<div dir="ltr">right this ansible lark is doing my nut in - simple automate my bottom!<div><br></div><div>I'm now getting:</div><div><br></div><div><div><br></div><div>failed: [10.0.100.56] => {"failed": true}</div><div>msg: Failed to lock apt for exclusive operation</div></div><div><br></div><div>i've running the playbook with</div><div><br></div><div><br></div><div><div>sudo ansible-playbook ansible/upgrade-server.yml -vvvv -s -kK --sudo-user administrator</div></div><div><br></div><div>so i'm specifying use sudo and have the user as administrator</div><div><br></div><div><br></div><div>In the server I'm connecting to in my sudeors file i've got</div><div><br></div><div><div>administrator ALL=(ALL) NOPASSWD:ALL</div></div><div><div>%sudo ALL=NOPASSWD: ALL</div></div><div><br></div><div><br></div><div>So ignoring how insecure that if for a moment I can run sudo apt-get whatever on the remote server without having to input a password - i've confirmed this is the case</div><div><br></div><div>My playbook looks like</div><div><br></div><div><div><br></div><div>- hosts: servers</div><div> gather_facts: no</div><div> sudo: yes</div><div> sudo_user: administrator</div><div> tasks:</div><div> - name: updates a server</div><div> apt: update_cache=yes</div><div> - name: upgrade a server</div><div> action: apt upgrade=dist</div><div><br></div></div><div><br></div><div>any thoughts kevin? anyone?</div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On 3 February 2015 at 19:35, Kevin Groves <span dir="ltr"><<a href="mailto:kgroves@cix.co.uk" target="_blank">kgroves@cix.co.uk</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>So seeing things like:<br>
<br>
"10.0.100.37" from file "/root/.ssh/known_hosts<br>
<br>
100.37 isn't listed in your ansible hosts file so is that the
machine you are running FROM?<br>
<br>
Seems odd that known_hosts is a problem as that is for incoming
connections????<br>
<br>
I just looked at some of mine but I tend towards using root ssh
keys. I suggest stripping it back to a really simple task with
root keys for example. I think there is a switch to actually
prompt for passwords instead of use keys so this could be worth a
try to see what user(s) are really being used. Even worth
switching on sshd server debug too to see what end is doing what.<br>
<br>
Kev<div><div class="h5"><br>
<br>
<br>
<br>
On 03/02/15 19:03, Dan Attwood wrote:<br>
</div></div></div><div><div class="h5">
<blockquote type="cite">
<div dir="ltr">logged in as administrator and sudo
<div><br>
</div>
<div>so yes</div>
<div><br>
</div>
<div>I also tried it with one machine and adding administrator
to the sudoers files with passwd:all. but no dice</div>
<div> </div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On 3 February 2015 at 18:59, Kevin
Groves <span dir="ltr"><<a href="mailto:kgroves@cix.co.uk" target="_blank">kgroves@cix.co.uk</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>On 03/02/15 12:30, Dan Attwood wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">
<div> ssh-copy-id <a href="mailto:administrator@10.0.100.93" target="_blank">administrator@10.0.100.93</a></div>
<div><br>
</div>
<div><br>
</div>
</div>
</blockquote>
<br>
OK and you did that logged in as administrator? and when I
mean logged in as administrator you did login and not did
su administator? <br>
<br>
Kev
<div>
<div><br>
<br>
<br>
<blockquote type="cite">
<div dir="ltr">
<div>manage to hit send to soon</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On 3 February 2015 at
12:29, Dan Attwood <span dir="ltr"><<a href="mailto:danattwood@gmail.com" target="_blank">danattwood@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">my host files looks like this:
<div><br>
</div>
<div>
<div>[all:vars]</div>
<div>ansible_sudo_pass=secretpassword</div>
<div><br>
</div>
<div>[servers]</div>
<div>10.0.100.56 </div>
<div>10.0.100.72</div>
<div>10.0.100.93</div>
<div>10.0.100.38</div>
</div>
<div><br>
</div>
<div><br>
</div>
<div>my playbook is:</div>
<div><br>
</div>
<div>
<div>- hosts: servers</div>
<div> gather_facts: no</div>
<div> user: administrator</div>
<div> remote_user: administrator</div>
<div> sudo: yes</div>
<div> tasks:</div>
<div> - name: updates a server</div>
<div> apt: update_cache=yes</div>
<div> - name: upgrade a server</div>
<div> apt: upgrade=dist</div>
<div><br>
</div>
</div>
<div><br>
</div>
<div>So it thought I was pretty clear to
ansible that the user is 'administrator'</div>
<div><br>
</div>
<div><br>
</div>
<div>when i copied the keys over i did:</div>
<div><br>
</div>
<div><br>
</div>
</div>
<div>
<div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On 3 February
2015 at 12:26, Kevin Groves <span dir="ltr"><<a href="mailto:kgroves@ksoft-creative-projects.co.uk" target="_blank">kgroves@ksoft-creative-projects.co.uk</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span><br>
On 03/02/15 09:00, Dan Attwood
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> ok i've
done that and that speed things
up a bit.<br>
unfortunately it speeds it
towards the next fail. witht he
debug on I can the errors lists
below.<br>
I've double checked that I can
ssh into the servers via kay and
I'm following the note I made
when I had this working at home
so and dan :-(<br>
<br>
error below<br>
<br>
<br>
fatal: [10.0.100.37] => SSH
encountered an unknown error.
