8d9b53b445
Merge pull request #4733 from sivel/4323-sudo-pass
...
Add ansible_sudo_pass hostvar support. Fixes #4323
2013-11-05 15:01:19 -08:00
c1ed47933b
Fixes #4485 add an ipv6 parameter to accelerate so that the daemon will bind to an ipv6 port instead of ipv4
2013-11-04 17:20:03 -05:00
ea2ec6237a
Add ansible_sudo_pass hostvar support
2013-10-30 13:18:35 -05:00
b9dd514713
Minor fix for putting 0-length files over accelerated connections
...
Fixes #4652
2013-10-23 13:09:25 -07:00
65178290e7
Merge branch 'devel' of git://github.com/nextus/ansible into devel
...
Conflicts:
lib/ansible/constants.py
2013-10-07 08:39:23 -04:00
d21714a37f
Fix for network byte order issues in accelerate
2013-10-02 15:37:15 -05:00
fa80a17aa3
Make recv_data less greedy so it doesn't eat other packets
2013-10-01 16:50:32 -05:00
12f6957596
Cleaning up some vvvv log messages in accelerate
2013-10-01 15:34:58 -05:00
8c17711247
Removing accelerate_timeout as a playbook option
...
This will remain in ansible.cfg only.
2013-10-01 15:33:18 -05:00
d317103371
Added in an accelerate connection timeout setting
2013-10-01 15:28:59 -05:00
59a5ce23d9
Adding an accelerate_timeout parameter for plays
...
This setting makes the timeout for each play configurable, rather than
hard-coding it at 300 seconds (now the default if left unspecified)
Fixes #4162
2013-10-01 15:26:50 -05:00
f9c87868ac
Added keepalive packets to accelerate mode
...
Commands will now be started up in a separate task from the main
handler thread, so that it can be monitored for completeness while
sending a keepalive packet back to the controller to avoid a socket
receive timeout.
2013-10-01 15:19:21 -05:00
52a42bf607
Add more verbose debugging options for accelerate
2013-09-30 14:08:07 -05:00
478c400817
Minor pep8 cleanup in the new jail connection plugin
2013-09-25 14:48:30 -05:00
0e0595bdb2
Merge branch 'jail' of https://github.com/mscherer/ansible into mscherer-jail
2013-09-25 14:47:24 -05:00
70a9a797fa
Fix for accelerate when ansible_ssh_user is specified
2013-09-25 19:24:54 +05:30
ca96d74572
#4227 in upstream repo
2013-09-25 16:15:49 +04:00
c840cbaad9
Merge branch 'fork_fixes' of https://github.com/akerl/ansible into akerl-fork_fixes
2013-09-19 10:37:45 -05:00
d5b96abd80
Added support for -vvvv to enable ssh connection debugging
...
This patch also checks specifically for a return code of 255, which
indicates an unknown SSH error of some kind. When that happens, ansible
will now recommend running with -vvvv (if not enabled) or show the
output from 'ssh -vvv' (when it is enabled)
2013-09-19 05:58:54 -05:00
5b1b831cc7
Make ssh's ControlPath configurable via ansible.cfg
...
This shouldn't generally be needed unless you're working in an environment
that uses rediculously long FQDNs; if the name is too long, you wind up
hitting unix domain socket filepath limits enforced by ssh.
2013-09-18 15:07:07 -04:00
98bf473cb2
fixes for PTY handling
2013-09-16 17:44:32 -04:00
3848e02959
Merge branch 'issue4022' of https://github.com/sfromm/ansible into sfromm-issue4022
...
Conflicts:
lib/ansible/runner/connection_plugins/accelerate.py
2013-09-16 05:50:35 -05:00
f4b3defcbf
Set sudo in accelerate commands correctly
...
Fixes #4111
2013-09-15 20:20:22 -05:00
5e1828a524
add jail module, based on lxc and chroot connexion plugin
2013-09-15 17:26:48 +02:00
2a47f72139
Merge pull request #4049 from mscherer/fix_no_kerberos
...
Fix no kerberos
2013-09-06 07:10:10 -07:00
f489702973
Also add back gssapi-keyex
...
While this is not currently implemented in openssh as far as I know,
there is patch floating around on the web and this may land one day
upstream.
2013-09-06 10:40:34 +02:00
17c39b94a3
support GSSAPIAuth back
...
