Ansible v2.6 become recursion issue #520

diioc · 2019-02-08T13:50:21Z

Hello. I guess i found a bag using a privilege escalation in an ansible playbook. I reduced the playbook to describe a behavior.

- hosts: db2
  remote_user: tester
  become: yes
  gather_facts: no
  ignore_errors: yes
  tasks:

    - command: "whoami"
      become_user: "db2inst1"
      become_method: "su"
      become_flags: "-"
      vars:
        ansible_become_pass: "********"

    - command: "cat /.ssh/authorized_keys"

When I play it I get an error in task "command: "whoami""
error occurred on host DB2TST_N1.vdatacenter.it.ru: EOF on stream; last 300 bytes received: u'3004-501 Cannot su to "db2inst1" : Authentication is denied.\n'
The second task completes normally.
Logs from target:
TASK aix_db2.txt

Ok, I solve the problem replacing "become: yes" to task

- hosts: db2
  remote_user: tester
  gather_facts: no
  ignore_errors: yes
  tasks:

    - command: "whoami"
      become_user: "db2inst1"
      become_method: "su"
      become_flags: "-"
      vars:
        ansible_become_pass: "********"

    - command: "cat /.ssh/authorized_keys"
       become: yes

In this way all works fine. But in real project I have many huge playbooks which 99% consist of task needs "become: yes". And only 1% tasks needs constructions like this
become_user: "db2inst1" become_method: "su" become_flags: "-"

I use mitogen-0.2.3
Host OS: Drwin; Target OS: AIX
Host Python 2.7.15; target Python 2.7.10

# ~/devops/git-devservice/ops/roles/aix_db2/tests/qa/qa1   develop ?  ansible-playbook -i inventory mit_test.yml --limit DB2TST_N1.vdatacenter.it.ru -vvv             ✔  5779  16:38:13
ansible-playbook 2.6.1
  config file = /Users/diioc/devops/git-devservice/ops/roles/aix_db2/tests/qa/qa1/ansible.cfg
  configured module search path = [u'/Users/diioc/devops/git-devservice/ops/library']
  ansible python module location = /usr/local/lib/python2.7/site-packages/ansible
  executable location = /usr/local/bin/ansible-playbook
  python version = 2.7.15 (default, Jun 17 2018, 12:46:58) [GCC 4.2.1 Compatible Apple LLVM 9.1.0 (clang-902.0.39.2)]
Using /Users/diioc/devops/git-devservice/ops/roles/aix_db2/tests/qa/qa1/ansible.cfg as config file
Parsed /Users/diioc/devops/git-devservice/ops/roles/aix_db2/tests/qa/qa1/inventory inventory source with ini plugin

PLAYBOOK: mit_test.yml *********************************************************************************************************************************************************************************************
1 plays in mit_test.yml

PLAY [db2] *********************************************************************************************************************************************************************************************************
[pid 29367] 16:38:18.794005 D mitogen: mitogen.service.Pool(0x1084c5490, size=16, th='MainThread'): initialized
[pid 29367] 16:38:18.796613 D ansible_mitogen.process: Service pool configured: size=16
META: ran handlers

