The "fetch" command is not executed with root (via sudo) privileges?

Archives Ansible Project
1

Hi List,

I’m trying to store certain private keys to a central repository after creating those users and keys.

I wanted to copy those key’s using the “fetch” module, but I’m starting to think the module is not executed via sudo?

This is the command:

  • name: DTR | Kopieer private SSH key
    action: fetch
    src=/home/${item.user}/.ssh/id_rsa
    dest=/media/storage/keys/dtr
    with_items: $dtr_accounts

And I also tried:

  • name: DTR | Kopieer private SSH key
    action: fetch
    src=/home/${item.user}/.ssh/id_rsa
    dest=/media/storage/keys/dtr
    sudo: yes
    sudo_user: root
    with_items: $dtr_accounts

But it still fails with:

fatal: [pdtrdalton] => failed to transfer file from /home/mqtshur/.ssh/id_rsa
FATAL: all hosts have already failed – aborting

Is my thinking true? Fetch is run under your own account?

Thanks,
Mark

2

Known issue, if you need to use sudo you must use as slurp. Fetch will be modified to do this, but doesn’t,t support it yet.

3

That is somewhat disappointing. Seeing as this used to work fine, and was only recently revisiting this playbook only to find it no longer worked. (After removing all the only_if statements, which apparently also no longer work).

Ok, I will have to wait for it to happen then. Can I use our service-contract with ansibleworks to “vote” on issues or something like it? (That would be cool by the way)

Thanks!
Mark

4

I don’t know if fetch ever worked, but only if still does in my plays.

5

Hi Mark, fetch mode with sudo is a feature request we have open, but I’m also pretty sure it was never implemented. Given, my memory over the last 1.5 years of the thousands of commits is not always perfect! :slight_smile:

As for support contract issues, you should have been given information on how to use that to open requests/tickets, let me know off list if you did not and I’ll get you hooked up.

–Michael

6

Used to work fine for me, pre-1.2. Doesn't anymore.

7

Hmm, I think I remember now.

It always used to use slurp (which is wrong for large files), the fix uses “copy”, but should use slurp when permissions are denied.

For large files, slurp is bad because it pulls things into memory.

8

Hi Michael,

any news on this? Or a work around? We are running Ansible 1.3, where it still seems to not work anymore.

Thanks!
Mark

9

This is actually on my todo list for tomorrow, and will be included in the official 1.3 release. I’ll let you knitter when it’s ready for testing.

10

Hi James!

I’ll donate a beer via Paypal if you fixed it :stuck_out_tongue_winking_eye:

11

This was fixed last Thursday, sorry for not updating this thread.

12

Fantastic! What’s the paypal address I can send the beer to?