Open ghost opened 1 year ago
Can you post a verbose output? I think -vvv would be enough to start.
Hey @mattwit
thanks for taking a look. For reproducibility I did a factory_reset
of the OM1200 running
# cat /etc/version
22.11.0
after the factory reset, I only changed the root password.
playbook is:
---
- hosts:
- om1200-test
remote_user: root
collections:
- opengear.om
connection: httpapi
become: false
gather_facts: false
vars:
ansible_python_interpreter: /usr/bin/python3
ansible_network_os: opengear.om.om
ansible_httpapi_use_ssl: true
ansible_httpapi_validate_certs: false
ansible_httpapi_password: testpassword
tasks:
- name: Add SSH Keys
opengear.om.om_system:
config:
system_authorized_keys:
- key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDbCQvx2Y6ewjgbqQr8ZBQVN99F2lNc0WfrYnL4sN+uwfOQqGZ3IEbtvZa1gorH4ucxIcEEQnjCfwD7HGFW/NIu8VwFU2fTedyqcfXEqvXUykqxmVjtaaoTgaoH16Ws32AHVbj7/vcQv5fQryigcwHJGEUfU7a/gso9aSopGUyeAa475XxPEJmSYxc/4As+7E+OA9Ty5o03tmeCr3yM/cDjbBXB9kO0Bcr9BU354CYIrrUxoFYK403VhErjC/csm6G26cj364sMwL1F64jm0PcmPhzGqrOLUo/EsrQptaqyai29J/jmCtAHlhwGysYSd6TTudchnUNc0oCdM5AO+7FWPSm191Qim+rsc4flD+rg/op/GNYtx3hSH/GEQKpFS8P/32N0Ui0i13TVsYSgPrIe69DHuhMpFVnDNb9fmhEtZbtpplx21oVVJMjBj4G2NHzPTOmd2kII80PUFRh6IdF9Cyru7fK5+TeWK4WuDTddTXzfbko+lVBvjvurhLvrmn8= test@test
username: root
id: users_ssh_authorized_keys-42
state:
merged
TASK [Add SSH Keys] ****************************************************************************************************************************************************************************
task path: /home/mrhode/git/oob-automation/test.yml:17
Saturday 04 February 2023 07:46:53 +0100 (0:00:00.023) 0:00:00.023 *****
redirecting (type: connection) ansible.builtin.httpapi to ansible.netcommon.httpapi
<om1200-test> ESTABLISH LOCAL CONNECTION FOR USER: mrhode
<om1200-test> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/mrhode/.ansible/tmp/ansible-local-668900qbozog `"&& mkdir "` echo /home/mrhode/.ansible/tmp/ansible-local-668900qbozog/ansible-tmp-1675493214.08702-6705-50906566664049 `" && echo ansible-tmp-1675493214.08702-6705-50906566664049="` echo /home/mrhode/.ansible/tmp/ansible-local-668900qbozog/ansible-tmp-1675493214.08702-6705-50906566664049 `" ) && sleep 0'
Using module file /home/mrhode/git/oob-automation/collections/ansible_collections/opengear/om/plugins/modules/om_system.py
<om1200-test> PUT /home/mrhode/.ansible/tmp/ansible-local-668900qbozog/tmp8fn11ppx TO /home/mrhode/.ansible/tmp/ansible-local-668900qbozog/ansible-tmp-1675493214.08702-6705-50906566664049/AnsiballZ_om_system.py
<om1200-test> EXEC /bin/sh -c 'chmod u+x /home/mrhode/.ansible/tmp/ansible-local-668900qbozog/ansible-tmp-1675493214.08702-6705-50906566664049/ /home/mrhode/.ansible/tmp/ansible-local-668900qbozog/ansible-tmp-1675493214.08702-6705-50906566664049/AnsiballZ_om_system.py && sleep 0'
<om1200-test> EXEC /bin/sh -c '/usr/bin/python3 /home/mrhode/.ansible/tmp/ansible-local-668900qbozog/ansible-tmp-1675493214.08702-6705-50906566664049/AnsiballZ_om_system.py && sleep 0'
<om1200-test> EXEC /bin/sh -c 'rm -f -r /home/mrhode/.ansible/tmp/ansible-local-668900qbozog/ansible-tmp-1675493214.08702-6705-50906566664049/ > /dev/null 2>&1 && sleep 0'
fatal: [om1200-test]: FAILED! => changed=false
invocation:
module_args:
config:
admin_info:
contact: support@opengear.com
hostname: om1208-8e-l
location: Unspecified (Configure under System Administration)
banner: |2-
********************************************************************************
UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED
You must have explicit, authorized permission to access or configure this
device. Unauthorized attempts and actions to access or use this system may
result in civil and/or criminal penalties. All activities performed on this
device are logged and monitored.
