Comments (4)
@jpmckinney do you run salt-ssh
as root? The workaround does not work for me, I am in zsh
not bash
and changing to bash
does not make a difference. The problem I am having is that su
only runs without silently asking for a password if run as root.
I pointed down the source of the problem to the change of salt/utils/rsax931.py
_find_libcrypto()
which in 3006.8 used a different way to determine the location of the libraries location while in 3007 it uses salt.modules.mac_brew.homebrew_prefix()
which ultimately does the su
which does not work unless you run salt-ssh
as root.
The change that I believe introduced the problem is 21d80bf.
from salt.
I've been able to run it as either root or non-root with my workaround.
As non-root I get messages like below, but then it actually still runs the command successfully:
[ERROR ] Command 'su' failed with return code: 1
[ERROR ] stdout: su: Sorry
[ERROR ] retcode: 1
[ERROR ] Command 'brew' failed with return code: 1
from salt.
I wonder why this looks better on your setup. On my machine, salt-ssh
does output the same error but ends in an uncaught exception and not produce any proper output if run as non-root (note I had to press return once after executing the command for the waiting su
to continue):
$ salt-ssh --version
Traceback (most recent call last):
File "/private/tmp/.venv/bin/salt-ssh", line 8, in <module>
sys.exit(salt_ssh())
File "/private/tmp/.venv/lib/python3.9/site-packages/salt/scripts.py", line 463, in salt_ssh
import salt.cli.ssh
File "/private/tmp/.venv/lib/python3.9/site-packages/salt/cli/ssh.py", line 3, in <module>
import salt.client.ssh
File "/private/tmp/.venv/lib/python3.9/site-packages/salt/client/__init__.py", line 30, in <module>
import salt.cache
File "/private/tmp/.venv/lib/python3.9/site-packages/salt/cache/__init__.py", line 12, in <module>
import salt.loader
File "/private/tmp/.venv/lib/python3.9/site-packages/salt/loader/__init__.py", line 33, in <module>
from .lazy import SALT_BASE_PATH, FilterDictWrapper, LazyLoader
File "/private/tmp/.venv/lib/python3.9/site-packages/salt/loader/lazy.py", line 29, in <module>
import salt.utils.event
File "/private/tmp/.venv/lib/python3.9/site-packages/salt/utils/event.py", line 67, in <module>
import salt.channel.client
File "/private/tmp/.venv/lib/python3.9/site-packages/salt/channel/client.py", line 14, in <module>
import salt.crypt
File "/private/tmp/.venv/lib/python3.9/site-packages/salt/crypt.py", line 34, in <module>
import salt.utils.rsax931
File "/private/tmp/.venv/lib/python3.9/site-packages/salt/utils/rsax931.py", line 174, in <module>
libcrypto = _init_libcrypto()
File "/private/tmp/.venv/lib/python3.9/site-packages/salt/utils/rsax931.py", line 127, in _init_libcrypto
libcrypto = _load_libcrypto()
File "/private/tmp/.venv/lib/python3.9/site-packages/salt/utils/rsax931.py", line 120, in _load_libcrypto
return cdll.LoadLibrary(_find_libcrypto())
File "/private/tmp/.venv/lib/python3.9/site-packages/salt/utils/rsax931.py", line 112, in _find_libcrypto
raise OSError("Cannot locate OpenSSL libcrypto")
OSError: Cannot locate OpenSSL libcrypto
[ERROR ] Command 'su' failed with return code: 1
[ERROR ] stdout: Password:su: Sorry
[ERROR ] retcode: 1
[ERROR ] Command 'brew' failed with return code: 1
[ERROR ] An un-handled exception was caught by Salt's global exception handler:
OSError: Cannot locate OpenSSL libcrypto
Traceback (most recent call last):
File "/private/tmp/.venv/bin/salt-ssh", line 8, in <module>
sys.exit(salt_ssh())
File "/private/tmp/.venv/lib/python3.9/site-packages/salt/scripts.py", line 463, in salt_ssh
import salt.cli.ssh
