Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Unable to use pfsense_authserver module #146

Open
Inocious opened this issue Nov 18, 2024 · 0 comments
Open

Unable to use pfsense_authserver module #146

Inocious opened this issue Nov 18, 2024 · 0 comments
Labels
bug Something isn't working

Comments

@Inocious
Copy link

Inocious commented Nov 18, 2024

Describe the bug
SEE EDIT AT THE BOTTOM
When I want to use the module pfsense_authserver module, it fails with error
TypeError: PFSenseModuleBase.__init__() got an unexpected keyword argument 'root'.
I have my /etc/ansible/ansible.cfg conf file:

[defaults]
inventory      = /root/dev-ansible/inventory.yaml

I then have my inventory /root/dev-ansible/inventory.yaml

all:
  vars:
    ansible_ssh_common_args: "-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null"
  hosts:
    <REDACTED_TARGET_IP>:

fw_pfsense:
  hosts:
    <REDACTED_TARGET_IP>:

pve:
  hosts:
    <REDACTED_PROXMOX_HV_IP>

I then created an ssh key pair, protected by password that I added to my Pfsenser target system:

ssh-copy-id root@<REDACTED_TARGET_IP>

i can sucessfully connect to my target pfSense without any password prompt for my ansible controller:

eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_ed25519

Playbook

  hosts: fw_pfsense
  vars_files:
    - vaults/vault.yml
    - vars/conf_pfsense.yml
  roles:
    - conf_pfsense
  gather_facts: False

2 conf var files:
vars/conf_pfsense.yml

ansible_python_interpreter: /usr/local/bin/python3.11

vars/vault.yml

ansible_user: root

My role as a main task:

# This subtask is used only as test for successfull changes on target. It works.
- name: Configure General Setup
  ansible.builtin.include_tasks: general_setup.yml
# This one is the one that seems to have a bug
- name: Configure LDAP auth server
  ansible.builtin.include_tasks: configure_LDAP_authserver.yml

My subtask has the exact same example as on pfsense_authserver documentation:

  pfsensible.core.pfsense_authserver:
    name: myitem
    type: ldap
    ldap_port: 389
    ldap_urltype: STARTTLS Encrypted
    ldap_caref: global
    ldap_protver: 3
    ldap_timeout: 25
    ldap_scope: subtree
    ldap_basedn: cn=base
    ldap_extended_enabled: true
    ldap_extended_query: memberOf=CN=Groupname,OU=MyGroups,DC=example,DC=com
    ldap_binddn: admin
    ldap_bindpw: changeme
    ldap_attr_user: samAccountName
    ldap_attr_group: cn
    ldap_attr_member: memberOf
    ldap_rfc2307: true
    ldap_rfc2307_userdn: true
    ldap_attr_groupobj: posixGroup
    ldap_pam_groupdn: CN=Remoteshellusers,CN=Users,DC=example,DC=com
    ldap_utf8: true
    ldap_nostrip_at: true
    ldap_allow_unauthenticated: true
    host: ldap.example.com
    ldap_authcn: CN=Users;DC=example,DC=com
    state: present

- name: Remove myitem authserver
  pfsensible.core.pfsense_authserver:
    name: myitem
    state: absent

Output
It fails with error TypeError: PFSenseModuleBase.__init__() got an unexpected keyword argument 'root':

ansible-playbook [core 2.14.16]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3/dist-packages/ansible
  ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible-playbook
  python version = 3.11.2 (main, Sep 14 2024, 03:00:30) [GCC 12.2.0] (/usr/bin/python3)
  jinja version = 3.1.2
  libyaml = True
Using /etc/ansible/ansible.cfg as config file
setting up inventory plugins
host_list declined parsing /root/dev-ansible/inventory.yaml as it did not pass its verify_file() method
script declined parsing /root/dev-ansible/inventory.yaml as it did not pass its verify_file() method
Parsed /root/dev-ansible/inventory.yaml inventory source with yaml plugin
Read vars_file 'vaults/vault.yml'
Read vars_file 'vars/conf_pfsense.yml'
Read vars_file 'vaults/vault.yml'
Read vars_file 'vars/conf_pfsense.yml'
Read vars_file 'vaults/vault.yml'
Read vars_file 'vars/conf_pfsense.yml'
Loading callback plugin default of type stdout, v2.0 from /usr/lib/python3/dist-packages/ansible/plugins/callback/default.py
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.

