Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1461922 - become_method=su fails waiting for privilege escalation prompt
Summary: become_method=su fails waiting for privilege escalation prompt
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Ansible Engine
Classification: Red Hat
Component: ansible
Version: unspecified
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Pavel Cahyna
QA Contact: Leos Pol
URL:
Whiteboard:
Depends On: 1445712 1461920
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-06-15 15:44 UTC by Pavel Cahyna
Modified: 2018-04-18 14:59 UTC (History)
1 user (show)

Fixed In Version: ansible-2.3.1.0-2.el7
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 1445712
Environment:
Last Closed: 2017-08-02 00:19:51 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github ansible ansible issues 23689 0 None closed 'become' tasks fail (with a timeout msg) in 2.3.0 2020-03-31 20:46:40 UTC
Red Hat Product Errata RHEA-2017:2366 0 normal SHIPPED_LIVE new package: ansible 2017-08-08 22:54:16 UTC

Description Pavel Cahyna 2017-06-15 15:44:12 UTC 
+++ This bug was initially created as a clone of Bug #1445712 +++

Description of problem:
It's impossible to connect to hosts with become_method=su

It always fails with a timeout error:

TASK [Gathering Facts] ***************************************************************************************************************************************
fatal: [192.168.150.77]: FAILED! => {"failed": true, "msg": "Timeout (12s) waiting for privilege escalation prompt: "}


Version-Release number of selected component (if applicable):
ansible-2.3.0.0-3.fc25.noarch

Additional info:
I think it is upstream bug 23710: https://github.com/ansible/ansible/pull/23710

--- Additional comment from Juan Orti on 2017-04-26 07:13:27 EDT ---

Ansible issue 23689

--- Additional comment from Fedora Update System on 2017-06-01 19:06:50 EDT ---

ansible-2.3.1.0-1.el6 has been submitted as an update to Fedora EPEL 6. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5279a157d2

--- Additional comment from Fedora Update System on 2017-06-01 19:07:09 EDT ---

ansible-2.3.1.0-1.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-b316d2bb3b

--- Additional comment from Fedora Update System on 2017-06-02 22:50:31 EDT ---

ansible-2.3.1.0-1.el6 has been pushed to the Fedora EPEL 6 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-5279a157d2

--- Additional comment from Fedora Update System on 2017-06-02 22:56:25 EDT ---

ansible-2.3.1.0-1.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-b316d2bb3b

--- Additional comment from Juan Orti on 2017-06-11 15:17:36 EDT ---

This is an example playbook which timeouts for all the remote hosts with ansible-2.3.1.0-1.fc26.noarch.

It works for localhost, which has defined ansible_connection: local

- name: become_method=su test
  hosts: all
  become: yes
  become_method: su
  remote_user: juan
  tasks:
      - ping:


$ ansible-playbook playbooks/su-test.yml                                                                                                                                                            

PLAY [become_method=su test] **************************************************************************************************************************************************************************************

TASK [Gathering Facts] ********************************************************************************************************************************************************************************************
ok: [localhost]
fatal: [remotehost1]: FAILED! => {"failed": true, "msg": "Timeout (12s) waiting for privilege escalation prompt: "}
fatal: [remotehost2]: FAILED! => {"failed": true, "msg": "Timeout (12s) waiting for privilege escalation prompt: "}

TASK [ping] *******************************************************************************************************************************************************************************************************
ok: [localhost]

PLAY RECAP ********************************************************************************************************************************************************************************************************
remotehost1                      : ok=0    changed=0    unreachable=0    failed=1   
remotehost2                      : ok=0    changed=0    unreachable=0    failed=1   
localhost                      : ok=2    changed=0    unreachable=0    failed=0

--- Additional comment from Juan Orti on 2017-06-11 16:29:29 EDT ---

Sorry, after introducing the become password with -K, this test playbook works in Fedora and epel7.

Tomorrow I'll check some complex playbooks we have at work which were failing these days.

--- Additional comment from Juan Orti on 2017-06-12 06:29:20 EDT ---

After a more detailed review, I can confirm this issue is fixed in Fedora.

Thank you.
Comment 1 Pavel Cahyna 2017-06-15 15:56:30 UTC 
The simplest way to reproduce seems to be: ansible -a : localhost, -b --become-method=su --become-user=root -K
Comment 4 errata-xmlrpc 2017-08-02 00:19:51 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2017:2366
Note You need to log in before you can comment on or make changes to this bug.