TASK [command] *****************************************************************************************************************************************************************************************************
task path: /Users/diioc/devops/git-devservice/ops/roles/aix_db2/tests/qa/qa1/mit_test.yml:9
[pid 29368] 16:38:18.844937 D mitogen: unix.connect(path='/var/folders/pf/rc9rjb7x2_1d3r_73cq5l0w80000gn/T/mitogen_unix_WfFA6J')
[pid 29368] 16:38:18.847419 D mitogen: unix.connect(): local ID is 1, remote is 0
[pid 29367] 16:38:18.847457 D mitogen: register(Context(1, None), mitogen.core.Stream(u'unix_client.29368'))
[pid 29368] 16:38:18.848690 D mitogen: register(Context(0, None), mitogen.core.Stream(u'unix_listener.29367'))
[pid 29368] 16:38:18.850418 D mitogen: Context(0, None).call_service_async(u'ansible_mitogen.services.ContextService', u'get', {'stack': [{u'method': u'ssh', u'kwargs': {u'username': u'asolynin', u'check_host_keys': u'enforce', u'ssh_debug_level': None, u'hostname': u'172.28.111.28', u'identities_only': False, u'identity_file': None, u'connect_timeout': 10, u'python_path': [u'/usr/bin/python'], u'ssh_path': u'ssh', u'password': None, u'port': None, u'ssh_args': [u'-C', u'-o', u'ControlMaster=auto', u'-o', u'ControlPersist=60s']}}, {u'enable_lru': True, u'method': u'su', u'kwargs': {u'username': u'db2inst1', u'su_path': None, u'password': [secret], u'python_path': [u'/usr/bin/python'], u'connect_timeout': 10}}]})
[pid 29368] 16:38:18.851606 D mitogen: Context(0, None).send_async(Message(0, 1, 1, 110, 1000, "\x80\x02X'\x00\x00\x00ansible_mitogen.services.ContextServiceq\x01X\x03"..746))
[pid 29367] 16:38:18.855333 D mitogen: mitogen.ssh.Stream(u'default').connect()
[pid 29367] 16:38:19.004049 D mitogen: create_child() child 29369 fd 95, parent 29367, cmd: ssh -o "LogLevel ERROR" -l asolynin -o "Compression yes" -o "ServerAliveInterval 15" -o "ServerAliveCountMax 3" -o "BatchMode yes" -o "StrictHostKeyChecking yes" -C -o ControlMaster=auto -o ControlPersist=60s 172.28.111.28 /usr/bin/python -c "'import codecs,os,sys;_=codecs.decode;exec(_(_(\"eNqFkVFLwzAUhZ/XX9G3JCxuyQYOCwFlD+KDCEXcwxySNqkGsySk3er89d51wtr54Nv9uOfmHE5yuhK+ngQTNCZJpG2PTJUCVD5+YpIlI5jVLswwo5wxcuac9inClp+4tL7WOO9D7MOqDy0AGNYHsLeyAddtKkSKlIytcSiVTnVL/aXLXSMLq7v1dFfHaWHcNByaD+8Q5BxdyMaiO9zrWBvv1tl809lqtzcRGN3l9y8MbcTw7KQBtHi4oEMcI7w1jX/XLlPG+PJW1t4enHFXZivLifWltNnsZn69IIgk8GYbTaMxp+jx4fmJMfbqEGQpvYLKSbIUb/hYuvJBO6gaxQKRSdRSYT5bcE4o+jYBXqqCOOtWFLUFOv5DFX4Nlt186vZC3f6n/puSD1L+AEzCsg0=\".encode(),\"base64\"),\"zip\"))'"
[pid 29367] 16:38:19.007041 D mitogen: mitogen.ssh.Stream(u'local.29369').connect(): child process stdin/stdout=95
[pid 29367] 16:38:19.247990 D mitogen: mitogen.ssh.Stream(u'local.29369'): received 'MITO000\n'
[pid 29367] 16:38:19.249087 D mitogen: mitogen.ssh.Stream(u'local.29369')._ec0_received()
[pid 29367] 16:38:19.447197 D mitogen: register(Context(2, u'ssh.172.28.111.28'), mitogen.ssh.Stream(u'ssh.172.28.111.28'))
[pid 29367] 16:38:19.449319 D mitogen: CallChain(Context(2, u'ssh.172.28.111.28')).call_async(): ansible_mitogen.target.init_child(candidate_temp_dirs=[u'/tmp/.ansible-${USER}/tmp', u'/var/tmp', u'/tmp'], log_level=10)
[pid 29367] 16:38:19.450753 D mitogen: Context(2, u'ssh.172.28.111.28').send_async(Message(2, 0, 0, 101, 1000, '\x80\x02(NX\x16\x00\x00\x00ansible_mitogen.targetNX\n\x00\x00\x00init_child)cm'..185))
[pid 29367] 16:38:19.456890 D mitogen: _build_tuple('/usr/local/lib/python2.7/site-packages/ansible/__init__.py', u'ansible') -> [u'cli', u'compat', u'config', u'constants', u'errors', u'executor', u'galaxy', u'inventory', u'module_utils', u'modules', u'parsing', u'playbook', u'plugins', u'release', u'template', u'utils', u'vars']
[pid 29367] 16:38:19.459068 D mitogen: _send_load_module(mitogen.ssh.Stream(u'ssh.172.28.111.28'), u'ansible.release')
[pid 29367] 16:38:19.460177 D mitogen: _send_load_module(mitogen.ssh.Stream(u'ssh.172.28.111.28'), u'ansible')
[pid 29367] 16:38:19.465459 D mitogen: _build_tuple('/usr/local/lib/python2.7/site-packages/ansible/module_utils/__init__.py', u'ansible.module_utils') -> [u'_text', u'acme', u'ansible_release', u'ansible_tower', u'api', u'aws', u'azure_rm_common', u'azure_rm_common_rest', u'basic', u'cloud', u'cloudscale', u'cloudstack', u'common', u'connection', u'crypto', u'database', u'digital_ocean', u'dimensiondata', u'docker_common', u'ec2', u'exoscale', u'f5_utils', u'facts', u'firewalld', u'gcdns', u'gce', u'gcp', u'gcp_utils', u'gitlab', u'heroku', u'infinibox', u'influxdb', u'ipa', u'ismount', u'json_utils', u'k8s', u'keycloak', u'known_hosts', u'ldap', u'lxd', u'manageiq', u'memset', u'mysql', u'net_tools', u'netapp', u'network', u'oneandone', u'oneview', u'opennebula', u'openstack', u'ovirt', u'parsing', u'postgres', u'powershell', u'pure', u'pycompat24', u'rax', u'redhat', u'remote_management', u'scaleway', u'service', u'six', u'splitter', u'univention_umc', u'urls', u'vca', u'vmware', u'vmware_rest_client', u'vultr']
[pid 29367] 16:38:19.466867 D mitogen: _send_load_module(mitogen.ssh.Stream(u'ssh.172.28.111.28'), u'ansible.module_utils')
[pid 29367] 16:38:19.524352 D mitogen: _send_load_module(mitogen.ssh.Stream(u'ssh.172.28.111.28'), u'ansible.module_utils._text')
[pid 29367] 16:38:19.525836 D mitogen: _send_load_module(mitogen.ssh.Stream(u'ssh.172.28.111.28'), u'ansible.module_utils.parsing')
[pid 29367] 16:38:19.526782 D mitogen: _build_tuple('/usr/local/lib/python2.7/site-packages/ansible/module_utils/parsing/__init__.py', u'ansible.module_utils.parsing') -> [u'convert_bool']
[pid 29367] 16:38:19.527643 D mitogen: _send_load_module(mitogen.ssh.Stream(u'ssh.172.28.111.28'), u'ansible.module_utils.parsing.convert_bool')
[pid 29367] 16:38:19.528585 D mitogen: _send_load_module(mitogen.ssh.Stream(u'ssh.172.28.111.28'), u'ansible.module_utils.pycompat24')
[pid 29367] 16:38:19.529559 D mitogen: _send_load_module(mitogen.ssh.Stream(u'ssh.172.28.111.28'), u'ansible.module_utils.six')
[pid 29367] 16:38:19.530485 D mitogen: _build_tuple('/usr/local/lib/python2.7/site-packages/ansible/module_utils/six/__init__.py', u'ansible.module_utils.six') -> []
[pid 29367] 16:38:19.533452 D mitogen: _send_load_module(mitogen.ssh.Stream(u'ssh.172.28.111.28'), u'ansible.module_utils.basic')
[pid 29367] 16:38:19.535676 D mitogen: _send_load_module(mitogen.ssh.Stream(u'ssh.172.28.111.28'), u'ansible.module_utils.json_utils')
[pid 29367] 16:38:19.538005 D mitogen: _build_tuple('/Users/diioc/devops/git-devservice/ops/strategy_plugins/mitogen-0.2.3/ansible_mitogen/__init__.py', u'ansible_mitogen') -> [u'connection', u'loaders', u'logging', u'mixins', u'module_finder', u'parsing', u'planner', u'plugins', u'process', u'runner', u'services', u'strategy', u'target']
[pid 29367] 16:38:19.538893 D mitogen: _send_load_module(mitogen.ssh.Stream(u'ssh.172.28.111.28'), u'ansible_mitogen')
[pid 29367] 16:38:19.592717 D mitogen: _send_load_module(mitogen.ssh.Stream(u'ssh.172.28.111.28'), u'ansible_mitogen.target')
[pid 29367] 16:38:19.595642 D mitogen: _send_load_module(mitogen.ssh.Stream(u'ssh.172.28.111.28'), u'mitogen.compat')