PLAYBOOK: pfsense_configuration.yml ********************************************
Positional arguments: /root/dev-ansible/pfsense_configuration.yml
verbosity: 4
connection: smart
timeout: 10
become_method: sudo
tags: ('all',)
inventory: ('/root/dev-ansible/inventory.yaml',)
forks: 5
1 plays in /root/dev-ansible/pfsense_configuration.yml
Read vars_file 'vaults/vault.yml'
Read vars_file 'vars/conf_pfsense.yml'
Read vars_file 'vaults/vault.yml'
Read vars_file 'vars/conf_pfsense.yml'
Read vars_file 'vaults/vault.yml'
Read vars_file 'vars/conf_pfsense.yml'

PLAY [Configure pfSense] *******************************************************
Read vars_file 'vaults/vault.yml'
Read vars_file 'vars/conf_pfsense.yml'
Read vars_file 'vaults/vault.yml'
Read vars_file 'vars/conf_pfsense.yml'
Read vars_file 'vaults/vault.yml'
Read vars_file 'vars/conf_pfsense.yml'

TASK [conf_pfsense : Configure General Setup] **********************************
task path: /root/dev-ansible/roles/conf_pfsense/tasks/main.yml:10
Read vars_file 'vaults/vault.yml'
Read vars_file 'vars/conf_pfsense.yml'
Loading collection pfsensible.core from /root/.ansible/collections/ansible_collections/pfsensible/core
included: /root/dev-ansible/roles/conf_pfsense/tasks/general_setup.yml for <REDACTED_TARGET_IP>
Read vars_file 'vaults/vault.yml'
Read vars_file 'vars/conf_pfsense.yml'
Read vars_file 'vaults/vault.yml'
Read vars_file 'vars/conf_pfsense.yml'

TASK [conf_pfsense : Configure General Setup] **********************************
task path: /root/dev-ansible/roles/conf_pfsense/tasks/general_setup.yml:1
<<REDACTED_TARGET_IP>> ESTABLISH SSH CONNECTION FOR USER: root
....
ok: [<REDACTED_TARGET_IP>] => {
<REDACTED_JSON_ANSWER>
}
Read vars_file 'vaults/vault.yml'
Read vars_file 'vars/conf_pfsense.yml'

TASK [conf_pfsense : Configure LDAP auth server] *******************************
task path: /root/dev-ansible/roles/conf_pfsense/tasks/main.yml:19
Read vars_file 'vaults/vault.yml'
Read vars_file 'vars/conf_pfsense.yml'
included: /root/dev-ansible/roles/conf_pfsense/tasks/configure_LDAP_authserver.yml for <REDACTED_TARGET_IP>
Read vars_file 'vaults/vault.yml'
Read vars_file 'vars/conf_pfsense.yml'
Read vars_file 'vaults/vault.yml'
Read vars_file 'vars/conf_pfsense.yml'

