i18n-related bits in test images.
  ssh: tidy up logs and stream names.
  tests: ensure file is closed in connection_test.
  gcloud: small updates
  tests: give ansible/gcloud/ its own requirements file.
dw added a commit that referenced this issue Feb 10, 2019
* origin/master: (661 commits)
  Bump version for release.
  docs: update Changelog; closes #481
  issue #481: core: preserve stderr TTY FD if one is present.
  issue #481: avoid crash if disconnect occurs during forward_modules()
  Add a few more important modules to preamble_size.py.
  .ci: add verbiage for run_batches() too.
  .ci: add README.md.
  docs: update thanks
  docs: lose "approaching stability" language, we're pretty good now
  docs: fix changelog syntax/order/"20KB"
  tests: add new compression parameter to mitogen_get_stack results
  tests: disable affinity_test on Travis :/
  issue #508: fix responder stats test due to new smaller parent.py.
  issue #508: tests: skip minify_test Py2.4/2.5 for profiler.py.
  tests: fix fallout from 36fb318
  issue #520: add AIX auth failure string to su.
  tests: move affinity_test to Ansible tests.
  core: cProfile is not available in 2.4.
  issue #505: docs: add new detail graph for one scenario.
  docs: update and re-record profile graphs in docs; closes #505
  service: fix PushFileService exception
  tests: pad out localhost-*
  service: start pool shutdown on broker shutdown.
  master: .encode() needed for Py3.
  ansible: stash PID files in CWD if requested for debugging.
  issue #508: master: minify_safe_re must be bytes for Py3.
  bench: tidy up and cpu-pin some more files.
  tests: add localhost-x100
  ansible: double the default pool size.
  ansible: raise error with correct exception type.
  issue #508: master: minify all Mitogen/ansible_mitogen sources.
  parent: PartialZlib docstrings.
  ansible: hacky parser to alow bools to be specified on command line
  parent: pre-cache bootstrap if possible.
  docs: update Changelog.
  ansible: add mitogen_ssh_compression variable.
  service: PushFileService never recorded a file as sent.
  parent: synchronize get_core_source()
  service: use correct profile aggregation name.
  SyntaxError.
  ansible: don't pin controller if <4 cores.
  tests: make soak testing work reliably on vanilla.
  docs: changelog tidyups.
  ansible: document and make affinity stuff portable to non-Linux
  ansible: fix affinity.py test failure on 2 cores.
  ansible: preheat PluginLoader caches before fork.
  tests: make mitogen_shutdown_all be run_once by default.
  docs: update Changelog.
  ansible: use Poller for WorkerProcess; closes #491.
  ansible: new multiplexer/workers configuration
  docs: update Changelog.
  docs: update Changelog.
  ansible: pin connection multiplexer to a single core
  utils: pad out reset_affinity() and integrate with detach_popen()
  utils: import reset_affinity() function.
  master: set Router.profiling if MITOGEN_PROFILING variable present.
  parent: don't kill children when profiling is active.
  ansible: hook strategy and worker processes into profiler
  profiler: import from linear2 branch
  core: tidy up existing profiling code and support MITOGEN_PROFILE_FMT
  issue #260: redundant if statement.
  ansible: ensure MuxProcess MITOGEN_PROFILING results reach disk.
  ansible/bench: make end= configurable.
  master: cache sent/forwarded module names
  Aggregate code coverage data across tox all runs
  Allow independant control of coverage erase and reporting
  Fix incorrect attempt to use coverage
  docs: update Changelog; closes #527.
  issue #527: catch new-style module tracebacks like vanilla.
  Fix DeprecationWarning in mitogen.utils.run_with_router()
  Generate coverage report even if some tests fail
  ci: fix incorrect partition/rpartition from 8a4caea
  issue #260: hide force-disconnect messages.
  issue #498: fix shutdown crash
  issue #260: avoid start_transmit()/on_transmit()/stop_transmit()
  core: ensure broker profiling output reaches disk
  master: keep is_stdlib_path() result as negative cache entry
  ci: Allow DISTROS="debian*32" variable, and KEEP=1
  Use develop mode in tox
  issue #429: fix sudo regression.
  misc: rename to scripts. tab completion!!
  core: Latch._wake improvements
  issue #498: prevent crash on double 'disconnect' signal.
  issue #413: don't double-propagate DEL_ROUTE to parent.
  issue #498: wrap Router dict mutations in a lock
  issue #429: enable en_US locale to unbreak debops test.
  issue #499: fix another mind-numbingly stupid vanilla inconsistency
  issue #497: do our best to cope with crap upstream code
  ssh: fix test to match updated log format.
  issue #429: update Changelog.
  issue #429: update Changelog.
  issue #429: teach sudo about every know i18n password string.
  issue #429: install i18n-related bits in test images.
  ssh: tidy up logs and stream names.
  tests: ensure file is closed in connection_test.
  gcloud: small updates
  tests: give ansible/gcloud/ its own requirements file.
  issue #499: another totally moronic implementation difference
  issue #499: disable new test on vanilla.
  docs: update Changelog; closes #499.