GSSAPIAuthentication has not been supported
due to PreferredAuthentications trick ( 2bdba17a85
2013-09-06 10:40:25 +02:00
20b0dc4abd
Check for an empty executable passed into the accelerate plugin
...
This was breaking at least the script module, so it would seem best
to check for it and set it to the default executable value
2013-09-05 15:11:26 -05:00
f6e1bdabea
Ensure ports are set correctly in accelerate module
2013-09-05 09:52:10 -05:00
64db327411
Fix: raise correct error in accelerate mode
2013-09-05 15:10:45 +09:00
d704b55860
Support using paramiko to set up accelerate connection
...
Adds original_transport attribute to Runner to track what the original
transport was before it is changed to 'accelerate'.
If using paramiko in original_transport, uses ParamikoConnection. If
not, falls back to SSHConnection like before.
2013-09-04 13:57:03 -07:00
fff497a1ae
Make sure the accelerated port is set to a sane value
2013-09-04 15:52:39 -05:00
cc21e5c90c
Adding hostvars to injected variables in accelerate ssh runner
...
Also some minor cleanup of some fb* variables and functions, which
were remnants of the old fireball2 name
Fixes #4021
2013-09-04 15:29:46 -05:00
c0fecf87d1
Increase default socket timeout to 5 minutes
2013-09-04 09:47:40 -05:00
2696135b3b
Display error during launch of accelerated daemon
...
* also minor tweak to the # of retries in the connection attempt
Fixes #4012
2013-09-03 12:28:32 -05:00
53c2f4c1bb
Fix race condition on creating the temp directory for ControlPersist
...
Fixes #3943
2013-09-03 11:00:33 -05:00
d69d5c294f
Renaming fireball2 as 'accelerate' and removing old references
2013-08-30 13:26:27 -05:00
7d3ae9fc75
Fixing a few bugs related to fireball2
...
* ssh port not being picked up, always uses default of 22
* forgot to 'import time' in the fireball2 connection plugin
2013-08-28 19:27:18 -05:00
af1dd7075f
Adding chunked file transfers to fireball2
2013-08-28 11:14:58 -05:00
959138d00d
Added accelerate_port to plays, and made it configurable
2013-08-28 11:14:58 -05:00
167f185092
Initial support for running gather_facts through fireball2
2013-08-28 11:14:58 -05:00
b45342923c
Initial support for sudoable commands over fireball2
...
Caveats:
* requiretty must be disabled in the sudoers config
* asking for a password doesn't work yet, so any sudoers users must
be configured with NOPASSWD
* if not starting the daemon as root, the user running the daemon
must have sudoers entries to allow them to run the command as the
target sudo_user
2013-08-28 11:14:58 -05:00
4b552457e7
Bail out correctly if socket.recv gets nothing (indicating a closed socket)
2013-08-28 11:14:58 -05:00
86f01965cd
Fireball2 module will now launch in a proper tmp path
2013-08-28 11:14:58 -05:00
521e14a3ad
Fireball2 mode working!
2013-08-28 11:14:58 -05:00
acc5d09351
Initial commit for the "fireball2" connection plugin
...
Still needs:
* chunked file transfer/receive
* should probably move all send/recv operations to separate
functions to reduce code duplication
* initial connection setup over ssh? or do we handle that in runner?
2013-08-28 11:14:58 -05:00
e6ad3b7792
Merge pull request #3895 from mscherer/fix_option_new_ssh
...
make sure ssh do not ask password
2013-08-22 10:26:54 -07:00
6bf5d19506
SSH connection plugin creates ControlPersist socket files in a secure directory
...
Files were being created in /tmp, but will now be created in $HOME/.ansible/cp/
Addresses CVE-2013-4259: ansible uses a socket with predictable filename in /tmp
2013-08-21 11:40:46 -05:00
2bdba17a85
make sure ssh do not ask password
...
For some reason, ssh seems to ask for password even when
PasswordAuthentication is set to no, adding PreferredAuthentications
with the 2 options removed do the trick.
2013-08-20 22:02:37 +02:00
3aac187387
fix ssh connection plugin to work with ipv6 address
...
Due to various inconsistencies of ssh and sftp regarding ipv6 and
ipv4 handling, some special arguments must be passed, and the
ipv6 must be passed in a specific format.
2013-08-19 15:27:20 -05:00
jctanner
Matt Martz
James Cammarata
Michael DeHaan
bennojoy
nextus
Brian Harring
Les Aker
Michael Scherer
Keiichi Mori
guersam
Stephen Fromm