TASK [conf_pfsense : Add myitem authserver] ************************************
task path: /root/dev-ansible/roles/conf_pfsense/tasks/configure_LDAP_authserver.yml:1
<<REDACTED_TARGET_IP>> ESTABLISH SSH CONNECTION FOR USER: root
<<REDACTED_TARGET_IP>> SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="root"' -o ConnectTimeout=10 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o 'ControlPath="/root/.ansible/cp/f5b553d87a"' <REDACTED_TARGET_IP> '/bin/sh -c '"'"'echo ~root && sleep 0'"'"''
<<REDACTED_TARGET_IP>> (0, b'/root\n', b'OpenSSH_9.2p1 Debian-2+deb12u3, OpenSSL 3.0.15 3 Sep 2024\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files\r\ndebug1: /etc/ssh/ssh_config line 21: Applying options for *\r\ndebug2: resolve_canonicalize: hostname <REDACTED_TARGET_IP> is address\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: done pid = 6686\r\ndebug3: mux_client_request_session: session request sent\r\ndebug1: mux_client_request_session: master session id: 2\r\ndebug3: mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received exit status from master 0\r\n')
<<REDACTED_TARGET_IP>> ESTABLISH SSH CONNECTION FOR USER: root
<<REDACTED_TARGET_IP>> SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="root"' -o ConnectTimeout=10 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o 'ControlPath="/root/.ansible/cp/f5b553d87a"' <REDACTED_TARGET_IP> '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo /root/.ansible/tmp `"&& mkdir "` echo /root/.ansible/tmp/ansible-tmp-1731946347.92869-6695-211930175515461 `" && echo ansible-tmp-1731946347.92869-6695-211930175515461="` echo /root/.ansible/tmp/ansible-tmp-1731946347.92869-6695-211930175515461 `" ) && sleep 0'"'"''
<<REDACTED_TARGET_IP>> (0, b'ansible-tmp-1731946347.92869-6695-211930175515461=/root/.ansible/tmp/ansible-tmp-1731946347.92869-6695-211930175515461\n', b'OpenSSH_9.2p1 Debian-2+deb12u3, OpenSSL 3.0.15 3 Sep 2024\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files\r\ndebug1: /etc/ssh/ssh_config line 21: Applying options for *\r\ndebug2: resolve_canonicalize: hostname <REDACTED_TARGET_IP> is address\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: done pid = 6686\r\ndebug3: mux_client_request_session: session request sent\r\ndebug1: mux_client_request_session: master session id: 2\r\ndebug3: mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received exit status from master 0\r\n')
Loading collection community.general from /root/.ansible/collections/ansible_collections/community/general
Using module file /root/.ansible/collections/ansible_collections/pfsensible/core/plugins/modules/pfsense_authserver.py
<<REDACTED_TARGET_IP>> PUT /root/.ansible/tmp/ansible-local-6675tgrdya_y/tmp6gt8cyx_ TO /root/.ansible/tmp/ansible-tmp-1731946347.92869-6695-211930175515461/AnsiballZ_pfsense_authserver.py
<<REDACTED_TARGET_IP>> SSH: EXEC sftp -b - -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="root"' -o ConnectTimeout=10 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o 'ControlPath="/root/.ansible/cp/f5b553d87a"' '[<REDACTED_TARGET_IP>]'
<<REDACTED_TARGET_IP>> (0, b'sftp> put /root/.ansible/tmp/ansible-local-6675tgrdya_y/tmp6gt8cyx_ /root/.ansible/tmp/ansible-tmp-1731946347.92869-6695-211930175515461/AnsiballZ_pfsense_authserver.py\n', b'OpenSSH_9.2p1 Debian-2+deb12u3, OpenSSL 3.0.15 3 Sep 2024\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files\r\ndebug1: /etc/ssh/ssh_config line 21: Applying options for *\r\ndebug2: resolve_canonicalize: hostname <REDACTED_TARGET_IP> is address\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: done pid = 6686\r\ndebug3: mux_client_request_session: session request sent\r\ndebug1: mux_client_request_session: master session id: 2\r\ndebug2: Remote version: 3\r\ndebug2: Server supports extension "[email protected]" revision 1\r\ndebug2: Server supports extension "[email protected]" revision 2\r\ndebug2: Server supports extension "[email protected]" revision 2\r\ndebug2: Server supports extension "[email protected]" revision 1\r\ndebug2: Server supports extension "[email protected]" revision 1\r\ndebug2: Server supports extension "[email protected]" revision 1\r\ndebug2: Server supports extension "[email protected]" revision 1\r\ndebug2: Server supports extension "[email protected]" revision 1\r\ndebug2: Server supports extension "copy-data" revision 1\r\ndebug2: Unrecognised server extension "home-directory"\r\ndebug2: Server supports extension "[email protected]" revision 1\r\ndebug3: Sent message [email protected] I:1\r\ndebug3: Received limits reply T:201 I:1\r\ndebug3: server upload/download buffer sizes 261120 / 261120; using 261120 / 261120\r\ndebug3: server handle limit 116158; using 64\r\ndebug2: Sending SSH2_FXP_REALPATH "."