********************************************************************************
cell_reliability_test: null
cli_session_timeout: 0
hostname: om1208-8e-l
reboot: false
ssh_port: 22
system_authorized_keys:
- id: users_ssh_authorized_keys-1
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDbCQvx2Y6ewjgbqQr8ZBQVN99F2lNc0WfrYnL4sN+uwfOQqGZ3IEbtvZa1gorH4ucxIcEEQnjCfwD7HGFW/NIu8VwFU2fTedyqcfXEqvXUykqxmVjtaaoTgaoH16Ws32AHVbj7/vcQv5fQryigcwHJGEUfU7a/gso9aSopGUyeAa475XxPEJmSYxc/4As+7E+OA9Ty5o03tmeCr3yM/cDjbBXB9kO0Bcr9BU354CYIrrUxoFYK403VhErjC/csm6G26cj364sMwL1F64jm0PcmPhzGqrOLUo/EsrQptaqyai29J/jmCtAHlhwGysYSd6TTudchnUNc0oCdM5AO+7FWPSm191Qim+rsc4flD+rg/op/GNYtx3hSH/GEQKpFS8P/32N0Ui0i13TVsYSgPrIe69DHuhMpFVnDNb9fmhEtZbtpplx21oVVJMjBj4G2NHzPTOmd2kII80PUFRh6IdF9Cyru7fK5+TeWK4WuDTddTXzfbko+lVBvjvurhLvrmn8= test@test
multi_field_identifier: root 3072 SHA256:5HiTlqmRSWTZui10IyoQq5qZd+XDyomDyBSlOdDhpDo test@test (RSA)
username: root
time: 06:46 Feb 04, 2023
timezone: UTC
webui_session_timeout: 20
state: merged
msg: 'Unsupported parameters for (basic.py) module: config.system_authorized_keys.multi_field_identifier. Supported parameters include: config, state.'
$ ansible --version
ansible [core 2.13.7]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/mrhode/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3/dist-packages/ansible
ansible collection location = /home/mrhode/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible
python version = 3.10.6 (main, Nov 14 2022, 16:10:14) [GCC 11.3.0]
jinja version = 3.0.3
libyaml = True
$ ansible-galaxy collection list
# /usr/lib/python3/dist-packages/ansible_collections
Collection Version
----------------------------- -------
amazon.aws 3.5.0
ansible.netcommon 3.1.3
ansible.posix 1.4.0
ansible.utils 2.8.0
ansible.windows 1.12.0
arista.eos 5.0.1
awx.awx 21.10.0
azure.azcollection 1.14.0
check_point.mgmt 2.3.0
chocolatey.chocolatey 1.3.1
cisco.aci 2.3.0
cisco.asa 3.1.0
cisco.dnac 6.6.1
cisco.intersight 1.0.22
cisco.ios 3.3.2
cisco.iosxr 3.3.1
cisco.ise 2.5.9
cisco.meraki 2.13.0
cisco.mso 2.1.0
cisco.nso 1.0.3
cisco.nxos 3.2.0
cisco.ucs 1.8.0
cloud.common 2.1.2
cloudscale_ch.cloud 2.2.3
community.aws 3.6.0
community.azure 1.1.0
community.ciscosmb 1.0.5
community.crypto 2.9.0
community.digitalocean 1.22.0
community.dns 2.4.2
community.docker 2.7.3
community.fortios 1.0.0
community.general 5.8.3
community.google 1.0.0
community.grafana 1.5.3
community.hashi_vault 3.4.0
community.hrobot 1.6.0
community.libvirt 1.2.0
community.mongodb 1.4.2
community.mysql 3.5.1
community.network 4.0.2
community.okd 2.2.0
community.postgresql 2.3.1
community.proxysql 1.4.0
community.rabbitmq 1.2.3
community.routeros 2.5.0
community.sap 1.0.0
community.sap_libs 1.4.0
