I already explained that you can't really do it this way. You get: digitalocean: Could not open a connection to your authentication agent.
Since the deploy user is not allowed to connect to the ssh agent socket owned by the root user. To quote my self: "when you switch to the deploy user (become_user: deploy) that user can't access the Unix socket forwarding the ssh-agent, only root can do that since root is the owner of it. There is no way around that that and my recommendation is that you instead let root clone the repo and then move/chown it to deploy." On Fri, Jan 4, 2019, 18:06 Vincent Rubiolo <[email protected] wrote: > Hi Tekchand, > > Thank you for your response and suggestion. >> > > You're welcome, but you did not try what I had suggested (putting 'pwd' in > your git clone command and reporting the output). Can you do that? > > >> Yes...after adding -p 987 in my SSH command getting connection time out >> error. I need to fix it first and you are right in my build json file the >> connection part is coming first and then clone part. So now its not >> reaching on clone because it fail at SSH connection. > > > I will let you check that with Rickard. > > Vincent > > > On Wed, Jan 2, 2019 at 10:50 PM Tekchand Dagar <[email protected]> > wrote: > >> Hello Vincent, >> >> Thank you for your response and suggestion. >> >> Yes...after adding -p 987 in my SSH command getting connection time out >> error. I need to fix it first and you are right in my build json file the >> connection part is coming first and then clone part. So now its not >> reaching on clone because it fail at SSH connection. >> >> Thanks a lot for your time and support. >> >> On Thursday, January 3, 2019 at 11:36:48 AM UTC+5:30, Vincent Rubiolo >> wrote: >>> >>> Hi again Tekchand, >>> >>> On Wed, Jan 2, 2019 at 9:52 PM Tekchand Dagar <[email protected]> >>> wrote: >>> >>>> Hello Vincent, >>>> >>>> Thank you for your prompt response. >>>> >>>> Please refer the attach file of ansible-playbook which us used for >>>> clone from git. I am switching the user from root to deploy so when it >>>> switch the user deploy then it will go into deploy user home directory. >>>> >>> >>> There is no guarantee about the directory switch being made when >>> changing users, this will depend on the internal implementation of the >>> 'become' command within Ansible. As you can see at >>> https://docs.ansible.com/ansible/latest/user_guide/become.html?highlight=become, >>> 'become' has 'become_method' which can provide different means to do so >>> (su, sudo, etc). >>> >>> For instance, with the 'su' command, it will depend on whether this is a >>> login shell ('su' does not switch directories, 'su -' or 'su -l' does >>> switch directories). >>> >>> >>>> And user deploy have full right to create a file in his/her home >>>> directory. I am correct? >>>> >>> >>> You are right _if_ the directory is the 'deploy' user home dir. >>> >>> I suggest adding a simple call to 'pwd' in your shell 'git clone' >>> command to check you are where you expect to be (another way would be to do >>> a 'touch test_file ./' before running the 'git clone' command). Then past >>> the output here. >>> >>> Note that I do not doubt you also have a connection issue (cf your >>> unability to connect via ssh), I just think there might be 2 issues, with >>> the 'permission denied' one masking the other (you have seen that your SSH >>> connection fails with a timeout for instance, not a permission problem). >>> >>> HTH, >>> >>> Vincent >>> >> -- >> This mailing list is governed under the HashiCorp Community Guidelines - >> https://www.hashicorp.com/community-guidelines.html. Behavior in >> violation of those guidelines may result in your removal from this mailing >> list. >> >> GitHub Issues: https://github.com/mitchellh/packer/issues >> IRC: #packer-tool on Freenode >> --- >> You received this message because you are subscribed to the Google Groups >> "Packer" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/packer-tool/1729b8d5-9da1-4050-900a-8f473899d734%40googlegroups.com >> <https://groups.google.com/d/msgid/packer-tool/1729b8d5-9da1-4050-900a-8f473899d734%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > > > -- > > -------- > *Vincent Rubiolo* > Senior Platform Engineer > www.datameer.com > Slack: Vincent > > > > > > Datameer, Inc. > 577 2nd Street, Suite 200, San Francisco, CA 94107 > > -- > This mailing list is governed under the HashiCorp Community Guidelines - > https://www.hashicorp.com/community-guidelines.html. Behavior in > violation of those guidelines may result in your removal from this mailing > list. > > GitHub Issues: https://github.com/mitchellh/packer/issues > IRC: #packer-tool on Freenode > --- > You received this message because you are subscribed to the Google Groups > "Packer" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/packer-tool/CADZPgZdai1dxXkfNZXscmbrh69%2B2xBBBRD-qjFqZEQaK%2BtMh3g%40mail.gmail.com > <https://groups.google.com/d/msgid/packer-tool/CADZPgZdai1dxXkfNZXscmbrh69%2B2xBBBRD-qjFqZEQaK%2BtMh3g%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list. GitHub Issues: https://github.com/mitchellh/packer/issues IRC: #packer-tool on Freenode --- You received this message because you are subscribed to the Google Groups "Packer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/CALz9Rt-rXjU%3DSwB57jmN94tpQC6juYz8rHu_8pAuR-RGuKLKRA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