[pid 29367] 16:38:19.596792 D mitogen: _build_tuple('/Users/diioc/devops/git-devservice/ops/strategy_plugins/mitogen-0.2.3/mitogen/compat/__init__.py', u'mitogen.compat') -> [u'functools', u'pkgutil', u'tokenize']
[pid 29367] 16:38:19.597749 D mitogen: _send_load_module(mitogen.ssh.Stream(u'ssh.172.28.111.28'), u'mitogen.compat.functools')
[pid 29367] 16:38:19.599592 D mitogen: _send_load_module(mitogen.ssh.Stream(u'ssh.172.28.111.28'), u'mitogen.fork')
[pid 29367] 16:38:19.601038 D mitogen: _send_load_module(mitogen.ssh.Stream(u'ssh.172.28.111.28'), u'mitogen.parent')
[pid 29367] 16:38:19.610954 D mitogen: _send_load_module(mitogen.ssh.Stream(u'ssh.172.28.111.28'), u'mitogen.select')
[pid 29367] 16:38:19.612031 D mitogen: _send_load_module(mitogen.ssh.Stream(u'ssh.172.28.111.28'), u'mitogen.service')
[pid 29367] 16:38:19.616250 D mitogen: _send_load_module(mitogen.ssh.Stream(u'ssh.172.28.111.28'), u'ansible_mitogen.runner')
[pid 29367] 16:38:19.618429 D mitogen: _build_tuple('/Users/diioc/devops/git-devservice/ops/strategy_plugins/mitogen-0.2.3/mitogen/__init__.py', u'mitogen') -> [u'compat', u'core', u'debug', u'doas', u'docker', u'fakessh', u'fork', u'jail', u'kubectl', u'lxc', u'lxd', u'master', u'minify', u'parent', u'select', u'service', u'setns', u'ssh', u'su', u'sudo', u'unix', u'utils']
[pid 29367] 16:38:19.690422 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): 'encodings.utf_8' is submodule of a package we did not load
[pid 29367] 16:38:19.691384 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): 'encodings.ascii' is submodule of a package we did not load
[pid 29367] 16:38:19.692121 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): 'json.decoder' is submodule of a package we did not load
[pid 29367] 16:38:19.692906 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): 'json.re' is submodule of a package we did not load
[pid 29367] 16:38:19.693813 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): 'json.sys' is submodule of a package we did not load
[pid 29367] 16:38:19.694599 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): 'json.struct' is submodule of a package we did not load
[pid 29367] 16:38:19.695386 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): 'json.json' is submodule of a package we did not load
[pid 29367] 16:38:19.696171 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): 'json.scanner' is submodule of a package we did not load
[pid 29367] 16:38:19.696933 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): 'json._json' is submodule of a package we did not load
[pid 29367] 16:38:19.697693 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): 'encodings.hex_codec' is submodule of a package we did not load
[pid 29367] 16:38:19.698453 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): 'encodings.binascii' is submodule of a package we did not load
[pid 29367] 16:38:19.699283 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): 'json.encoder' is submodule of a package we did not load
[pid 29367] 16:38:19.787327 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'mitogen.logging'
[pid 29367] 16:38:19.788288 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'mitogen.os'
[pid 29367] 16:38:19.789100 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'mitogen.random'
[pid 29367] 16:38:19.789902 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'mitogen.sys'
[pid 29367] 16:38:19.790668 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'mitogen.threading'
[pid 29367] 16:38:19.791438 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'mitogen.traceback'
[pid 29367] 16:38:19.792200 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'mitogen.mitogen'
[pid 29367] 16:38:19.792992 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'mitogen.codecs'
[pid 29367] 16:38:19.793759 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'mitogen.errno'
[pid 29367] 16:38:19.794529 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'mitogen.fcntl'
[pid 29367] 16:38:19.795313 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'mitogen.getpass'
[pid 29367] 16:38:19.798748 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'mitogen.inspect'
[pid 29367] 16:38:19.860266 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'mitogen.signal'
[pid 29367] 16:38:19.861169 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'mitogen.socket'
[pid 29367] 16:38:19.861883 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'mitogen.subprocess'
[pid 29367] 16:38:19.862712 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'mitogen.termios'
[pid 29367] 16:38:19.863480 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'mitogen.textwrap'
[pid 29367] 16:38:19.867165 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'mitogen.time'
[pid 29367] 16:38:19.867917 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'mitogen.zlib'
[pid 29367] 16:38:19.868690 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'mitogen.cStringIO'
[pid 29367] 16:38:19.869461 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'mitogen.functools'
[pid 29367] 16:38:19.917656 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'mitogen.compat.threading'
[pid 29367] 16:38:19.918571 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'mitogen.grp'
[pid 29367] 16:38:19.919347 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'mitogen.pprint'
[pid 29367] 16:38:19.920207 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'mitogen.pwd'
[pid 29367] 16:38:19.921189 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'mitogen.stat'
[pid 29367] 16:38:19.928178 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.json'
[pid 29367] 16:38:19.969274 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): 'ctypes.os' is submodule of a package we did not load
[pid 29367] 16:38:19.970161 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): 'ctypes.sys' is submodule of a package we did not load
[pid 29367] 16:38:19.970925 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): 'ctypes._ctypes' is submodule of a package we did not load
[pid 29367] 16:38:19.971689 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): 'ctypes.struct' is submodule of a package we did not load
[pid 29367] 16:38:19.972451 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): 'ctypes.ctypes' is submodule of a package we did not load
[pid 29367] 16:38:19.973229 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): 'ctypes._endian' is submodule of a package we did not load
[pid 29367] 16:38:20.110301 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.atexit'
[pid 29367] 16:38:20.111213 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.locale'
[pid 29367] 16:38:20.111977 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.os'
[pid 29367] 16:38:20.112685 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.re'
[pid 29367] 16:38:20.113430 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.shlex'
[pid 29367] 16:38:20.114195 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.subprocess'
[pid 29367] 16:38:20.117765 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.sys'
[pid 29367] 16:38:20.118752 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.types'
