Addresses multiple issues when using su on freebsd including
* su prompt differs between platforms, so turned that check into a
regex comparison instead of a simple string comparison
* not using '-c' after su causes problems, so added that for all
platforms
* fixed quoting issues due to multiple uses of '-c' introduced by
the above fix
Fixes#7503Fixes#7507
If someone add ssh_args = " " to his .ansible.cfg, it will result into
strange failure later :
<server.example.org> ESTABLISH CONNECTION FOR USER: misc
<server.example.org> REMOTE_MODULE ping
<server.example.org> EXEC ['ssh', '-C', '-tt', '-q', ' ', '-o', 'KbdInteractiveAuthentication=no',
'-o', 'PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey', '-o', 'PasswordAuthentication=no',
'-o', 'ConnectTimeout=10', 'server.example.org', "/bin/sh -c 'mkdir -p /tmp/ansible-tmp-1397947711.21-5932460998838
&& chmod a+rx /tmp/ansible-tmp-1397947711.21-5932460998838 && echo /tmp/ansible-tmp-1397947711.21-5932460998838'"]
server.example.org | FAILED => SSH encountered an unknown error during the connection. We recommend you re-run the
command using -vvvv, which will enable SSH debugging output to help diagnose the issue
The root cause is the empty string between -q and -o, who kinda break mkdir.
Enable the use of executable commands that use command line options with
the localhost command runner. These commands require parsing out the
base executable from the command string to pass to subprocess.
Any other module is able to detect a dark host, but raw was treating 255
as a return code from the module execution, rather from the connection
attempt. This change allows 255 to be treated as a connection failure
when using the raw module.
* Added capability to support multiple keys, so clients from different
machines can connect to a single daemon instance
* Any activity on the daemon will cause the timeout to extend, so that the
daemon must be idle for the full number of minutes before it will auto-
shutdown
* Various other small fixes to remove some redundancy
Fixes#5171
Add support for checking host against global known host files.
The effect of this is that before this fix if files are spread across the known_hosts file but not in the ~/known_hosts file the hosts will execute sequentially. This PR augments the functionality so that all of the knowns hosts will execute in parallel.
We break the read while loop after waiting "the end of the process" and
the pipes are empty, otherwise we do another select that waits all the
timeout.
In particular, do not rely on the $USER environment variable always existing.
tmux for example seems to clear it, causing lots of invalid messages:
"previous known host file not found"
This broke in commit 80fd22dc, but instead of reverting that commit, we now
fall back to expanding just ~ when $USER is not set.
Resolves issue #5082
Code as it was would hit a scenario where one of the FDs was not ready for
reading the first time through -- but p.poll() would show the process as
complete. This would cause ansible to continue on, while leaving some content
left in a pipe.
The other scenario -- the one that causes the unclosed quote, is if we go
through select.select() and we do get stdout in the ready for reading -- we
read from it (9000 bytes), but that's not all that is there. Again we'd get to
the p.poll() check and it would be indeed not none, but we would have left some
of stdout on the FD and thus the json blob would be malformed.
Tested with and without full ssh debugging.
Tested with and without ControlPersist
Tested with and without ControlPersist sockets already created
This bit of code is attempting to access accelerate_inventory_host,
which may not have been set/created. This will cause a traceback.
Instead use getattr with a fallback to False.
This plugin permit to use func to run playbook and ansible command instead
of ssh. It can be used for a smooth transition from func/taboot to ansible by
letting people use ansible without having to change their network architecture.
Commands will now be started up in a separate task from the main
handler thread, so that it can be monitored for completeness while
sending a keepalive packet back to the controller to avoid a socket
receive timeout.
This patch also checks specifically for a return code of 255, which
indicates an unknown SSH error of some kind. When that happens, ansible
will now recommend running with -vvvv (if not enabled) or show the
output from 'ssh -vvv' (when it is enabled)
This shouldn't generally be needed unless you're working in an environment
that uses rediculously long FQDNs; if the name is too long, you wind up
hitting unix domain socket filepath limits enforced by ssh.
Adds original_transport attribute to Runner to track what the original
transport was before it is changed to 'accelerate'.
If using paramiko in original_transport, uses ParamikoConnection. If
not, falls back to SSHConnection like before.
Chris Church
Eri Bastos
James Cammarata
Marco Re
Michael Scherer
Aaron Iles
jctanner
BoscoMW
Till Maas
Jesse Keating
Matt Martz
Cristian Ciupitu
brdo
Richard Isaacson
Michael DeHaan
Iordan Iordanov
James Cammarata
Luca Berruti
Heikki Hokkanen
Paul Durivage
jeromew
Michael DeHaan
Matt Haggard
Serge van Ginderachter
bennojoy
nextus
Brian Harring
Les Aker
Keiichi Mori
guersam
Stephen Fromm