The output was:<br>
OpenSSH_6.6.1, OpenSSL 1.0.1f 6
Jan 2014<br>
debug1: Reading configuration
data /etc/ssh/ssh_config<br>
debug1: /etc/ssh/ssh_config line
19: Applying options for *<br>
debug1: auto-mux: Trying
existing master<br>
</blockquote>
<br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> debug1:
Control socket
"/home/administrator/.ansible/cp/ansible-ssh-10.0.100.37-22-administrator"
does not exist<br>
</blockquote>
<br>
</span> Is this home dir connected
with an 'administrator' user? It
could be that ansible is using the
wrong user key to connect with what
looks like 'root' on the other
machine.<br>
<br>
Hopefully its just a matter of which
user is being used on which side.<br>
<br>
You might also want to take a look
at the ansible config file. Mine is
in /etc/ansible/ansible.cfg which
has lines like:<br>
<br>
poll_interval = 15<br>
sudo_user = root<br>
#ask_sudo_pass = True<br>
#ask_pass = True<br>
transport = smart<br>
remote_port = 22<br>
<br>
I think you can be specific about
what users are used instead of
assuming it knows what you really
mean. :-)<br>
<br>
Kev
<div>
<div><br>
<br>
<br>
_______________________________________________<br>
Kent mailing list<br>
<a href="mailto:Kent@mailman.lug.org.uk" target="_blank">Kent@mailman.lug.org.uk</a><br>
<a href="https://mailman.lug.org.uk/mailman/listinfo/kent" target="_blank">https://mailman.lug.org.uk/mailman/listinfo/kent</a><br>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</div>
</div>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset></fieldset>
<br>
<pre>_______________________________________________
Kent mailing list
<a href="mailto:Kent@mailman.lug.org.uk" target="_blank">Kent@mailman.lug.org.uk</a>
<a href="https://mailman.lug.org.uk/mailman/listinfo/kent" target="_blank">https://mailman.lug.org.uk/mailman/listinfo/kent</a></pre>
</blockquote>
<br>
</div>
</div>
</div>
<br>
_______________________________________________<br>
Kent mailing list<br>
<a href="mailto:Kent@mailman.lug.org.uk" target="_blank">Kent@mailman.lug.org.uk</a><br>
<a href="https://mailman.lug.org.uk/mailman/listinfo/kent" target="_blank">https://mailman.lug.org.uk/mailman/listinfo/kent</a><br>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset></fieldset>
<br>
<pre>_______________________________________________
Kent mailing list
<a href="mailto:Kent@mailman.lug.org.uk" target="_blank">Kent@mailman.lug.org.uk</a>
<a href="https://mailman.lug.org.uk/mailman/listinfo/kent" target="_blank">https://mailman.lug.org.uk/mailman/listinfo/kent</a></pre>
</blockquote>
<br>
</div></div></div>
<br>_______________________________________________<br>
Kent mailing list<br>
<a href="mailto:Kent@mailman.lug.org.uk">Kent@mailman.lug.org.uk</a><br>
<a href="https://mailman.lug.org.uk/mailman/listinfo/kent" target="_blank">https://mailman.lug.org.uk/mailman/listinfo/kent</a><br></blockquote></div><br></div>