community.skydive 1.0.0
community.sops 1.5.0
community.vmware 2.10.2
community.windows 1.11.1
community.zabbix 1.9.0
containers.podman 1.10.1
cyberark.conjur 1.2.0
cyberark.pas 1.0.14
dellemc.enterprise_sonic 1.1.2
dellemc.openmanage 5.5.0
dellemc.os10 1.1.1
dellemc.os6 1.0.7
dellemc.os9 1.0.4
f5networks.f5_modules 1.21.0
fortinet.fortimanager 2.1.7
fortinet.fortios 2.2.1
frr.frr 2.0.0
gluster.gluster 1.0.2
google.cloud 1.0.2
hetzner.hcloud 1.9.0
hpe.nimble 1.1.4
ibm.qradar 2.1.0
ibm.spectrum_virtualize 1.10.0
infinidat.infinibox 1.3.12
infoblox.nios_modules 1.4.1
inspur.ispim 1.2.0
inspur.sm 2.3.0
junipernetworks.junos 3.1.0
kubernetes.core 2.3.2
lowlydba.sqlserver 1.2.0
mellanox.onyx 1.0.0
netapp.aws 21.7.0
netapp.azure 21.10.0
netapp.cloudmanager 21.21.0
netapp.elementsw 21.7.0
netapp.ontap 21.24.1
netapp.storagegrid 21.11.1
netapp.um_info 21.8.0
netapp_eseries.santricity 1.3.1
netbox.netbox 3.9.0
ngine_io.cloudstack 2.3.0
ngine_io.exoscale 1.0.0
ngine_io.vultr 1.1.2
openstack.cloud 1.10.0
openvswitch.openvswitch 2.1.0
ovirt.ovirt 2.4.1
purestorage.flasharray 1.15.0
purestorage.flashblade 1.10.0
purestorage.fusion 1.2.0
sensu.sensu_go 1.13.1
servicenow.servicenow 1.0.6
splunk.es 2.1.0
t_systems_mms.icinga_director 1.31.4
theforeman.foreman 3.7.0
vmware.vmware_rest 2.2.0
vultr.cloud 1.3.1
vyos.vyos 3.0.1
wti.remote 1.0.4
interestingly the key is actually deployed:
# ogcli get system/system_authorized_keys
ogcli get system/system_authorized_key "root 3072 SHA256:5HiTlqmRSWTZui10IyoQq5qZd+XDyomDyBSlOdDhpDo test@test (RSA)"
id="users_ssh_authorized_keys-1"
key="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDbCQvx2Y6ewjgbqQr8ZBQVN99F2lNc0WfrYnL4sN+uwfOQqGZ3IEbtvZa1gorH4ucxIcEEQnjCfwD7HGFW/NIu8VwFU2fTedyqcfXEqvXUykqxmVjtaaoTgaoH16Ws32AHVbj7/vcQv5fQryigcwHJGEUfU7a/gso9aSopGUyeAa475XxPEJmSYxc/4As+7E+OA9Ty5o03tmeCr3yM/cDjbBXB9kO0Bcr9BU354CYIrrUxoFYK403VhErjC/csm6G26cj364sMwL1F64jm0PcmPhzGqrOLUo/EsrQptaqyai29J/jmCtAHlhwGysYSd6TTudchnUNc0oCdM5AO+7FWPSm191Qim+rsc4flD+rg/op/GNYtx3hSH/GEQKpFS8P/32N0Ui0i13TVsYSgPrIe69DHuhMpFVnDNb9fmhEtZbtpplx21oVVJMjBj4G2NHzPTOmd2kII80PUFRh6IdF9Cyru7fK5+TeWK4WuDTddTXzfbko+lVBvjvurhLvrmn8= test@test"
key_fingerprint="3072 SHA256:5HiTlqmRSWTZui10IyoQq5qZd+XDyomDyBSlOdDhpDo test@test (RSA)"
multi_field_identifier="root 3072 SHA256:5HiTlqmRSWTZui10IyoQq5qZd+XDyomDyBSlOdDhpDo test@test (RSA)"
username="root"
but now running other playbooks fail (slightly adapted system_config.yml playbook):
---
- hosts: om1200-test
remote_user: root
collections:
- opengear.om
connection: httpapi
become: false
gather_facts: false
vars:
ansible_python_interpreter: /usr/bin/python3
ansible_network_os: opengear.om.om
ansible_httpapi_use_ssl: true
ansible_httpapi_validate_certs: false
