See https://stackoverflow.com/a/29799758/226174
On Mon, Nov 18, 2019, 19:20 Valentin Leon <valentin.leonbon...@gmail.com>
wrote:
> Apologies for the double posting, I kept seeing Google Groups errors..
> some days nothing works.
>
> An error (#847) occurred while communicating with the server.
> RELOAD
>
> On Monday, November 18, 2019 at 10:18:55 AM UTC-8, Valentin Leon wrote:
>>
>> Hello,
>>
>> I am trying to provision a host using ansible (remote). The host is a
>> clean ubuntu 18.04 install, but I am blocked running a simple ansible
>> cookbook that requires root privileges.
>>
>> I can run simple shell commands such as:
>> echo '{{user `ssh_password`}}' | sudo -S shutdown -P now
>>
>> But I need a way to feed the sudo password into ansible, otherwise it
>> fails:
>> ubuntu-18.04: fatal: [default]: FAILED! => {"cache_update_time":
>> 1574096255, "cache_updated": false, "changed": false, "msg":
>> "'/usr/bin/apt-get
>> -y -o \"Dpkg::Options::=--force-confdef\" -o
>> \"Dpkg::Options::=--force-confold\" install 'mariadb-server''
>> failed: E: Could not open lock file /var/lib/dpkg/lock-frontend - open
>> (13: Permission denied)\nE: Unable to acquire the dpkg frontend lock
>> (/var/lib/dpkg/lock-frontend), are you root?\n", "rc": 100, "stderr": "E:
>> Could not open lock file /var/lib/dpkg/lock-frontend - open (13:
>> Permission denied)\nE: Unable to acquire the dpkg frontend lock
>> (/var/lib/dpkg/lock-frontend), are you root?\n", "stderr_lines": ["E:
>> Could not open lock file /var/lib/dpkg/lock-frontend - open (13: Permission
>> denied)", "E: Unable to acquire the dpkg frontend lock
>> (/var/lib/dpkg/lock-frontend), are you root?"], "stdout": "",
>> "stdout_lines": []}
>>
>> I have tried to tell ansible to use become:
>> ubuntu-18.04: fatal: [default]: FAILED! => {"msg": "Missing sudo
>> password"}
>>
>> I have tried to pass the password as input:
>> "provisioners": [
>>
>> "type": "ansible",
>>
>> "command": "bash -c \"echo '{{user `ssh_password`}}' |
>> ansible-playbook $@\"",
>> "extra_arguments":
>> [
>> "--ask-become-pass"
>> ],
>>
>> however, this fails as it seems we cannot pass a commands with arguments:
>>
>> * Error running "bash -c "echo '<sensitive>' | ansible-playbook $@"
>> --version": exec: "bash -c \"echo '<sensitive>' | ansible-playbook $@\"":
>> executable file not found in $PATH
>>
>> I have tried to use the user root directly:
>> "provisioners": [
>> "type": "ansible",
>>
>> "user": "root",
>>
>> however this fails because I imagine ubuntu does not allow root to SSH
>> directly:
>>
>> ubuntu-18.04: fatal: [default]: UNREACHABLE! => {"changed": false,
>> "msg": "Authentication or permission failure. In some cases, you may
>> have been able to authenticate and did not have permissions on the target
>> directory. Consider changing the remote tmp path in ansible.cfg to a path
>> rooted in \"/tmp\". Failed command was: ( umask 77 && mkdir -p \"` echo
>> /root/.ansible/tmp/ansible-tmp-1574094286.5371425-44623893214428 `\" &&
>> echo ansible-tmp-1574094286.5371425-44623893214428=\"` echo
>> /root/.ansible/tmp/ansible-tmp-1574094286.5371425-44623893214428 `\" ),
>> exited with result 1", "unreachable": true}
>>
>> I would like to find a solution that does not requires lowering the
>> security of my host, such as allowing root SSH, or passwordless sudo. This
>> seem like a pretty basic scenario, and I am surprised that I could not fine
>> anyone explaining how to solve this issue. The only reference I found is
>> this post:
>> https://github.com/hashicorp/packer/issues/4263#issuecomment-280103496
>> but it got shutdown and the poster did not created a ticket.
>>
>> Any ideas or help would be very welcome.
>>
>> Thanks
>>
>> Val
>>
> --
> This mailing list is governed under the HashiCorp Community Guidelines -
> https://www.hashicorp.com/community-guidelines.html. Behavior in
> violation of those guidelines may result in your removal from this mailing
> list.
>
> GitHub Issues: https://github.com/mitchellh/packer/issues
> IRC: #packer-tool on Freenode
> ---
> You received this message because you are subscribed to the Google Groups
> "Packer" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to packer-tool+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/packer-tool/827f4b20-b10e-4090-83de-5dac7e641ca8%40googlegroups.com
> <https://groups.google.com/d/msgid/packer-tool/827f4b20-b10e-4090-83de-5dac7e641ca8%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
>
--
This mailing list is governed under the HashiCorp Community Guidelines -
https://www.hashicorp.com/community-guidelines.html. Behavior in violation of
those guidelines may result in your removal from this mailing list.
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups
"Packer" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to packer-tool+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/packer-tool/CALz9Rt9VYfriWNarF44xYfCnmyn6T6V-mFkEv001XLp2JxkLOA%40mail.gmail.com.