File "/private/tmp/.venv/lib/python3.9/site-packages/salt/cli/ssh.py", line 3, in <module>
import salt.client.ssh
File "/private/tmp/.venv/lib/python3.9/site-packages/salt/client/__init__.py", line 30, in <module>
import salt.cache
File "/private/tmp/.venv/lib/python3.9/site-packages/salt/cache/__init__.py", line 12, in <module>
import salt.loader
File "/private/tmp/.venv/lib/python3.9/site-packages/salt/loader/__init__.py", line 33, in <module>
from .lazy import SALT_BASE_PATH, FilterDictWrapper, LazyLoader
File "/private/tmp/.venv/lib/python3.9/site-packages/salt/loader/lazy.py", line 29, in <module>
import salt.utils.event
File "/private/tmp/.venv/lib/python3.9/site-packages/salt/utils/event.py", line 67, in <module>
import salt.channel.client
File "/private/tmp/.venv/lib/python3.9/site-packages/salt/channel/client.py", line 14, in <module>
import salt.crypt
File "/private/tmp/.venv/lib/python3.9/site-packages/salt/crypt.py", line 34, in <module>
import salt.utils.rsax931
File "/private/tmp/.venv/lib/python3.9/site-packages/salt/utils/rsax931.py", line 174, in <module>
libcrypto = _init_libcrypto()
File "/private/tmp/.venv/lib/python3.9/site-packages/salt/utils/rsax931.py", line 127, in _init_libcrypto
libcrypto = _load_libcrypto()
File "/private/tmp/.venv/lib/python3.9/site-packages/salt/utils/rsax931.py", line 120, in _load_libcrypto
return cdll.LoadLibrary(_find_libcrypto())
File "/private/tmp/.venv/lib/python3.9/site-packages/salt/utils/rsax931.py", line 112, in _find_libcrypto
raise OSError("Cannot locate OpenSSL libcrypto")
OSError: Cannot locate OpenSSL libcrypto
Now as root:
$ sudo salt-ssh --version
salt-ssh 3007.0 (Chlorine)
from salt.
One difference is that I installed as onedir described here https://docs.saltproject.io/salt/install-guide/en/latest/topics/install-by-operating-system/macos.html#install-salt-on-macos
You seem to have it installed in a virtualenv, so the actual Salt code/setup might differ.
from salt.
Related Issues (20)
- [BUG] Using IPv6 in 3007.0 causes TCP PublishServer to crash HOT 1
- [BUG] Channels are closed while listened to in 3007.0 HOT 1
- [BUG] salt-ssh breaks on FreeBSD if IFCONFIG_FORMAT is set to return CIDR HOT 1
- [BUG] MySQL Version caching ignores connection_args breaking states the use multiple MySQL servers
- [DOCS] Link to Slack community only works if you have a saltstack.com email address HOT 2
- [BUG] [3007] Salt-master doesn't start when ssl is enabled HOT 2
- [BUG] FIPS mode uses non FIPS algorithms.
- [DOCS] state_top_saltenv documention is inaccurate in regard to when it applies
- [BUG] file_roots to relative path seems broken HOT 1
- [BUG] states from gitfs fail with AttributeError: '_pygit2.Blob' object has no attribute 'oid' with pygit2 1.15.0 HOT 3
- [BUG] [3007] Problem running salt function in Jinja template: Cannot run the event loop while another loop is running HOT 2
- [BUG] [3007.1] startup_states: highstate stop working HOT 2
- [BUG] [Regression] yaml output broken in 3006.8 HOT 3
- [BUG] Error trying to install packages with zypper in AutoYaST process HOT 2
- [BUG] Unless or Onlyif requisite isn't working anymore in 3007.1 with cmd.run and shell powershell. HOT 4
- [BUG] 3007.1 fail to write to vault when using self-signed certificates (verify config not honored) HOT 2
- [BUG] Salt-SSH: Accessing modules in Jinja templates via attributes disables wrappers HOT 2
- [BUG] DeprecationWarning: ssl.PROTOCOL_TLS is deprecated HOT 1
- [BUG] Regression in Salt 3007: Minion fails to start on Windows when using IPv6 HOT 2
- [BUG] salt v3007.1 onedir rpm package dependencies break the system HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from salt.