\r\ndebug3: Sent message fd 3 T:16 I:2\r\ndebug3: SSH2_FXP_REALPATH . -> /root\r\ndebug3: Looking up /root/.ansible/tmp/ansible-local-6675tgrdya_y/tmp6gt8cyx_\r\ndebug2: Sending SSH2_FXP_STAT "/root/.ansible/tmp/ansible-tmp-1731946347.92869-6695-211930175515461/AnsiballZ_pfsense_authserver.py"\r\ndebug3: Sent message fd 3 T:17 I:3\r\ndebug1: stat remote: No such file or directory\r\ndebug2: do_upload: upload local "/root/.ansible/tmp/ansible-local-6675tgrdya_y/tmp6gt8cyx_" to remote "/root/.ansible/tmp/ansible-tmp-1731946347.92869-6695-211930175515461/AnsiballZ_pfsense_authserver.py"\r\ndebug2: Sending SSH2_FXP_OPEN "/root/.ansible/tmp/ansible-tmp-1731946347.92869-6695-211930175515461/AnsiballZ_pfsense_authserver.py"\r\ndebug3: Sent dest message SSH2_FXP_OPEN I:4 P:/root/.ansible/tmp/ansible-tmp-1731946347.92869-6695-211930175515461/AnsiballZ_pfsense_authserver.py M:0x001a\r\ndebug3: Sent message SSH2_FXP_WRITE I:6 O:0 S:153911\r\ndebug3: SSH2_FXP_STATUS 0\r\ndebug3: In write loop, ack for 6 153911 bytes at 0\r\ndebug3: Sent message SSH2_FXP_CLOSE I:5\r\ndebug3: SSH2_FXP_STATUS 0\r\ndebug3: mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received exit status from master 0\r\n')
<<REDACTED_TARGET_IP>> ESTABLISH SSH CONNECTION FOR USER: root
<<REDACTED_TARGET_IP>> SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="root"' -o ConnectTimeout=10 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o 'ControlPath="/root/.ansible/cp/f5b553d87a"' <REDACTED_TARGET_IP> '/bin/sh -c '"'"'chmod u+x /root/.ansible/tmp/ansible-tmp-1731946347.92869-6695-211930175515461/ /root/.ansible/tmp/ansible-tmp-1731946347.92869-6695-211930175515461/AnsiballZ_pfsense_authserver.py && sleep 0'"'"''
<<REDACTED_TARGET_IP>> (0, b'', b'OpenSSH_9.2p1 Debian-2+deb12u3, OpenSSL 3.0.15 3 Sep 2024\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files\r\ndebug1: /etc/ssh/ssh_config line 21: Applying options for *\r\ndebug2: resolve_canonicalize: hostname <REDACTED_TARGET_IP> is address\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: done pid = 6686\r\ndebug3: mux_client_request_session: session request sent\r\ndebug1: mux_client_request_session: master session id: 2\r\ndebug3: mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received exit status from master 0\r\n')
<<REDACTED_TARGET_IP>> ESTABLISH SSH CONNECTION FOR USER: root
<<REDACTED_TARGET_IP>> SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="root"' -o ConnectTimeout=10 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o 'ControlPath="/root/.ansible/cp/f5b553d87a"' -tt <REDACTED_TARGET_IP> '/bin/sh -c '"'"'/usr/local/bin/python3.11 /root/.ansible/tmp/ansible-tmp-1731946347.92869-6695-211930175515461/AnsiballZ_pfsense_authserver.py && sleep 0'"'"''
<<REDACTED_TARGET_IP>> (1, b'Traceback (most recent call last):\r\n  File "/root/.ansible/tmp/ansible-tmp-1731946347.92869-6695-211930175515461/AnsiballZ_pfsense_authserver.py", line 107, in <module>\r\n    _ansiballz_main()\r\n  File "/root/.ansible/tmp/ansible-tmp-1731946347.92869-6695-211930175515461/AnsiballZ_pfsense_authserver.py", line 99, in _ansiballz_main\r\n    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\r\n  File "/root/.ansible/tmp/ansible-tmp-1731946347.92869-6695-211930175515461/AnsiballZ_pfsense_authserver.py", line 47, in invoke_module\r\n    runpy.run_module(mod_name=\'ansible_collections.pfsensible.core.plugins.modules.pfsense_authserver\', init_globals=dict(_module_fqn=\'ansible_collections.pfsensible.core.plugins.modules.pfsense_authserver\', _modlib_path=modlib_path),\r\n  File "<frozen runpy>", line 226, in run_module\r\n  File "<frozen runpy>", line 98, in _run_module_code\r\n  File "<frozen runpy>", line 88, in _run_code\r\n  File "/tmp/ansible_pfsensible.core.pfsense_authserver_payload_164787g0/ansible_pfsensible.core.pfsense_authserver_payload.zip/ansible_collections/pfsensible/core/plugins/modules/pfsense_authserver.py", line 511, in <module>\r\n  File "/tmp/ansible_pfsensible.core.pfsense_authserver_payload_164787g0/ansible_pfsensible.core.pfsense_authserver_payload.zip/ansible_collections/pfsensible/core/plugins/modules/pfsense_authserver.py", line 505, in main\r\n  File "/tmp/ansible_pfsensible.core.pfsense_authserver_payload_164787g0/ansible_pfsensible.core.pfsense_authserver_payload.zip/ansible_collections/pfsensible/core/plugins/modules/pfsense_authserver.py", line 265, in __init__\r\nTypeError: PFSenseModuleBase.