[pid 29367] 16:38:20.119578 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.time'
[pid 29367] 16:38:20.120350 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.select'
[pid 29367] 16:38:20.121115 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.shutil'
[pid 29367] 16:38:20.157602 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.stat'
[pid 29367] 16:38:20.158572 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.tempfile'
[pid 29367] 16:38:20.159376 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.traceback'
[pid 29367] 16:38:20.160142 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.grp'
[pid 29367] 16:38:20.160937 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.pwd'
[pid 29367] 16:38:20.161697 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.platform'
[pid 29367] 16:38:20.162455 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.errno'
[pid 29367] 16:38:20.163212 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.datetime'
[pid 29367] 16:38:20.164005 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.collections'
[pid 29367] 16:38:20.164767 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.itertools'
[pid 29367] 16:38:20.165523 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.syslog'
[pid 29367] 16:38:20.166279 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.systemd'
[pid 29367] 16:38:20.167034 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.selinux'
[pid 29367] 16:38:20.167911 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.hashlib'
[pid 29367] 16:38:20.168701 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.ansible'
[pid 29367] 16:38:20.169494 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.ast'
[pid 29367] 16:38:20.209678 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.six.moves'
[pid 29367] 16:38:20.210585 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.codecs'
[pid 29367] 16:38:20.219152 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): master doesn't know 'ansible.module_utils.parsing.ansible'
[pid 29367] 16:38:20.230421 D mitogen.ctx.ssh.172.28.111.28: ansible_mitogen.runner: EnvironmentFileWatcher(u'/home/asolynin/.pam_environment') installed; existing keys: []
[pid 29367] 16:38:20.231176 D mitogen.ctx.ssh.172.28.111.28: ansible_mitogen.runner: EnvironmentFileWatcher(u'/etc/environment') installed; existing keys: [u'PATH', u'TZ', u'LANG', u'LOCPATH', u'NLSPATH', u'LC__FASTMSG', u'ODMDIR', u'CLCMD_PASSTHRU', u'CLUSTER_OVERRIDE']
[pid 29367] 16:38:20.231903 D mitogen.ctx.ssh.172.28.111.28: mitogen: replaced Poller(0x3024a828) with Poller(0x302b6038) (new: 4 readers, 1 writers; old: 4 readers, 1 writers)
[pid 29367] 16:38:20.232644 D mitogen.ctx.ssh.172.28.111.28: mitogen: Router(Broker(0x30248888)).upgrade()
[pid 29367] 16:38:20.233354 D mitogen: IdAllocator(Router(Broker(0x108497c50))): allocating [3..1003)
[pid 29367] 16:38:20.234062 D mitogen: IdAllocator(Router(Broker(0x108497c50))): allocating [3..1003) to Context(2, u'ssh.172.28.111.28')
[pid 29367] 16:38:20.269679 D mitogen.ctx.ssh.172.28.111.28: mitogen: mitogen.fork.Stream(u'default').connect()
[pid 29367] 16:38:20.270621 D mitogen.ctx.ssh.172.28.111.28: mitogen: mitogen.fork.Stream(u'fork.13500562').connect(): child process stdin/stdout=14
[pid 29367] 16:38:20.271369 D mitogen: Adding route to 3 via mitogen.ssh.Stream(u'ssh.172.28.111.28')
[pid 29367] 16:38:20.272134 D mitogen: Router(Broker(0x108497c50)).add_route(3, mitogen.ssh.Stream(u'ssh.172.28.111.28'))
[pid 29367] 16:38:20.272936 D mitogen.ctx.fork.13500562: mitogen: register(Context(2, 'parent'), mitogen.core.Stream('parent'))
[pid 29367] 16:38:20.273704 D mitogen.ctx.fork.13500562: mitogen: Connected to Context(2, 'parent'); my ID is 3, PID is 13500562
[pid 29367] 16:38:20.274468 D mitogen.ctx.fork.13500562: mitogen: Recovered sys.executable: '/usr/bin/python'
[pid 29367] 16:38:20.275267 D mitogen.ctx.ssh.172.28.111.28: ansible_mitogen.target: Selected temp directory: u'/tmp/.ansible-asolynin/tmp' (from [u'/tmp/.ansible-asolynin/tmp', u'/var/tmp', u'/tmp', '/tmp', '/var/tmp', '/usr/tmp', '/home/asolynin'])
[pid 29367] 16:38:20.276733 D mitogen: CallChain(Context(2, u'ssh.172.28.111.28')).call_async(): mitogen.parent._proxy_connect(method_name=u'su', name=None, kwargs=Kwargs({u'username': u'db2inst1', u'profiling': False, u'python_path': [u'/usr/bin/python'], 'unidirectional': True, u'debug': False, u'su_path': None, u'password': [secret], u'connect_timeout': 10}))
[pid 29367] 16:38:20.277654 D mitogen: Context(2, u'ssh.172.28.111.28').send_async(Message(2, 0, 0, 101, 1001, '\x80\x02(NX\x0e\x00\x00\x00mitogen.parentNX\x0e\x00\x00\x00_proxy_connect)cmitog'..351))
[pid 29367] 16:38:20.280148 D mitogen: ModuleResponder(Router(Broker(0x108497c50)))._on_get_module('mitogen.su')
[pid 29367] 16:38:20.282571 D mitogen: _send_load_module(mitogen.ssh.Stream(u'ssh.172.28.111.28'), u'mitogen.su')
[pid 29367] 16:38:20.289789 D mitogen.ctx.ssh.172.28.111.28: mitogen: mitogen.su.Stream(u'default').connect()
[pid 29367] 16:38:20.330338 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): 'encodings.base64_codec' is submodule of a package we did not load
[pid 29367] 16:38:20.339549 D mitogen.ctx.ssh.172.28.111.28: mitogen: Importer(): 'encodings.base64' is submodule of a package we did not load
[pid 29367] 16:38:20.357028 D mitogen.ctx.ssh.172.28.111.28: mitogen: tty_create_child() child 12779616 fd 16, parent 5242942, cmd: su db2inst1 -c "/usr/bin/python -c \"import codecs,os,sys;_=codecs.decode;exec(_(_(\\\"eNqFkVFLwzAUhZ/XX9G3JCx0bTcRCwF1gvigQh3uQcdI21SDXRLSdHX++t11wtr54Fs+zrk5h3tTumS6Dow0AhPP0rZHsvQBSm2/MEm8EbyLxsQ4pFEYkhOntE8W1OjIeaVrgdM+2D4s+9ACQGC9g/iKO0jd+Iz5qOC2lQr5XBWdKL5F3jieVaKTJ01tJ5lUE7Nzn1oh6Dk6s41ZN7gVtpZavSXTVRcr1FZaYHST3r+GaMWGY0cPYIWHAh3iGOGNdPpDqITXutopqa7vbuPFy2L9FAXbgjueC+WEDaQLbJNcxLP4ahYTRDwIaK10AkcUPT4snsMwfFcIiuW6gP0Tb87W+HCBQhuhYO/IZogEVvACR/HldEYo+pEGfioNO/mWFLUZOhylNL8B8+59XPSZu/3P/bdlNGi5B18ktds=\\\".encode(),\\\"base64\\\"),\\\"zip\\\"))\""
[pid 29367] 16:38:20.357927 D mitogen.ctx.ssh.172.28.111.28: mitogen: mitogen.su.Stream(u'local.12779616').connect(): child process stdin/stdout=16
[pid 29367] 16:38:20.368208 D mitogen.ctx.ssh.172.28.111.28: mitogen.su: mitogen.su.Stream(u'local.12779616'): received '3004-501 Cannot su to "db2inst1"'
[pid 29367] 16:38:20.369070 D mitogen.ctx.ssh.172.28.111.28: mitogen.su: mitogen.su.Stream(u'local.12779616'): received ' : Authentication is denied.\n'
[pid 29367] 16:38:20.369858 D mitogen.ctx.ssh.172.28.111.28: mitogen: mitogen.su.Stream(u'local.12779616'): PID 12779616 exited with return code 113
[pid 29368] 16:38:20.372077 D mitogen: Broker(0x108504490).shutdown()
[pid 29368] 16:38:20.373170 D mitogen: mitogen.core.Stream(u'unix_listener.29367').on_disconnect()
[pid 29368] 16:38:20.374266 D mitogen: Context(0, None).on_disconnect()
[pid 29367] 16:38:20.374087 D mitogen: mitogen.core.Stream(u'unix_client.29368').on_disconnect()
[pid 29368] 16:38:20.375187 D mitogen: Waker(Broker(0x108504490) rfd=46, wfd=47).on_shutdown()
[pid 29367] 16:38:20.375382 D mitogen: Context(1, None).on_disconnect()
[pid 29368] 16:38:20.376092 D mitogen: Waker(Broker(0x108504490) rfd=46, wfd=47).on_disconnect()```

