Giters

opoplawski / ansible-pfsense

Ansible modules for managing pfSense firewalls

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Unable to make it working. What I'm doing wrong?

majales opened this issue · comments

commented

Hi. Sorry but I'm unable to make it work as described on my test pfsense 2.4.4.
Maybe I'm missing something. I've tried to create user with simple pfsense_user playbook

- hosts: "{{ hostitem }}"
  gather_facts: False
  become: yes
#  connection: paramiko

  tasks:
   - name: Add operator user
     pfsense_user:
      name: operator
      descr: Operator
      scope: user
      groupname: Operators
      priv: [ 'page-all', 'user-shell-access' ]

But even with paramiko connection the error is always like this:

...
 Bad -c option
debug3: mux_client_read_packet: read header failed: Broken pipe
debug2: Received exit status from master 2
fatal: [pfsense_test]: UNREACHABLE! => {
    "changed": false, 
    "msg": "Authentication or permission failure. In some cases, you may have been able to authenticate and did not have permissions on the target directory. Consider changing the remote tmp path in ansible.cfg to a path rooted in \"/tmp\". Failed command was: ( umask 77 && mkdir -p \"` echo ~/.ansible/tmp/ansible-tmp-1576870605.3-68562282288037 `\" && echo ansible-tmp-1576870605.3-68562282288037=\"` echo ~/.ansible/tmp/ansible-tmp-1576870605.3-68562282288037 `\" ), exited with result 2, stderr output: OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n  7 Dec 2017\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 19: Applying options for *\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: done pid = 22716\r\ndebug3: mux_client_request_session: session request sent\r\ndebug1: mux_client_request_session: master session id: 2\r\nBad -c option\ndebug3: mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received exit status from master 2\r\n", 
    "unreachable": true
}
	to retry, use: --limit @/etc/ansible/roles/ansible-pfsense-github/test-user-add.retry

PLAY RECAP *****************************************************************************************************************************************************************************************************
pfsense_test               : ok=0    changed=0    unreachable=1    failed=0

My ansible version:

root@COMP-01:/etc/ansible/roles/ansible-pfsense-github# ansible --version
ansible 2.7.15
  config file = /etc/ansible/roles/ansible-pfsense-github/ansible.cfg
  configured module search path = [u'/etc/ansible/roles/library']
  ansible python module location = /usr/lib/python2.7/dist-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.15+ (default, Oct  7 2019, 17:39:04) [GCC 7.4.0]

Even ansible ping command is not working..

root@COMP-01:/etc/ansible/roles/ansible-pfsense-github# ansible -m ping -i hosts pfsense_test -c paramiko --ask-pass -b -vvvvv 
ansible 2.7.15
  config file = /etc/ansible/roles/ansible-pfsense-github/ansible.cfg
  configured module search path = [u'/etc/ansible/roles/library']
  ansible python module location = /usr/lib/python2.7/dist-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.15+ (default, Oct  7 2019, 17:39:04) [GCC 7.4.0]
Using /etc/ansible/roles/ansible-pfsense-github/ansible.cfg as config file
SSH password: 
setting up inventory plugins
/etc/ansible/roles/ansible-pfsense-github/hosts did not meet host_list requirements, check plugin documentation if this is unexpected
/etc/ansible/roles/ansible-pfsense-github/hosts did not meet script requirements, check plugin documentation if this is unexpected
Parsed /etc/ansible/roles/ansible-pfsense-github/hosts inventory source with ini plugin
Loading callback plugin minimal of type stdout, v2.0 from /usr/lib/python2.7/dist-packages/ansible/plugins/callback/minimal.pyc
META: ran handlers
<172.254.29.254> ESTABLISH PARAMIKO SSH CONNECTION FOR USER: admin on PORT 22 TO 172.254.29.254
<172.254.29.254> EXEC /bin/sh -c 'echo ~admin && sleep 0'
<172.254.29.254> EXEC /bin/sh -c 'echo "`pwd`" && sleep 0'
<172.254.29.254> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo ~/.ansible/tmp/ansible-tmp-1577442259.16-60629702648004 `" && echo ansible-tmp-1577442259.16-60629702648004="` echo ~/.ansible/tmp/ansible-tmp-1577442259.16-60629702648004 `" ) && sleep 0'
pfsense_test | UNREACHABLE! => {
    "changed": false, 
    "msg": "Authentication or permission failure. In some cases, you may have been able to authenticate and did not have permissions on the target directory. Consider changing the remote tmp path in ansible.cfg to a path rooted in \"/tmp\". Failed command was: ( umask 77 && mkdir -p \"` echo ~/.ansible/tmp/ansible-tmp-1577442259.16-60629702648004 `\" && echo ansible-tmp-1577442259.16-60629702648004=\"` echo ~/.ansible/tmp/ansible-tmp-1577442259.16-60629702648004 `\" ), exited with result 2, stderr output: Bad -c option\n", 
    "unreachable": true
}
commented

I was wrong.. I was using "admin" instead of "root" account.... when switched to pfsense "root" user it started to work..