  ...
dw added a commit that referenced this issue Feb 10, 2019
* origin/v024: (662 commits)
  docs: update Changelog release date.
  Bump version for release.
  docs: update Changelog; closes #481
  issue #481: core: preserve stderr TTY FD if one is present.
  issue #481: avoid crash if disconnect occurs during forward_modules()
  Add a few more important modules to preamble_size.py.
  .ci: add verbiage for run_batches() too.
  .ci: add README.md.
  docs: update thanks
  docs: lose "approaching stability" language, we're pretty good now
  docs: fix changelog syntax/order/"20KB"
  tests: add new compression parameter to mitogen_get_stack results
  tests: disable affinity_test on Travis :/
  issue #508: fix responder stats test due to new smaller parent.py.
  issue #508: tests: skip minify_test Py2.4/2.5 for profiler.py.
  tests: fix fallout from 36fb318
  issue #520: add AIX auth failure string to su.
  tests: move affinity_test to Ansible tests.
  core: cProfile is not available in 2.4.
  issue #505: docs: add new detail graph for one scenario.
  docs: update and re-record profile graphs in docs; closes #505
  service: fix PushFileService exception
  tests: pad out localhost-*
  service: start pool shutdown on broker shutdown.
  master: .encode() needed for Py3.
  ansible: stash PID files in CWD if requested for debugging.
  issue #508: master: minify_safe_re must be bytes for Py3.
  bench: tidy up and cpu-pin some more files.
  tests: add localhost-x100
  ansible: double the default pool size.
  ansible: raise error with correct exception type.
  issue #508: master: minify all Mitogen/ansible_mitogen sources.
  parent: PartialZlib docstrings.
  ansible: hacky parser to alow bools to be specified on command line
  parent: pre-cache bootstrap if possible.
  docs: update Changelog.
  ansible: add mitogen_ssh_compression variable.
  service: PushFileService never recorded a file as sent.
  parent: synchronize get_core_source()
  service: use correct profile aggregation name.
  SyntaxError.
  ansible: don't pin controller if <4 cores.
  tests: make soak testing work reliably on vanilla.
  docs: changelog tidyups.
  ansible: document and make affinity stuff portable to non-Linux
  ansible: fix affinity.py test failure on 2 cores.
  ansible: preheat PluginLoader caches before fork.
  tests: make mitogen_shutdown_all be run_once by default.
  docs: update Changelog.
  ansible: use Poller for WorkerProcess; closes #491.
  ansible: new multiplexer/workers configuration
  docs: update Changelog.
  docs: update Changelog.
  ansible: pin connection multiplexer to a single core
  utils: pad out reset_affinity() and integrate with detach_popen()
  utils: import reset_affinity() function.
  master: set Router.profiling if MITOGEN_PROFILING variable present.
  parent: don't kill children when profiling is active.
  ansible: hook strategy and worker processes into profiler
  profiler: import from linear2 branch
  core: tidy up existing profiling code and support MITOGEN_PROFILE_FMT
  issue #260: redundant if statement.
  ansible: ensure MuxProcess MITOGEN_PROFILING results reach disk.
  ansible/bench: make end= configurable.
  master: cache sent/forwarded module names
  Aggregate code coverage data across tox all runs
  Allow independant control of coverage erase and reporting
  Fix incorrect attempt to use coverage
  docs: update Changelog; closes #527.
  issue #527: catch new-style module tracebacks like vanilla.
  Fix DeprecationWarning in mitogen.utils.run_with_router()
  Generate coverage report even if some tests fail
  ci: fix incorrect partition/rpartition from 8a4caea
  issue #260: hide force-disconnect messages.
  issue #498: fix shutdown crash
  issue #260: avoid start_transmit()/on_transmit()/stop_transmit()
  core: ensure broker profiling output reaches disk
  master: keep is_stdlib_path() result as negative cache entry
  ci: Allow DISTROS="debian*32" variable, and KEEP=1
  Use develop mode in tox
  issue #429: fix sudo regression.
  misc: rename to scripts. tab completion!!
  core: Latch._wake improvements
  issue #498: prevent crash on double 'disconnect' signal.
  issue #413: don't double-propagate DEL_ROUTE to parent.
  issue #498: wrap Router dict mutations in a lock
  issue #429: enable en_US locale to unbreak debops test.
  issue #499: fix another mind-numbingly stupid vanilla inconsistency
  issue #497: do our best to cope with crap upstream code
  ssh: fix test to match updated log format.
  issue #429: update Changelog.
  issue #429: update Changelog.
  issue #429: teach sudo about every know i18n password string.
  issue #429: install i18n-related bits in test images.
  ssh: tidy up logs and stream names.
  tests: ensure file is closed in connection_test.
  gcloud: small updates
  tests: give ansible/gcloud/ its own requirements file.
  issue #499: another totally moronic implementation difference
  issue #499: disable new test on vanilla.
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
3 participants