The text was updated successfully, but these errors were encountered:

dw · 2019-02-08T16:23:09Z

This looks like it should be a simple fix -- however I am worried about AIX target :) None of this code is tested on AIX

dw · 2019-02-08T16:32:30Z

I notice some issues:

Your "become_flags" is being ignored. It should somehow be present in the line beginning "mitogen: tty_create_child()"
it appears su is complaining immediately that it will not allow authentication. Mitogen is never given a password prompt to enter the password

If you log into the system, does cutpasting that command line produce a password prompt? su db2inst1 -c "/usr/bin/python -c \"print 123\""

If it does not, is it possible to check the system log? AIX is rejecting the authentication for some reason -- it will not even ask for a password. This suggests something about Mitogen's process environment is incorrect, and as a result, something like PAM is refusing to do business

dw · 2019-02-08T16:32:57Z

It is possible your missing 'become_flags' is causing the problem, but at least for now I doubt it.

dw · 2019-02-08T16:37:14Z

From googling "authentication is denied", it may relate to AIX RBAC authentication

* origin/dmw: tests: add new compression parameter to mitogen_get_stack results tests: disable affinity_test on Travis :/ issue #508: fix responder stats test due to new smaller parent.py. issue #508: tests: skip minify_test Py2.4/2.5 for profiler.py. tests: fix fallout from 36fb318 issue #520: add AIX auth failure string to su. tests: move affinity_test to Ansible tests. core: cProfile is not available in 2.4. issue #505: docs: add new detail graph for one scenario. docs: update and re-record profile graphs in docs; closes #505 service: fix PushFileService exception tests: pad out localhost-* service: start pool shutdown on broker shutdown. master: .encode() needed for Py3. ansible: stash PID files in CWD if requested for debugging. issue #508: master: minify_safe_re must be bytes for Py3. bench: tidy up and cpu-pin some more files. tests: add localhost-x100 ansible: double the default pool size. ansible: raise error with correct exception type. issue #508: master: minify all Mitogen/ansible_mitogen sources. parent: PartialZlib docstrings. ansible: hacky parser to alow bools to be specified on command line parent: pre-cache bootstrap if possible. docs: update Changelog. ansible: add mitogen_ssh_compression variable. service: PushFileService never recorded a file as sent. parent: synchronize get_core_source() service: use correct profile aggregation name. SyntaxError. ansible: don't pin controller if <4 cores. tests: make soak testing work reliably on vanilla. docs: changelog tidyups. ansible: document and make affinity stuff portable to non-Linux ansible: fix affinity.py test failure on 2 cores. ansible: preheat PluginLoader caches before fork. tests: make mitogen_shutdown_all be run_once by default. docs: update Changelog. ansible: use Poller for WorkerProcess; closes #491. ansible: new multiplexer/workers configuration docs: update Changelog. docs: update Changelog. ansible: pin connection multiplexer to a single core utils: pad out reset_affinity() and integrate with detach_popen() utils: import reset_affinity() function. master: set Router.profiling if MITOGEN_PROFILING variable present. parent: don't kill children when profiling is active. ansible: hook strategy and worker processes into profiler profiler: import from linear2 branch core: tidy up existing profiling code and support MITOGEN_PROFILE_FMT issue #260: redundant if statement. ansible: ensure MuxProcess MITOGEN_PROFILING results reach disk. ansible/bench: make end= configurable. master: cache sent/forwarded module names

* origin/master: (661 commits) Bump version for release. docs: update Changelog; closes #481 issue #481: core: preserve stderr TTY FD if one is present. issue #481: avoid crash if disconnect occurs during forward_modules() Add a few more important modules to preamble_size.py. .ci: add verbiage for run_batches() too. .ci: add README.md. docs: update thanks docs: lose "approaching stability" language, we're pretty good now docs: fix changelog syntax/order/"20KB" tests: add new compression parameter to mitogen_get_stack results tests: disable affinity_test on Travis :/ issue #508: fix responder stats test due to new smaller parent.py. issue #508: tests: skip minify_test Py2.4/2.5 for profiler.py. tests: fix fallout from 36fb318 issue #520: add AIX auth failure string to su. tests: move affinity_test to Ansible tests. core: cProfile is not available in 2.4. issue #505: docs: add new detail graph for one scenario. docs: update and re-record profile graphs in docs; closes #505 service: fix PushFileService exception tests: pad out localhost-* service: start pool shutdown on broker shutdown. master: .encode() needed for Py3. ansible: stash PID files in CWD if requested for debugging. issue #508: master: minify_safe_re must be bytes for Py3. bench: tidy up and cpu-pin some more files. tests: add localhost-x100 ansible: double the default pool size. ansible: raise error with correct exception type. issue #508: master: minify all Mitogen/ansible_mitogen sources. parent: PartialZlib docstrings. ansible: hacky parser to alow bools to be specified on command line parent: pre-cache bootstrap if possible. docs: update Changelog. ansible: add mitogen_ssh_compression variable. service: PushFileService never recorded a file as sent. parent: synchronize get_core_source() service: use correct profile aggregation name. SyntaxError. ansible: don't pin controller if <4 cores. tests: make soak testing work reliably on vanilla. docs: changelog tidyups. ansible: document and make affinity stuff portable to non-Linux ansible: fix affinity.py test failure on 2 cores. ansible: preheat PluginLoader caches before fork. tests: make mitogen_shutdown_all be run_once by default. docs: update Changelog. ansible: use Poller for WorkerProcess; closes #491. ansible: new multiplexer/workers configuration docs: update Changelog. docs: update Changelog. ansible: pin connection multiplexer to a single core utils: pad out reset_affinity() and integrate with detach_popen() utils: import reset_affinity() function. master: set Router.profiling if MITOGEN_PROFILING variable present. parent: don't kill children when profiling is active. ansible: hook strategy and worker processes into profiler profiler: import from linear2 branch core: tidy up existing profiling code and support MITOGEN_PROFILE_FMT issue #260: redundant if statement. ansible: ensure MuxProcess MITOGEN_PROFILING results reach disk. ansible/bench: make end= configurable. master: cache sent/forwarded module names Aggregate code coverage data across tox all runs Allow independant control of coverage erase and reporting Fix incorrect attempt to use coverage docs: update Changelog; closes #527. issue #527: catch new-style module tracebacks like vanilla. Fix DeprecationWarning in mitogen.utils.run_with_router() Generate coverage report even if some tests fail ci: fix incorrect partition/rpartition from 8a4caea issue #260: hide force-disconnect messages. issue #498: fix shutdown crash issue #260: avoid start_transmit()/on_transmit()/stop_transmit() core: ensure broker profiling output reaches disk master: keep is_stdlib_path() result as negative cache entry ci: Allow DISTROS="debian*32" variable, and KEEP=1 Use develop mode in tox issue #429: fix sudo regression. misc: rename to scripts. tab completion!! core: Latch._wake improvements issue #498: prevent crash on double 'disconnect' signal. issue #413: don't double-propagate DEL_ROUTE to parent. issue #498: wrap Router dict mutations in a lock issue #429: enable en_US locale to unbreak debops test. issue #499: fix another mind-numbingly stupid vanilla inconsistency issue #497: do our best to cope with crap upstream code ssh: fix test to match updated log format. issue #429: update Changelog. issue #429: update Changelog. issue #429: teach sudo about every know i18n password string. issue #429: install i18n-related bits in test images. ssh: tidy up logs and stream names. tests: ensure file is closed in connection_test. gcloud: small updates tests: give ansible/gcloud/ its own requirements file. issue #499: another totally moronic implementation difference issue #499: disable new test on vanilla. docs: update Changelog; closes #499. ...

