Ansible.posix.mount opts with password not working

When using the mount module with the below code I’m facing an issue when the password has a double quote in it. I’m not sure if its the module or ansible that is auto escaping it with a single slash.

- name: "Mount {{ common_cifs_root }}"
  ansible.posix.mount:
    src: "{{ common_cifs_root }}"
    path: "{{ common_mount_folder }}"
    opts: "noserverino,dom={{ common_ad_domain }},username={{ common_ad_username }},password={{ common_ad_password }}"
    state: ephemeral
    fstype: "{{ common_fs_type }}"

The first line is the password, the 2nd is what ansible is sending. The mount command doesn’t like that, if I run the command manually with the password as is it works.

~*ACE=!t#,26F3"16a - Password

~*ACE=!t#,26F3\"16a - Password set by ansible || moudle

Can you show us the error output? I actually would expect the double-quotes to be escaped depending on the context.

This is with -vvvv set.

fatal: [node1]: FAILED! => {
    "changed": false,
    "invocation": {
        "module_args": {
            "backup": false,
            "boot": true,
            "dump": "0",
            "fstab": null,
            "fstype": "cifs",
            "opts": "noserverino,dom=aasp,username=myuser,password=~*ACE=!t#,26F3\"16a",
            "passno": "0",
            "path": "/tmp/cert_test",
            "src": "//nas/tutility/users/myuser/was_certs",
            "state": "ephemeral"
        }
    },
    "msg": "Error mounting /tmp/cert_test: mount error(13): Permission denied\nRefer to the mount.cifs(8) manual page (e.g. man mount.cifs)\n"

Okay, so the escaped quotes there is because it has to be for the json returned to valid. It shouldn’t be escaped by the module when executed.

Are you running this with elevated permissions? Either as root or with become: true?

With become set yes. Not as root.

Well, you could try creating a credentials file first and passing credentials=<filename> on the mount task instead, or you could try setting PASSWD as an environment variable. It might be that the ! is the problem and only ~*ACE= is being treated as the password; while we’re just not seeing the !t#,26F3"16a: event not found error for some reason.

I.e.

- name: "Mount {{ common_cifs_root }}"
  ansible.posix.mount:
    src: "{{ common_cifs_root }}"
    path: "{{ common_mount_folder }}"
    opts: "noserverino,dom={{ common_ad_domain }},username={{ common_ad_username }}"
    state: ephemeral
    fstype: "{{ common_fs_type }}"
  environment:
    PASSWD: "{{ common_ad_password }}"

I’m also wondering if you need sec=ntlmv2 or vers=3, but I think you would get a different error if that were the case.

1 Like

I tried the sec/vers with no luck but the code block as is worked. Thanks for the suggestion.

You’re welcome, glad that worked.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.