ansible_httpapi_password: testpassword
tasks:
- name: Change Admin Infro
opengear.om.om_system:
config:
admin_info:
hostname: om1000
contact: avankatw@digi.com.au
location: AUS
- name: Change Timezone
opengear.om.om_system:
config:
timezone: Australia/Brisbane
TASK [Change Admin Infro] **********************************************************************************************************************************************************************
task path: /home/mrhode/git/oob-automation/system_config2.yaml:16
Saturday 04 February 2023 07:57:05 +0100 (0:00:00.023) 0:00:00.023 *****
redirecting (type: connection) ansible.builtin.httpapi to ansible.netcommon.httpapi
<om1200-test> ESTABLISH LOCAL CONNECTION FOR USER: mrhode
<om1200-test> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/mrhode/.ansible/tmp/ansible-local-7161cmezghnp `"&& mkdir "` echo /home/mrhode/.ansible/tmp/ansible-local-7161cmezghnp/ansible-tmp-1675493825.813138-7177-87734492802720 `" && echo ansible-tmp-1675493825.813138-7177-87734492802720="` echo /home/mrhode/.ansible/tmp/ansible-local-7161cmezghnp/ansible-tmp-1675493825.813138-7177-87734492802720 `" ) && sleep 0'
Using module file /home/mrhode/git/oob-automation/collections/ansible_collections/opengear/om/plugins/modules/om_system.py
<om1200-test> PUT /home/mrhode/.ansible/tmp/ansible-local-7161cmezghnp/tmpvbu2w80w TO /home/mrhode/.ansible/tmp/ansible-local-7161cmezghnp/ansible-tmp-1675493825.813138-7177-87734492802720/AnsiballZ_om_system.py
<om1200-test> EXEC /bin/sh -c 'chmod u+x /home/mrhode/.ansible/tmp/ansible-local-7161cmezghnp/ansible-tmp-1675493825.813138-7177-87734492802720/ /home/mrhode/.ansible/tmp/ansible-local-7161cmezghnp/ansible-tmp-1675493825.813138-7177-87734492802720/AnsiballZ_om_system.py && sleep 0'
<om1200-test> EXEC /bin/sh -c '/usr/bin/python3 /home/mrhode/.ansible/tmp/ansible-local-7161cmezghnp/ansible-tmp-1675493825.813138-7177-87734492802720/AnsiballZ_om_system.py && sleep 0'
<om1200-test> EXEC /bin/sh -c 'rm -f -r /home/mrhode/.ansible/tmp/ansible-local-7161cmezghnp/ansible-tmp-1675493825.813138-7177-87734492802720/ > /dev/null 2>&1 && sleep 0'
fatal: [om1200-test]: FAILED! => changed=false
invocation:
module_args:
config:
admin_info:
contact: support@opengear.com
hostname: om1208-8e-l
location: Unspecified (Configure under System Administration)
banner: |2-
********************************************************************************
UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED
You must have explicit, authorized permission to access or configure this
device. Unauthorized attempts and actions to access or use this system may
result in civil and/or criminal penalties. All activities performed on this
device are logged and monitored.