__init__() got an unexpected keyword argument \'root\'\r\n', b'OpenSSH_9.2p1 Debian-2+deb12u3, OpenSSL 3.0.15 3 Sep 2024\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files\r\ndebug1: /etc/ssh/ssh_config line 21: Applying options for *\r\ndebug2: resolve_canonicalize: hostname <REDACTED_TARGET_IP> is address\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: done pid = 6686\r\ndebug3: mux_client_request_session: session request sent\r\ndebug1: mux_client_request_session: master session id: 2\r\ndebug3: mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received exit status from master 1\r\nShared connection to <REDACTED_TARGET_IP> closed.\r\n')
<<REDACTED_TARGET_IP>> Failed to connect to the host via ssh: OpenSSH_9.2p1 Debian-2+deb12u3, OpenSSL 3.0.15 3 Sep 2024
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug2: resolve_canonicalize: hostname <REDACTED_TARGET_IP> is address
debug1: auto-mux: Trying existing master
debug2: fd 3 setting O_NONBLOCK
debug2: mux_client_hello_exchange: master version 4
debug3: mux_client_forwards: request forwardings: 0 local, 0 remote
debug3: mux_client_request_session: entering
debug3: mux_client_request_alive: entering
debug3: mux_client_request_alive: done pid = 6686
debug3: mux_client_request_session: session request sent
debug1: mux_client_request_session: master session id: 2
debug3: mux_client_read_packet: read header failed: Broken pipe
debug2: Received exit status from master 1
Shared connection to <REDACTED_TARGET_IP> closed.
<<REDACTED_TARGET_IP>> ESTABLISH SSH CONNECTION FOR USER: root
<<REDACTED_TARGET_IP>> SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="root"' -o ConnectTimeout=10 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o 'ControlPath="/root/.ansible/cp/f5b553d87a"' <REDACTED_TARGET_IP> '/bin/sh -c '"'"'rm -f -r /root/.ansible/tmp/ansible-tmp-1731946347.92869-6695-211930175515461/ > /dev/null 2>&1 && sleep 0'"'"''
<<REDACTED_TARGET_IP>> (0, b'', b'OpenSSH_9.2p1 Debian-2+deb12u3, OpenSSL 3.0.15 3 Sep 2024\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files\r\ndebug1: /etc/ssh/ssh_config line 21: Applying options for *\r\ndebug2: resolve_canonicalize: hostname <REDACTED_TARGET_IP> is address\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: done pid = 6686\r\ndebug3: mux_client_request_session: session request sent\r\ndebug1: mux_client_request_session: master session id: 2\r\ndebug3: mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received exit status from master 0\r\n')
The full traceback is:
Traceback (most recent call last):
  File "/root/.ansible/tmp/ansible-tmp-1731946347.92869-6695-211930175515461/AnsiballZ_pfsense_authserver.py", line 107, in <module>
    _ansiballz_main()
  File "/root/.ansible/tmp/ansible-tmp-1731946347.92869-6695-211930175515461/AnsiballZ_pfsense_authserver.py", line 99, in _ansiballz_main
    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
  File "/root/.ansible/tmp/ansible-tmp-1731946347.92869-6695-211930175515461/AnsiballZ_pfsense_authserver.py", line 47, in invoke_module
    runpy.run_module(mod_name='ansible_collections.pfsensible.core.plugins.modules.pfsense_authserver', init_globals=dict(_module_fqn='ansible_collections.pfsensible.core.plugins.modules.pfsense_authserver', _modlib_path=modlib_path),
  File "<frozen runpy>", line 226, in run_module
  File "<frozen runpy>", line 98, in _run_module_code
  File "<frozen runpy>", line 88, in _run_code
  File "/tmp/ansible_pfsensible.core.pfsense_authserver_payload_164787g0/ansible_pfsensible.core.pfsense_authserver_payload.zip/ansible_collections/pfsensible/core/plugins/modules/pfsense_authserver.py", line 511, in <module>
  File "/tmp/ansible_pfsensible.core.pfsense_authserver_payload_164787g0/ansible_pfsensible.core.pfsense_authserver_payload.zip/ansible_collections/pfsensible/core/plugins/modules/pfsense_authserver.py", line 505, in main