* origin/v024: (662 commits) docs: update Changelog release date. Bump version for release. docs: update Changelog; closes #481 issue #481: core: preserve stderr TTY FD if one is present. issue #481: avoid crash if disconnect occurs during forward_modules() Add a few more important modules to preamble_size.py. .ci: add verbiage for run_batches() too. .ci: add README.md. docs: update thanks docs: lose "approaching stability" language, we're pretty good now docs: fix changelog syntax/order/"20KB" tests: add new compression parameter to mitogen_get_stack results tests: disable affinity_test on Travis :/ issue #508: fix responder stats test due to new smaller parent.py. issue #508: tests: skip minify_test Py2.4/2.5 for profiler.py. tests: fix fallout from 36fb318 issue #520: add AIX auth failure string to su. tests: move affinity_test to Ansible tests. core: cProfile is not available in 2.4. issue #505: docs: add new detail graph for one scenario. docs: update and re-record profile graphs in docs; closes #505 service: fix PushFileService exception tests: pad out localhost-* service: start pool shutdown on broker shutdown. master: .encode() needed for Py3. ansible: stash PID files in CWD if requested for debugging. issue #508: master: minify_safe_re must be bytes for Py3. bench: tidy up and cpu-pin some more files. tests: add localhost-x100 ansible: double the default pool size. ansible: raise error with correct exception type. issue #508: master: minify all Mitogen/ansible_mitogen sources. parent: PartialZlib docstrings. ansible: hacky parser to alow bools to be specified on command line parent: pre-cache bootstrap if possible. docs: update Changelog. ansible: add mitogen_ssh_compression variable. service: PushFileService never recorded a file as sent. parent: synchronize get_core_source() service: use correct profile aggregation name. SyntaxError. ansible: don't pin controller if <4 cores. tests: make soak testing work reliably on vanilla. docs: changelog tidyups. ansible: document and make affinity stuff portable to non-Linux ansible: fix affinity.py test failure on 2 cores. ansible: preheat PluginLoader caches before fork. tests: make mitogen_shutdown_all be run_once by default. docs: update Changelog. ansible: use Poller for WorkerProcess; closes #491. ansible: new multiplexer/workers configuration docs: update Changelog. docs: update Changelog. ansible: pin connection multiplexer to a single core utils: pad out reset_affinity() and integrate with detach_popen() utils: import reset_affinity() function. master: set Router.profiling if MITOGEN_PROFILING variable present. parent: don't kill children when profiling is active. ansible: hook strategy and worker processes into profiler profiler: import from linear2 branch core: tidy up existing profiling code and support MITOGEN_PROFILE_FMT issue #260: redundant if statement. ansible: ensure MuxProcess MITOGEN_PROFILING results reach disk. ansible/bench: make end= configurable. master: cache sent/forwarded module names Aggregate code coverage data across tox all runs Allow independant control of coverage erase and reporting Fix incorrect attempt to use coverage docs: update Changelog; closes #527. issue #527: catch new-style module tracebacks like vanilla. Fix DeprecationWarning in mitogen.utils.run_with_router() Generate coverage report even if some tests fail ci: fix incorrect partition/rpartition from 8a4caea issue #260: hide force-disconnect messages. issue #498: fix shutdown crash issue #260: avoid start_transmit()/on_transmit()/stop_transmit() core: ensure broker profiling output reaches disk master: keep is_stdlib_path() result as negative cache entry ci: Allow DISTROS="debian*32" variable, and KEEP=1 Use develop mode in tox issue #429: fix sudo regression. misc: rename to scripts. tab completion!! core: Latch._wake improvements issue #498: prevent crash on double 'disconnect' signal. issue #413: don't double-propagate DEL_ROUTE to parent. issue #498: wrap Router dict mutations in a lock issue #429: enable en_US locale to unbreak debops test. issue #499: fix another mind-numbingly stupid vanilla inconsistency issue #497: do our best to cope with crap upstream code ssh: fix test to match updated log format. issue #429: update Changelog. issue #429: update Changelog. issue #429: teach sudo about every know i18n password string. issue #429: install i18n-related bits in test images. ssh: tidy up logs and stream names. tests: ensure file is closed in connection_test. gcloud: small updates tests: give ansible/gcloud/ its own requirements file. issue #499: another totally moronic implementation difference issue #499: disable new test on vanilla. ...

diioc · 2019-02-11T09:16:54Z

I tried to execute su db2inst1 -c "/usr/bin/python -c \"print 123\"" in multiple different ways:

as root => dont't prompt for a pass
as non-root => prompts for a pass
as non-root with sudo sudo su db2inst1 -c "/usr/bin/python -c \"print 123\"" => prompts for a sudo pass

I'll try to reproduce it on rhel7

dw · 2019-02-11T14:00:25Z

If it works when you are logged in interactively, then it must be some problem with how Mitogen creates processes or TTYs, or perhaps because Mitogen launches a non-interactive SSH session, it does not receive some important privilege.

I'm afraid I do not know enough about AIX to understand this issue :) Do you know of an expert within your organization that would understand deeper security issues? I am fairly sure this is some strange security restriction AIX has, and to make things work, we must meet those restriction.

diioc · 2019-02-12T14:43:55Z

Hi man! Guess what?) I reproduced the issue on rhel7. It has a different output in same situation but I can fix it by the same way to replace 'become: yes' statement.
It don't work

It works fine

Logs from node
mitogen.13780.20190212_172029.log
mitogen.13771.20190212_172028.log

And output from host:

ansible-playbook mit_test.yml -i inventory -vvv --limit node01
ansible-playbook 2.6.1
  config file = /Users/diioc/devops/vagrant/rhel-db2/provisioning/ansible.cfg
  configured module search path = [u'/Users/diioc/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python2.7/site-packages/ansible
  executable location = /usr/local/bin/ansible-playbook
  python version = 2.7.15 (default, Jun 17 2018, 12:46:58) [GCC 4.2.1 Compatible Apple LLVM 9.1.0 (clang-902.0.39.2)]
Using /Users/diioc/devops/vagrant/rhel-db2/provisioning/ansible.cfg as config file
Parsed /Users/diioc/devops/vagrant/rhel-db2/provisioning/inventory inventory source with ini plugin

PLAYBOOK: mit_test.yml **********************************************************************************
1 plays in mit_test.yml

PLAY [node] *********************************************************************************************
[pid 53505] 17:20:25.865219 D mitogen: mitogen.service.Pool(0x1119483d0, size=16, th='MainThread'): initialized
[pid 53505] 17:20:25.870836 D ansible_mitogen.process: Service pool configured: size=16
META: ran handlers