********************************************************************************
cell_reliability_test: null
cli_session_timeout: 0
hostname: om1208-8e-l
reboot: false
ssh_port: 22
system_authorized_keys:
- id: users_ssh_authorized_keys-1
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDbCQvx2Y6ewjgbqQr8ZBQVN99F2lNc0WfrYnL4sN+uwfOQqGZ3IEbtvZa1gorH4ucxIcEEQnjCfwD7HGFW/NIu8VwFU2fTedyqcfXEqvXUykqxmVjtaaoTgaoH16Ws32AHVbj7/vcQv5fQryigcwHJGEUfU7a/gso9aSopGUyeAa475XxPEJmSYxc/4As+7E+OA9Ty5o03tmeCr3yM/cDjbBXB9kO0Bcr9BU354CYIrrUxoFYK403VhErjC/csm6G26cj364sMwL1F64jm0PcmPhzGqrOLUo/EsrQptaqyai29J/jmCtAHlhwGysYSd6TTudchnUNc0oCdM5AO+7FWPSm191Qim+rsc4flD+rg/op/GNYtx3hSH/GEQKpFS8P/32N0Ui0i13TVsYSgPrIe69DHuhMpFVnDNb9fmhEtZbtpplx21oVVJMjBj4G2NHzPTOmd2kII80PUFRh6IdF9Cyru7fK5+TeWK4WuDTddTXzfbko+lVBvjvurhLvrmn8= test@test
multi_field_identifier: root 3072 SHA256:5HiTlqmRSWTZui10IyoQq5qZd+XDyomDyBSlOdDhpDo test@test (RSA)
username: root
time: 06:56 Feb 04, 2023
timezone: UTC
webui_session_timeout: 20
state: merged
msg: 'Unsupported parameters for (basic.py) module: config.system_authorized_keys.multi_field_identifier. Supported parameters include: config, state.'
deleting the key:
# ogcli delete system/system_authorized_key "root 3072 SHA256:5HiTlqmRSWTZui10IyoQq5qZd+XDyomDyBSlOdDhpDo test@test (RSA)"
# ogcli get system/system_authorized_keys
[]
and running above playbook again:
TASK [Change Admin Infro] **********************************************************************************************************************************************************************
task path: /home/mrhode/git/oob-automation/system_config2.yaml:16
Saturday 04 February 2023 08:01:57 +0100 (0:00:00.023) 0:00:00.023 *****
redirecting (type: connection) ansible.builtin.httpapi to ansible.netcommon.httpapi
<om1200-test> ESTABLISH LOCAL CONNECTION FOR USER: mrhode
<om1200-test> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/mrhode/.ansible/tmp/ansible-local-72846gmq94jv `"&& mkdir "` echo /home/mrhode/.ansible/tmp/ansible-local-72846gmq94jv/ansible-tmp-1675494117.56177-7300-261705116047376 `" && echo ansible-tmp-1675494117.56177-7300-261705116047376="` echo /home/mrhode/.ansible/tmp/ansible-local-72846gmq94jv/ansible-tmp-1675494117.56177-7300-261705116047376 `" ) && sleep 0'
Using module file /home/mrhode/git/oob-automation/collections/ansible_collections/opengear/om/plugins/modules/om_system.py
<om1200-test> PUT /home/mrhode/.ansible/tmp/ansible-local-72846gmq94jv/tmpvq1rzbto TO /home/mrhode/.ansible/tmp/ansible-local-72846gmq94jv/ansible-tmp-1675494117.56177-7300-261705116047376/AnsiballZ_om_system.py
<om1200-test> EXEC /bin/sh -c 'chmod u+x /home/mrhode/.ansible/tmp/ansible-local-72846gmq94jv/ansible-tmp-1675494117.56177-7300-261705116047376/ /home/mrhode/.ansible/tmp/ansible-local-72846gmq94jv/ansible-tmp-1675494117.56177-7300-261705116047376/AnsiballZ_om_system.py && sleep 0'
<om1200-test> EXEC /bin/sh -c '/usr/bin/python3 /home/mrhode/.ansible/tmp/ansible-local-72846gmq94jv/ansible-tmp-1675494117.56177-7300-261705116047376/AnsiballZ_om_system.py && sleep 0'
<om1200-test> EXEC /bin/sh -c 'rm -f -r /home/mrhode/.ansible/tmp/ansible-local-72846gmq94jv/ansible-tmp-1675494117.56177-7300-261705116047376/ > /dev/null 2>&1 && sleep 0'
changed: [om1200-test] => changed=true
after:
admin_info:
contact: avankatw@digi.com.au
hostname: om1000
location: AUS
banner: |2-
********************************************************************************
UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED
You must have explicit, authorized permission to access or configure this