  File "/tmp/ansible_pfsensible.core.pfsense_authserver_payload_164787g0/ansible_pfsensible.core.pfsense_authserver_payload.zip/ansible_collections/pfsensible/core/plugins/modules/pfsense_authserver.py", line 265, in __init__
TypeError: PFSenseModuleBase.__init__() got an unexpected keyword argument 'root'
fatal: [<REDACTED_TARGET_IP>]: FAILED! => {
    "changed": false,
    "module_stderr": "OpenSSH_9.2p1 Debian-2+deb12u3, OpenSSL 3.0.15 3 Sep 2024\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files\r\ndebug1: /etc/ssh/ssh_config line 21: Applying options for *\r\ndebug2: resolve_canonicalize: hostname <REDACTED_TARGET_IP> is address\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: done pid = 6686\r\ndebug3: mux_client_request_session: session request sent\r\ndebug1: mux_client_request_session: master session id: 2\r\ndebug3: mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received exit status from master 1\r\nShared connection to <REDACTED_TARGET_IP> closed.\r\n",
    "module_stdout": "Traceback (most recent call last):\r\n  File \"/root/.ansible/tmp/ansible-tmp-1731946347.92869-6695-211930175515461/AnsiballZ_pfsense_authserver.py\", line 107, in <module>\r\n    _ansiballz_main()\r\n  File \"/root/.ansible/tmp/ansible-tmp-1731946347.92869-6695-211930175515461/AnsiballZ_pfsense_authserver.py\", line 99, in _ansiballz_main\r\n    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\r\n  File \"/root/.ansible/tmp/ansible-tmp-1731946347.92869-6695-211930175515461/AnsiballZ_pfsense_authserver.py\", line 47, in invoke_module\r\n    runpy.run_module(mod_name='ansible_collections.pfsensible.core.plugins.modules.pfsense_authserver', init_globals=dict(_module_fqn='ansible_collections.pfsensible.core.plugins.modules.pfsense_authserver', _modlib_path=modlib_path),\r\n  File \"<frozen runpy>\", line 226, in run_module\r\n  File \"<frozen runpy>\", line 98, in _run_module_code\r\n  File \"<frozen runpy>\", line 88, in _run_code\r\n  File \"/tmp/ansible_pfsensible.core.pfsense_authserver_payload_164787g0/ansible_pfsensible.core.pfsense_authserver_payload.zip/ansible_collections/pfsensible/core/plugins/modules/pfsense_authserver.py\", line 511, in <module>\r\n  File \"/tmp/ansible_pfsensible.core.pfsense_authserver_payload_164787g0/ansible_pfsensible.core.pfsense_authserver_payload.zip/ansible_collections/pfsensible/core/plugins/modules/pfsense_authserver.py\", line 505, in main\r\n  File \"/tmp/ansible_pfsensible.core.pfsense_authserver_payload_164787g0/ansible_pfsensible.core.pfsense_authserver_payload.zip/ansible_collections/pfsensible/core/plugins/modules/pfsense_authserver.py\", line 265, in __init__\r\nTypeError: PFSenseModuleBase.__init__() got an unexpected keyword argument 'root'\r\n",
    "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
    "rc": 1
}

PLAY RECAP *********************************************************************
<REDACTED_TARGET_IP>             : ok=3    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0 

Environment

  • What version of pfsensible.core?
ansible [core 2.14.16]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3/dist-packages/ansible
  ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible
  python version = 3.11.2 (main, Sep 14 2024, 03:00:30) [GCC 12.2.0] (/usr/bin/python3)
  jinja version = 3.1.2
  libyaml = True
ansible-galaxy collection list | grep pfsensible.core
pfsensible.core                          0.6.1
  • What version of ansible?
ansible/stable,now 7.7.0+dfsg-3+deb12u1 all [installed]
  • What version of pfSense?
CE 2.7.2

EDIT
I'm confused.
I just noticed that repo on github at core/plugins/modules/ doesn't contain pfsense_authserver.py, only pfsense_authserver_ldap.py...
But the documentation at Ansible Galaxy website does contain it. I installed it with ansible-galaxy collection install pfsensible.core

Does it mean that the more general purpose module pfsense_authserver.py got deleted and that we have to use pfsense_authserver_ldap.py ? If yes, why on version 0.6.1, it seems that it's available and the ansible galaxy website shows usage on how to use it ?

@Inocious Inocious added the bug Something isn't working label Nov 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

1 participant