TASK [command] ******************************************************************************************
task path: /Users/diioc/devops/vagrant/rhel-db2/provisioning/mit_test.yml:10
[pid 53506] 17:20:25.916618 D mitogen: unix.connect(path='/var/folders/pf/rc9rjb7x2_1d3r_73cq5l0w80000gn/T/mitogen_unix_wPEhwd')
[pid 53506] 17:20:25.918792 D mitogen: unix.connect(): local ID is 1, remote is 0
[pid 53505] 17:20:25.918860 D mitogen: register(Context(1, None), mitogen.core.Stream(u'unix_client.53506'))
[pid 53505] 17:20:25.928756 D mitogen: mitogen.ssh.Stream(u'default').connect()
[pid 53505] 17:20:26.096152 D mitogen: create_child() child 53507 fd 95, parent 53505, cmd: ssh -o "LogLevel ERROR" -l vagrant -o "Compression yes" -o "ServerAliveInterval 15" -o "ServerAliveCountMax 3" -o "BatchMode yes" -o "StrictHostKeyChecking yes" -C -o ControlMaster=auto -o ControlPersist=60s 192.168.33.12 /usr/bin/python -c "'import codecs,os,sys;_=codecs.decode;exec(_(_(\"eNqFkVFLwzAUhZ/XX9G3JCxuycYQCgFlD+KDCEXsgw5Jm1SDWRLSbnX+eu86Ye188O1+3HNzDic5LYRvZsEEjUkSaTcgU6cAtY+fmGTJBGa1CwvMKGeMnDmnQ4qw5SeurG80zocQh1AMoQMAw+YA9la24LpNhUiRkrEzDqXSqX6pv3S1a2Vpdb+e75o4L42bh0P74R2CnJML2VT0h3sdG+PdS7bc9Lba7U0ERrf53TNDGzE+O2kALR4v6BinCG9N69+1y5QxvrqRjbcHZ9yV2cpqZn0lbbZartiKIJLAm100rcacoof7p0fG2KtDkKXyCionyVq84WPpygftoGoUS0RmUUuF+eKac0LRtwnwUh3EWVdQ1JXo+A91+DVY9/Op2wt195/6b0o+SvkDRZeyBA==\".encode(),\"base64\"),\"zip\"))'"
[pid 53505] 17:20:26.098825 D mitogen: mitogen.ssh.Stream(u'local.53507').connect(): child process stdin/stdout=95
[pid 53505] 17:20:26.508275 D mitogen: mitogen.ssh.Stream(u'local.53507'): received 'MITO000\n'
[pid 53505] 17:20:26.509444 D mitogen: mitogen.ssh.Stream(u'local.53507')._ec0_received()
[pid 53505] 17:20:26.525306 D mitogen: register(Context(2, u'ssh.192.168.33.12'), mitogen.ssh.Stream(u'ssh.192.168.33.12'))
[pid 53505] 17:20:26.530016 D mitogen: CallChain(Context(2, u'ssh.192.168.33.12')).call_async(): ansible_mitogen.target.init_child(candidate_temp_dirs=[u'/tmp/.ansible-${USER}/tmp', u'/var/tmp', u'/tmp'], log_level=10)
[pid 53505] 17:20:26.531752 D mitogen: Context(2, u'ssh.192.168.33.12').send_async(Message(2, 0, 0, 101, 1000, '\x80\x02(NX\x16\x00\x00\x00ansible_mitogen.targetNX\n\x00\x00\x00init_child)cm'..185))
[pid 53505] 17:20:26.540609 D mitogen: _build_tuple('/usr/local/lib/python2.7/site-packages/ansible/__init__.py', u'ansible') -> [u'cli', u'compat', u'config', u'constants', u'errors', u'executor', u'galaxy', u'inventory', u'module_utils', u'modules', u'parsing', u'playbook', u'plugins', u'release', u'template', u'utils', u'vars']
[pid 53505] 17:20:26.542824 D mitogen: _send_load_module(mitogen.ssh.Stream(u'ssh.192.168.33.12'), u'ansible.release')
[pid 53505] 17:20:26.544781 D mitogen: _send_load_module(mitogen.ssh.Stream(u'ssh.192.168.33.12'), u'ansible')
[pid 53505] 17:20:26.550907 D mitogen: _build_tuple('/usr/local/lib/python2.7/site-packages/ansible/module_utils/__init__.py', u'ansible.module_utils') -> [u'_text', u'acme', u'ansible_release', u'ansible_tower', u'api', u'aws', u'azure_rm_common', u'azure_rm_common_rest', u'basic', u'cloud', u'cloudscale', u'cloudstack', u'common', u'connection', u'crypto', u'database', u'digital_ocean', u'dimensiondata', u'docker_common', u'ec2', u'exoscale', u'f5_utils', u'facts', u'firewalld', u'gcdns', u'gce', u'gcp', u'gcp_utils', u'gitlab', u'heroku', u'infinibox', u'influxdb', u'ipa', u'ismount', u'json_utils', u'k8s', u'keycloak', u'known_hosts', u'ldap', u'lxd', u'manageiq', u'memset', u'mysql', u'net_tools', u'netapp', u'network', u'oneandone', u'oneview', u'opennebula', u'openstack', u'ovirt', u'parsing', u'postgres', u'powershell', u'pure', u'pycompat24', u'rax', u'redhat', u'remote_management', u'scaleway', u'service', u'six', u'splitter', u'univention_umc', u'urls', u'vca', u'vmware', u'vmware_rest_client', u'vultr']
...
...
Importer().find_module('ansible.module_utils.parsing')
[pid 53505] 17:20:27.499786 D mitogen.ctx.ssh.192.168.33.12: mitogen: Importer.load_module(u'ansible.module_utils.parsing')
[pid 53505] 17:20:27.500749 D mitogen.ctx.ssh.192.168.33.12: mitogen: Importer().find_module('ansible.module_utils.parsing.convert_bool')
[pid 53505] 17:20:27.501596 D mitogen.ctx.ssh.192.168.33.12: mitogen: Importer.load_module(u'ansible.module_utils.parsing.convert_bool')
[pid 53505] 17:20:27.502350 D mitogen.ctx.ssh.192.168.33.12: mitogen: Importer().find_module('ansible.module_utils.parsing.ansible')
[pid 53505] 17:20:27.503102 D mitogen.ctx.ssh.192.168.33.12: mitogen: Importer(): master doesn't know 'ansible.module_utils.parsing.ansible'
[pid 53505] 17:20:27.503874 D mitogen.ctx.ssh.192.168.33.12: ansible_mitogen.runner: EnvironmentFileWatcher(u'/home/vagrant/.pam_environment') installed; existing keys: []
[pid 53505] 17:20:27.504614 D mitogen.ctx.ssh.192.168.33.12: ansible_mitogen.runner: EnvironmentFileWatcher(u'/etc/environment') installed; existing keys: []
[pid 53505] 17:20:27.505436 D mitogen.ctx.ssh.192.168.33.12: mitogen: replaced Poller(0x7f32066a35d0) with EpollPoller(0x7f31faddf910) (new: 4 readers, 1 writers; old: 4 readers, 1 writers)
[pid 53505] 17:20:27.506212 D mitogen.ctx.ssh.192.168.33.12: mitogen: Router(Broker(0x7f32066a3490)).upgrade()
[pid 53505] 17:20:27.507037 D mitogen: IdAllocator(Router(Broker(0x11191ea90))): allocating [3..1003)
[pid 53505] 17:20:27.507593 D mitogen: IdAllocator(Router(Broker(0x11191ea90))): allocating [3..1003) to Context(2, u'ssh.192.168.33.12')
[pid 53505] 17:20:27.529339 D mitogen.ctx.ssh.192.168.33.12: mitogen: mitogen.fork.Stream(u'default').connect()
[pid 53505] 17:20:27.530358 D mitogen.ctx.ssh.192.168.33.12: mitogen: mitogen.fork.Stream(u'fork.13780').connect(): child process stdin/stdout=17
[pid 53505] 17:20:27.531426 D mitogen: Adding route to 3 via mitogen.ssh.Stream(u'ssh.192.168.33.12')
[pid 53505] 17:20:27.532111 D mitogen: Router(Broker(0x11191ea90)).add_route(3, mitogen.ssh.Stream(u'ssh.192.168.33.12'))
[pid 53505] 17:20:27.533233 D mitogen.ctx.ssh.192.168.33.12: mitogen: register(Context(3, u'fork.13780'), mitogen.fork.Stream(u'fork.13780'))
[pid 53505] 17:20:27.534052 D mitogen.ctx.ssh.192.168.33.12: ansible_mitogen.target: Selected temp directory: u'/tmp/.ansible-vagrant/tmp' (from [u'/tmp/.ansible-vagrant/tmp', u'/var/tmp', u'/tmp', '/tmp', '/var/tmp', '/usr/tmp', '/home/vagrant'])
[pid 53505] 17:20:27.534873 D mitogen.ctx.ssh.192.168.33.12: mitogen: _dispatch_calls: Message(2, 0, 0, 101, 1000, '\x80\x02(NX\x16\x00\x00\x00ansible_mitogen.targetNX\n\x00\x00\x00init_child)cm'..185) -> {u'fork_context': Context(3, u'fork.13780'), u'home_dir': u'/home/vagrant', u'good_temp_dir': u'/tmp/.ansible-vagrant/tmp'}
[pid 53505] 17:20:27.538191 D mitogen.ctx.fork.13780: mitogen: register(Context(2, 'parent'), mitogen.core.Stream('parent'))
[pid 53505] 17:20:27.540185 D mitogen: CallChain(Context(2, u'ssh.192.168.33.12')).call_async(): mitogen.parent._proxy_connect(method_name=u'su', name=None, kwargs=Kwargs({u'username': u'db2inst1', u'profiling': False, u'python_path': [u'/usr/bin/python'], 'unidirectional': True, u'debug': True, u'su_path': None, u'password': [secret], u'connect_timeout': 10}))
[pid 53505] 17:20:27.541204 D mitogen.ctx.fork.13780: mitogen: Connected to Context(2, 'parent'); my ID is 3, PID is 13780
[pid 53505] 17:20:27.542258 D mitogen: Context(2, u'ssh.192.168.33.12').send_async(Message(2, 0, 0, 101, 1001, '\x80\x02(NX\x0e\x00\x00\x00mitogen.parentNX\x0e\x00\x00\x00_proxy_connect)cmitog'..351))
[pid 53505] 17:20:27.543250 D mitogen.ctx.fork.13780: mitogen: Recovered sys.executable: '/usr/bin/python'
[pid 53505] 17:20:27.561552 D mitogen.ctx.ssh.192.168.33.12: mitogen: _dispatch_one((None, u'mitogen.parent', None, u'_proxy_connect', (), Kwargs({'method_name': u'su', 'name': None, 'kwargs': Kwargs({u'username': u'db2inst1', u'profiling': False, u'python_path': [u'/usr/bin/python'], 'unidirectional': True, u'debug': True, u'su_path': None, u'password': [secret], u'connect_timeout': 10})})))
[pid 53505] 17:20:27.564731 D mitogen.ctx.ssh.192.168.33.12: mitogen: Importer().find_module('mitogen.su')
[pid 53505] 17:20:27.565780 D mitogen.ctx.ssh.192.168.33.12: mitogen: Importer.load_module(u'mitogen.su')
[pid 53505] 17:20:27.567847 D mitogen.ctx.ssh.192.168.33.12: mitogen: _request_module(u'mitogen.su'): new request
[pid 53505] 17:20:27.568717 D mitogen: ModuleResponder(Router(Broker(0x11191ea90)))._on_get_module('mitogen.su')
[pid 53505] 17:20:27.571298 D mitogen: _send_load_module(mitogen.ssh.Stream(u'ssh.192.168.33.12'), u'mitogen.su')
[pid 53505] 17:20:27.581961 D mitogen.ctx.ssh.192.168.33.12: mitogen: Importer._on_load_module(u'mitogen.su')
[pid 53505] 17:20:27.588042 D mitogen.ctx.ssh.192.168.33.12: mitogen: mitogen.su.Stream(u'default').connect()
[pid 53505] 17:20:27.616119 D mitogen.ctx.ssh.192.168.33.12: mitogen: Importer().find_module('encodings.base64_codec')
[pid 53505] 17:20:27.617965 D mitogen.ctx.ssh.192.168.33.12: mitogen: Importer(): 'encodings.base64_codec' is submodule of a package we did not load
[pid 53505] 17:20:27.619217 D mitogen.ctx.ssh.192.168.33.12: mitogen: Importer().find_module('encodings.base64')
[pid 53505] 17:20:27.620217 D mitogen.ctx.ssh.192.168.33.12: mitogen: Importer(): 'encodings.base64' is submodule of a package we did not load
[pid 53505] 17:20:27.621565 D mitogen.ctx.ssh.192.168.33.12: mitogen: Importer().find_module('base64')
[pid 53505] 17:20:27.623912 D mitogen.ctx.ssh.192.168.33.12: mitogen: tty_create_child() child 13782 fd 18, parent 13771, cmd: su db2inst1 -c "/usr/bin/python -c \"import codecs,os,sys;_=codecs.decode;exec(_(_(\\\"eNqFkTFrwzAQhef4V3iTRIQjxUPAIGjJUDqUginN0IYi23IiqkhCduKmv74XuxA7Hbrdx3un9zjldCNck3jtFSZRoN2IdB0D1C58YpJFM5iro19iRjlj5Mo5HVMAlQ9cGtconI8hjGEzhg4AApszxBvZQuohFiJGlQydtiiWtupF9aXKYysLo3p5cWzCotB24c/t3lkEPWc3trnoF08qNNrZtyzd9rHKnnQARvf5wytDWzFdGzyABk8FOsU5wgfdup2y2UnugrTtnXWVYjwJe2US40ppMp6uVpwgEsGbXdCtwpyip8eXZ8bYu0XQpYQdTEi0Fh/4cvTKeWXh1CgUiCRByQrz5SpNCUXf2sNLtRdX34airkCXf6j9b8C6n4fb3ri7/9x/W/JJyx/uq7Gg\\\".encode(),\\\"base64\\\"),\\\"zip\\\"))\""
[pid 53505] 17:20:27.625074 D mitogen.ctx.ssh.192.168.33.12: mitogen: mitogen.su.Stream(u'local.13782').connect(): child process stdin/stdout=18
[pid 53505] 17:20:28.965628 D mitogen.ctx.ssh.192.168.33.12: mitogen.su: mitogen.su.Stream(u'local.13782'): received '\xd0\x9f\xd0\xb0\xd1\x80\xd0\xbe\xd0\xbb\xd1\x8c: '
[pid 53505] 17:20:37.587632 D mitogen.ctx.ssh.192.168.33.12: mitogen: mitogen.su.Stream(u'local.13782'): child process still alive, sending SIGTERM
[pid 53505] 17:20:37.588485 D mitogen.ctx.ssh.192.168.33.12: mitogen: _dispatch_calls: Message(2, 0, 0, 101, 1001, '\x80\x02(NX\x0e\x00\x00\x00mitogen.parentNX\x0e\x00\x00\x00_proxy_connect)cmitog'..351) -> {u'msg': 'error occurred on host node01.rhel.local: Connection timed out.', u'id': None, u'name': None}
[pid 53506] 17:20:37.597285 D mitogen: mitogen.core.Stream(u'unix_listener.53505').on_disconnect()
[pid 53506] 17:20:37.598276 D mitogen: Waker(Broker(0x11196ff90) rfd=45, wfd=46).on_disconnect()
[pid 53505] 17:20:37.598553 D mitogen: mitogen.core.Stream(u'unix_client.53506').on_disconnect()
[pid 53505] 17:20:37.601531 D mitogen: Context(1, None).on_disconnect()
fatal: [node01]: FAILED! => {}