device. Unauthorized attempts and actions to access or use this system may
result in civil and/or criminal penalties. All activities performed on this
device are logged and monitored.
********************************************************************************
cell_reliability_test: null
cli_session_timeout: 0
hostname: om1000
reboot: false
ssh_port: 22
system_authorized_keys: null
time: 07:01 Feb 04, 2023
timezone: UTC
webui_session_timeout: 20
before:
admin_info:
contact: support@opengear.com
hostname: om1208-8e-l
location: Unspecified (Configure under System Administration)
banner: |2-
********************************************************************************
UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED
You must have explicit, authorized permission to access or configure this
device. Unauthorized attempts and actions to access or use this system may
result in civil and/or criminal penalties. All activities performed on this
device are logged and monitored.
********************************************************************************
cell_reliability_test: null
cli_session_timeout: 0
hostname: om1208-8e-l
reboot: false
ssh_port: 22
system_authorized_keys: null
time: 07:01 Feb 04, 2023
timezone: UTC
webui_session_timeout: 20
commands:
- data:
system_admin_info:
contact: avankatw@digi.com.au
hostname: om1000
location: AUS
method: PUT
path: system/admin_info
invocation:
module_args:
config:
admin_info:
contact: avankatw@digi.com.au
hostname: om1000
location: AUS
banner: null
cell_reliability_test: null
cli_session_timeout: null
hostname: null
reboot: null
ssh_port: null
system_authorized_keys: null
time: null
timezone: null
webui_session_timeout: null
state: merged
TASK [Change Timezone] *************************************************************************************************************************************************************************
task path: /home/mrhode/git/oob-automation/system_config2.yaml:24
Saturday 04 February 2023 08:02:06 +0100 (0:00:09.752) 0:00:09.775 *****
redirecting (type: connection) ansible.builtin.httpapi to ansible.netcommon.httpapi
<om1200-test> ESTABLISH HTTP(S) CONNECTFOR USER: root TO https://om1200-test:443
<om1200-test> ESTABLISH LOCAL CONNECTION FOR USER: mrhode
<om1200-test> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/mrhode/.ansible/tmp/ansible-local-72846gmq94jv `"&& mkdir "` echo /home/mrhode/.ansible/tmp/ansible-local-72846gmq94jv/ansible-tmp-1675494127.2333837-7330-36921882483783 `" && echo ansible-tmp-1675494127.2333837-7330-36921882483783="` echo /home/mrhode/.ansible/tmp/ansible-local-72846gmq94jv/ansible-tmp-1675494127.2333837-7330-36921882483783 `" ) && sleep 0'
Using module file /home/mrhode/git/oob-automation/collections/ansible_collections/opengear/om/plugins/modules/om_system.py
<om1200-test> PUT /home/mrhode/.ansible/tmp/ansible-local-72846gmq94jv/tmp9n0jex0v TO /home/mrhode/.ansible/tmp/ansible-local-72846gmq94jv/ansible-tmp-1675494127.2333837-7330-36921882483783/AnsiballZ_om_system.py
<om1200-test> EXEC /bin/sh -c 'chmod u+x /home/mrhode/.ansible/tmp/ansible-local-72846gmq94jv/ansible-tmp-1675494127.2333837-7330-36921882483783/ /home/mrhode/.ansible/tmp/ansible-local-72846gmq94jv/ansible-tmp-1675494127.2333837-7330-36921882483783/AnsiballZ_om_system.py && sleep 0'
<om1200-test> EXEC /bin/sh -c '/usr/bin/python3 /home/mrhode/.ansible/tmp/ansible-local-72846gmq94jv/ansible-tmp-1675494127.2333837-7330-36921882483783/AnsiballZ_om_system.py && sleep 0'
