Salt: [salt-ssh] Errors/Exceptions are not propagated when tty=True

Created on 2 Nov 2017 · 4Comments · Source: saltstack/salt

Description of Issue/Question

salt-ssh not showing the error output when the host is setup with tty=True.

Setup

/etc/salt/roster
ubuntu12:
  host: 192.168.11.31
  sudo: True
  tty: True

Steps to Reproduce Issue

With tty=True:

# vagrant - doesn't need password to run sudo
# salt-ssh -i --user=vagrant --passwd=vagrant 'ubuntu12' test.ping
ubuntu12:
    ----------
    retcode:
        0
    stderr:
        Connection to 192.168.11.31 closed.
    stdout:
# vagrant2 - needs to enter password to use sudo
# salt-ssh -i --user=vagrant2 --passwd=vagrant 'ubuntu12' test.ping
ubuntu12:
    ----------
    retcode:
        0
    stderr:
        Connection to 192.168.11.31 closed.
    stdout:

With tty=False:

# salt-ssh -i --user=vagrant --passwd=vagrant 'ubuntu12' test.ping
ubuntu12:
    ----------
    retcode:
        0
    stderr:
        Traceback (most recent call last):
          File "/var/tmp/.vagrant_de806d_salt/salt-call", line 15, in <module>
            salt_call()
          File "/var/tmp/.vagrant_de806d_salt/py2/salt/scripts.py", line 374, in salt_call
            import salt.cli.call
          File "/var/tmp/.vagrant_de806d_salt/py2/salt/cli/call.py", line 9, in <module>
            import salt.cli.caller
          File "/var/tmp/.vagrant_de806d_salt/py2/salt/cli/caller.py", line 18, in <module>
            import salt.loader
          File "/var/tmp/.vagrant_de806d_salt/py2/salt/loader.py", line 29, in <module>
            import salt.utils.event
          File "/var/tmp/.vagrant_de806d_salt/py2/salt/utils/event.py", line 68, in <module>
            import tornado.iostream
          File "/var/tmp/.vagrant_de806d_salt/py2/tornado/iostream.py", line 40, in <module>
            from tornado.netutil import ssl_wrap_socket, ssl_match_hostname, SSLCertificateError, _client_ssl_defaults, _server_ssl_defaults
          File "/var/tmp/.vagrant_de806d_salt/py2/tornado/netutil.py", line 49, in <module>
            import backports.ssl_match_hostname
        ImportError: No module named backports.ssl_match_hostname
    stdout:
# salt-ssh -i --user=vagrant2 --passwd=vagrant 'ubuntu12' test.ping
ubuntu12:
    ----------
    retcode:
        1
    stderr:
        sudo: no tty present and no askpass program specified
        Sorry, try again.
        sudo: no tty present and no askpass program specified
        Sorry, try again.
        sudo: no tty present and no askpass program specified
        Sorry, try again.
        sudo: 3 incorrect password attempts
    stdout:
        ERROR: sudo expected a password, NOPASSWD required

Versions Report

Salt Version:
           Salt: 2016.11.8

Dependency Versions:
           cffi: Not Installed
       cherrypy: Not Installed
       dateutil: 2.4.2
      docker-py: Not Installed
          gitdb: Not Installed
      gitpython: Not Installed
          ioflo: Not Installed
         Jinja2: 2.8
        libgit2: Not Installed
        libnacl: Not Installed
       M2Crypto: Not Installed
           Mako: 1.0.3
   msgpack-pure: Not Installed
 msgpack-python: 0.4.6
   mysql-python: Not Installed
      pycparser: Not Installed
       pycrypto: Not Installed
   pycryptodome: Not Installed
         pygit2: Not Installed
         Python: 2.7.12 (default, Nov 19 2016, 06:48:10)
   python-gnupg: Not Installed
         PyYAML: 3.11
          PyZMQ: Not Installed
           RAET: Not Installed
          smmap: Not Installed
        timelib: Not Installed
        Tornado: 4.2.1
            ZMQ: Not Installed

System Versions:
           dist: Ubuntu 16.04 xenial
        machine: x86_64
        release: 4.4.0-92-generic
         system: Linux
        version: Ubuntu 16.04 xenial

Bug P4 Salt-SSH severity-medium stale team-ssh

Source

rossengeorgiev

Most helpful comment

Thanks for checking that. Looks like i'm also able to replicate this. Looks like we need to improve the error reporting here. thanks

ping @saltstack/team-ssh ^^

Ch3LL on 9 Nov 2017

😄1 👍1

All 4 comments

Do you see this same behavior on a supported OS like ubuntu14?

Ch3LL on 7 Nov 2017

Yes, I can replicate this on any OS with the recent versions of salt.

```bash
[root@centos7-2 ~]$ cat /etc/redhat-release
CentOS Linux release 7.2.1511 (Core)
[root@centos7-2 ~]$ salt-ssh --version
salt-ssh 2017.7.2 (Nitrogen)
[root@centos7-2 ~]$ echo "

localhost-notty:
host: 127.0.0.1
tty: False
localhost-tty:
host: 127.0.0.1
tty: True
" > /etc/salt/roster
[root@centos7-2 ~]$ salt-ssh --user=vagrant --passwd=vagrant -i 'localhost-notty' doesnt.exist
localhost-notty:
----------
retcode:
0
stderr:
'doesnt.exist' is not available.
stdout:
[root@centos7-2 ~]$ salt-ssh --user=vagrant --passwd=vagrant -i 'localhost-tty' doesnt.exist
localhost-tty:
----------
retcode:
0
stderr:
Connection to 127.0.0.1 closed.
stdout:

rossengeorgiev on 7 Nov 2017

Thanks for checking that. Looks like i'm also able to replicate this. Looks like we need to improve the error reporting here. thanks

ping @saltstack/team-ssh ^^

Ch3LL on 9 Nov 2017

😄1 👍1

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

If this issue is closed prematurely, please leave a comment and we will gladly reopen the issue.