MSG:

error occurred on host node01.rhel.local: Connection timed out.

…-fastrack 16439-remove fromuser to support multi cli

dw added a commit that referenced this issue Feb 9, 2019

issue #520: add AIX auth failure string to su.

4abd34e

dw added user-reported and removed user-reported labels Feb 10, 2019

PatrickCoakley23 pushed a commit to cyara/mitogen that referenced this issue Nov 10, 2023

Merge pull request mitogen-hq#520 from spearlineltd/16439-sgp-sgp3-s1…

19bb371

…-fastrack 16439-remove fromuser to support multi cli

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Ansible v2.6 become recursion issue #520

Ansible v2.6 become recursion issue #520

diioc commented Feb 8, 2019

dw commented Feb 8, 2019

dw commented Feb 8, 2019 •

edited

Loading

dw commented Feb 8, 2019

dw commented Feb 8, 2019

diioc commented Feb 11, 2019

dw commented Feb 11, 2019

diioc commented Feb 12, 2019

Ansible v2.6 become recursion issue #520

Ansible v2.6 become recursion issue #520

Comments

diioc commented Feb 8, 2019

dw commented Feb 8, 2019

dw commented Feb 8, 2019 • edited Loading

dw commented Feb 8, 2019

dw commented Feb 8, 2019

diioc commented Feb 11, 2019

dw commented Feb 11, 2019

diioc commented Feb 12, 2019

dw commented Feb 8, 2019 •

edited

Loading