<om1200-test> EXEC /bin/sh -c 'rm -f -r /home/mrhode/.ansible/tmp/ansible-local-72846gmq94jv/ansible-tmp-1675494127.2333837-7330-36921882483783/ > /dev/null 2>&1 && sleep 0'
changed: [om1200-test] => changed=true
after:
admin_info:
contact: avankatw@digi.com.au
hostname: om1000
location: AUS
banner: |2-
********************************************************************************
UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED
You must have explicit, authorized permission to access or configure this
device. Unauthorized attempts and actions to access or use this system may
result in civil and/or criminal penalties. All activities performed on this
device are logged and monitored.
********************************************************************************
cell_reliability_test: null
cli_session_timeout: 0
hostname: om1000
reboot: false
ssh_port: 22
system_authorized_keys: null
time: 17:01 Feb 04, 2023
timezone: Australia/Brisbane
webui_session_timeout: 20
before:
admin_info:
contact: avankatw@digi.com.au
hostname: om1000
location: AUS
banner: |2-
********************************************************************************
UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED
You must have explicit, authorized permission to access or configure this
device. Unauthorized attempts and actions to access or use this system may
result in civil and/or criminal penalties. All activities performed on this
device are logged and monitored.
********************************************************************************
cell_reliability_test: null
cli_session_timeout: 0
hostname: om1000
reboot: false
ssh_port: 22
system_authorized_keys: null
time: 07:01 Feb 04, 2023
timezone: UTC
webui_session_timeout: 20
commands:
- data:
system_timezone:
timezone: Australia/Brisbane
method: PUT
path: system/timezone
invocation:
module_args:
config:
admin_info: null
banner: null
cell_reliability_test: null
cli_session_timeout: null
hostname: null
reboot: null
ssh_port: null
system_authorized_keys: null
time: null
timezone: Australia/Brisbane
webui_session_timeout: null
state: merged
META: ran handlers
META: ran handlers
PLAY RECAP *************************************************************************************************************************************************************************************
om1200-test : ok=2 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
success. \o/
above system_config.yml
playbook succeeds with
- name: Add SSH Keys
opengear.om.om_system:
config:
system_authorized_keys:
- key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTRO6c/1JnaA/Mi3MKONqQJUe75rZC36Z0tH+BefpR2li3F/x7TWQnW0aBSA4y7bGOxS5B+nFd86m6+QWqZMxqIpraG11KKVh2c+ElIliVvPbpN7cL9QKbzDZPCn5TZ28znHDuUSzc7Kt0+33On+7HkMhapKiXkA2ardK89DlpKbE4mSiIZoWG0zepyWsXa86fiKTORqEN8FhRtxnBMcl+WODjQfuBzPNr/zYv75eLaZ0LwUOz6/xm8RkwEhd/kF1ntrXYrwOqhFsR7g0cfqQ5T9vLcUXqe+VDvD16KBkooSL92OTxC907F7HPk7XvQaY4bEWK7ca/vbVhsVzdDhbF test
username: root
id: users_ssh_authorized_keys-1
state:
deleted
but with state: merged
it results in
fatal: [om1200-test]: FAILED! => changed=false
invocation:
module_args:
config:
admin_info:
contact: avankatw@digi.com.au
hostname: om1000
location: AUS
banner: |2-
********************************************************************************
UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED
You must have explicit, authorized permission to access or configure this
device. Unauthorized attempts and actions to access or use this system may
result in civil and/or criminal penalties. All activities performed on this
device are logged and monitored.
