search

ansible-collections / community.general

Ansible Community General Collection
https://galaxy.ansible.com/ui/repo/published/community/general/
GNU General Public License v3.0
840 stars 1.54k forks source link

become_method: machinectl fails on localhost #8278

Open jarppiko opened 7 months ago

jarppiko commented 7 months ago

Summary

Any Ansible task fails if ran with become:true and become_method: machinectl with error:

fatal: [localhost]: FAILED! => {
    "changed": false,
    "module_stderr": "",
    "module_stdout": "\n",
    "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
    "rc": 0
}

I am running Ansible playbook locally on a Ubuntu 23.10 server as root. Otherwise Ansible works fine, but all tasks with become_method: machinectl fail. Running the same command with default become_method (sudo) works fine. Also, if I set Ansible not to delete the temp files (export ANSIBLE_KEEP_REMOTE_FILES=1) and manually run the EXEC line printed out with -vvvv option, the command performs just fine. I need to use machinectl since I am setting up rootless Podman pods with Ansible.

Since the error message is not that informative, I am grateful for any debugging tips if not full solution.

UPDATE: it seems this happens when running a playbook in localhost only. When running Ansible over SSH, become_method: machinectl works.

Issue Type

Bug Report

Component Name

community.general.machinectl become

Ansible Version

$ ansible --version
ansible [core 2.16.5]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/etc/ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3/dist-packages/ansible
  ansible collection location = /etc/ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible
  python version = 3.11.6 (main, Oct  8 2023, 05:06:43) [GCC 13.2.0] (/usr/bin/python3)
  jinja version = 3.1.2
  libyaml = True

Community.general Version

$ ansible-galaxy collection list community.general

# /etc/ansible/collections/ansible_collections
Collection        Version
----------------- -------
community.general 8.5.0

# /usr/lib/python3/dist-packages/ansible_collections
Collection        Version
----------------- -------
community.general 8.5.0

Configuration

$ ansible-config dump --only-changed
ANSIBLE_HOME(/etc/ansible/ansible.cfg) = /etc/ansible
CONFIG_FILE() = /etc/ansible/ansible.cfg
DEFAULT_ASK_VAULT_PASS(/etc/ansible/ansible.cfg) = True
DEFAULT_BECOME(/etc/ansible/ansible.cfg) = True

OS / Environment

Ubuntu 23.10 Mantic 

$ uname -a
Linux hostname 6.5.0-28-generic #29-Ubuntu SMP PREEMPT_DYNAMIC Thu Mar 28 23:46:48 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux

Steps to Reproduce

    - name: Debug become...
      ansible.builtin.command: touch ~/foo
      become: true
      become_user: promtail
      become_method: machinectl

Expected Results

I expect become_method: machinectl to work normally and execute tasks.

Actual Results

TASK [Debug become...] ******************************************************************************************************
task path: /etc/ansible/playbooks/20_podman_promtail.yaml:104
redirecting (type: become) ansible.builtin.machinectl to community.general.machinectl
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: root
<127.0.0.1> EXEC /bin/sh -c 'echo ~root && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /var/tmp `"&& mkdir "` echo /var/tmp/ansible-tmp-1713982340.6394355-179110-172289444619092 `" && echo ansible-tmp-1713982340.6394355-179110-172289444619092="` echo /var/tmp/ansible-tmp-1713982340.6394355-179110-172289444619092 `" ) && sleep 0'
Using module file /usr/lib/python3/dist-packages/ansible/modules/command.py
<127.0.0.1> PUT /etc/ansible/tmp/ansible-local-178731rhupgbr8/tmpoxsvue5z TO /var/tmp/ansible-tmp-1713982340.6394355-179110-172289444619092/AnsiballZ_command.py
<127.0.0.1> EXEC /bin/sh -c 'setfacl -m u:promtail:r-x /var/tmp/ansible-tmp-1713982340.6394355-179110-172289444619092/ /var/tmp/ansible-tmp-1713982340.6394355-179110-172289444619092/AnsiballZ_command.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'chmod u+x /var/tmp/ansible-tmp-1713982340.6394355-179110-172289444619092/ /var/tmp/ansible-tmp-1713982340.6394355-179110-172289444619092/AnsiballZ_command.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'chown promtail /var/tmp/ansible-tmp-1713982340.6394355-179110-172289444619092/ /var/tmp/ansible-tmp-1713982340.6394355-179110-172289444619092/AnsiballZ_command.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'machinectl -q shell  promtail@ /bin/sh -c '"'"'echo BECOME-SUCCESS-snvgczlnebvoceqzixebrsuhmmtaaxhq ; /usr/bin/python3 /var/tmp/ansible-tmp-1713982340.6394355-179110-172289444619092/AnsiballZ_command.py'"'"' && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'rm -f -r /var/tmp/ansible-tmp-1713982340.6394355-179110-172289444619092/ > /dev/null 2>&1 && sleep 0'
fatal: [localhost]: FAILED! => {
    "changed": false,
    "module_stderr": "",
    "module_stdout": "\n",
    "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
    "rc": 0
}

Code of Conduct

ansibullbot commented 7 months ago

Files identified in the description:

If these files are incorrect, please update the component name section of the description or use the !component bot command.

click here for bot help

ansibullbot commented 7 months ago

Files identified in the description:

If these files are incorrect, please update the component name section of the description or use the !component bot command.

click here for bot help

ansibullbot commented 7 months ago

Files identified in the description:

If these files are incorrect, please update the component name section of the description or use the !component bot command.

click here for bot help

ansibullbot commented 7 months ago

cc @None click here for bot help

felixfontein commented 7 months ago

!component =plugins/become/machinectl.py

ansibullbot commented 7 months ago

Files identified in the description:

If these files are incorrect, please update the component name section of the description or use the !component bot command.

click here for bot help

jarppiko commented 7 months ago

I get the same error also with the latest community.general 8.6.0. It also fails on:

I span out AWS instances to try it out on fresh installs. This is not Ubuntu related.

jarppiko commented 7 months ago

It seems this happens when running a playbook in localhost only. When running Ansible over SSH, become_method: machinectl works.