********************************************************************************
cell_reliability_test: null
cli_session_timeout: 0
hostname: om1000
reboot: false
ssh_port: 22
system_authorized_keys:
- id: users_ssh_authorized_keys-2
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTRO6c/1JnaA/Mi3MKONqQJUe75rZC36Z0tH+BefpR2li3F/x7TWQnW0aBSA4y7bGOxS5B+nFd86m6+QWqZMxqIpraG11KKVh2c+ElIliVvPbpN7cL9QKbzDZPCn5TZ28znHDuUSzc7Kt0+33On+7HkMhapKiXkA2ardK89DlpKbE4mSiIZoWG0zepyWsXa86fiKTORqEN8FhRtxnBMcl+WODjQfuBzPNr/zYv75eLaZ0LwUOz6/xm8RkwEhd/kF1ntrXYrwOqhFsR7g0cfqQ5T9vLcUXqe+VDvD16KBkooSL92OTxC907F7HPk7XvQaY4bEWK7ca/vbVhsVzdDhbF test
multi_field_identifier: root 2048 SHA256:CNem+rkDme6jInbmuzNxmHz46TP3mA37I2XfEGUuDs8 test (RSA)
username: root
time: 17:06 Feb 04, 2023
timezone: Australia/Brisbane
webui_session_timeout: 20
state: merged
msg: 'Unsupported parameters for (basic.py) module: config.system_authorized_keys.multi_field_identifier. Supported parameters include: state, config.'
but the key is deployed:
# ogcli get system/system_authorized_keys
ogcli get system/system_authorized_key "root 2048 SHA256:CNem+rkDme6jInbmuzNxmHz46TP3mA37I2XfEGUuDs8 test (RSA)"
id="users_ssh_authorized_keys-2"
key="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTRO6c/1JnaA/Mi3MKONqQJUe75rZC36Z0tH+BefpR2li3F/x7TWQnW0aBSA4y7bGOxS5B+nFd86m6+QWqZMxqIpraG11KKVh2c+ElIliVvPbpN7cL9QKbzDZPCn5TZ28znHDuUSzc7Kt0+33On+7HkMhapKiXkA2ardK89DlpKbE4mSiIZoWG0zepyWsXa86fiKTORqEN8FhRtxnBMcl+WODjQfuBzPNr/zYv75eLaZ0LwUOz6/xm8RkwEhd/kF1ntrXYrwOqhFsR7g0cfqQ5T9vLcUXqe+VDvD16KBkooSL92OTxC907F7HPk7XvQaY4bEWK7ca/vbVhsVzdDhbF test"
key_fingerprint="2048 SHA256:CNem+rkDme6jInbmuzNxmHz46TP3mA37I2XfEGUuDs8 test (RSA)"
multi_field_identifier="root 2048 SHA256:CNem+rkDme6jInbmuzNxmHz46TP3mA37I2XfEGUuDs8 test (RSA)"
username="root"
and the Change Admin Infro
tasks fails again when running the playbook again.
Hello,
trying to manage ssh keys, adapted from https://github.com/opengear/opengear.om/blob/master/playbooks/system_config.yaml
results in:
state:
overriden
,merged
andgathered
I run version "22.11.0" and the
multi_field_identifier
was not there in 22.06.0 and the ansible collection was working.