FileNotFoundError: [Errno 2] No such file or directory: '/tmp/ansible-keepass-6d5c20be.sock' about ansible-keepass HOT 20 CLOSED

The issue was fixed in v0.7.2

from ansible-keepass.

Hi, python-pykeepass of version 4.0.2. is also appropriate. No need to downgrade it.
Probably you have more then one running ansible playbook in the same time, e.g. first playbook connected to the socket and the second want to connect. Try to run playbooks sequentially (run a second playbook, after a first is done).

I'll fix this issue. Thank you

from ansible-keepass.

Yeah, tested it first with version 4.0.2, same thing.
This is just one playbook to update one package for a few servers.

from ansible-keepass.

Maybe the socket is just not being created fast enough. If I add some random hosts before the real ones begin, everything is fine.

Edit:
Hm. Nope thats not it. Doesn't always work.

from ansible-keepass.

Are you using {{ lookup('keepass', 'close') }} ?
If yes, try to remove it for solve the issue.

from ansible-keepass.

I use only "{{ lookup('keepass', 'path/to/entry', 'password') }}" for all of my hosts.

from ansible-keepass.

I have not yet found a good solution to this problem, but you can try setting keepass_ttl: 0 (see examples/group_vars/all). It will not apply settimeout for the opened socket. For close it add {{ lookup('keepass', 'close') }} to end of you playbook (see examples/example-playbook.yml)

Before try it, get updated keepass.py from the repository

from ansible-keepass.

It's the same. For the first 3-4 servers the sock is not created and after that ansible-keepass-6d5c20be.sock is created in the tmp folder and everything works.

I also have the keepassxc.sock in the tmp folder. Wouldn't that be a better option to use?

from ansible-keepass.

I added a possibility to run socket manually before call ansible-playbook. In your case it is python /home/dan/.ansible/plugins/lookup/keepass.py /home/dan/.ansible/ansible.kdbx --ask-pass (for stop it press Ctrl + C after done of a playbook). This solution ensures that only one socket will be running and the plugin will not try to start it by subprocess. This is still not a perfect solution, but should be working. I'm looking for a better one

keepassxc.sock is a part of KeePassXC and it is not compatible with the plugin

from ansible-keepass.

Hey! Thanks for trying to fix this!

I have also a key and added the key path behind the database path. I get the similar error message.

Traceback (most recent call last):
  File "/home/dan/.ansible/plugins/lookup/keepass.py", line 393, in <module>
    _keepass_socket(kdbx, key, kdbx_sock, args.ttl, password)
  File "/home/dan/.ansible/plugins/lookup/keepass.py", line 195, in _keepass_socket
    s.bind(sock_path)
OSError: [Errno 98] Address already in use

I downloaded the newest keepass.py version.

Edit:
And adding the key deletes the key.

from ansible-keepass.

@dansman : can you give a playbook sample to reproduce the issue?

from ansible-keepass.

Hey

Sorry for the late reply!
For some reason it just works now. The only thing I changed the other day was to use a different terminal, but both terminals are working now.
So obviously I changed something else, but I don't know what exactly caused this problem before. Maybe just an update of something solved it.

from ansible-keepass.

Possibly, related issue.

I just installed the galaxy collection version, don't think that there has been any other changes and keep getting an error:

Traceback (most recent call last):
  File "/home/test/.ansible/collections/ansible_collections/viczem/keepass/plugins/lookup/keepass.py", line 397, in <module>
    _keepass_socket(kdbx, key, kdbx_sock, args.ttl, password)
  File "/home/test/.ansible/collections/ansible_collections/viczem/keepass/plugins/lookup/keepass.py", line 192, in _keepass_socket
    s.bind(sock_path)
OSError: [Errno 98] Address already in use

lock_file in the above out was /tmp/ansible-keepass-758616d2.sock.lock

Any ideas?

from ansible-keepass.

Looks like it's a different issue: can you open another one explaining how you installed the collection and providing, if possible, a playbook to reproduce?

from ansible-keepass.

Looks like it's a different issue: can you open another one explaining how you installed the collection and providing, if possible, a playbook to reproduce?

I had apt python3-pykeepass (4.0.1) installed. Removed it. Installed 4.0.3 using pip.
I commented out everything and went line by line found a typo in the lookup call (an extra '). Not able to reproduce now.

Thank for the rubber ducking :)

from ansible-keepass.

I reproduce the problem every time if I increase the number of forks (-f 20 for example). With only one fork it doesn't happen.

Adding a random factor in the socket path remove the problem (but I'm not sure it is a good solution)

from ansible-keepass.

I don't understand what you're talking about. Can you provide a playbook to reproduce?

from ansible-keepass.

Hmm, sorry for not being explicit enough.
The following test.yaml playbook:

- name: Site wide playbook
  hosts: all
  vars: 
    - keepass_dbx: "./ansible.kdbx"
    - keepass_psw: !vault |
          $ANSIBLE_VAULT;1.1;AES256
          63303338626166656463313362333932313236363764386264653938303138343464393464363966
          3732323337666462343530663063353833613739336631360a386163643534653630316333323239
          33376330316435363166326463616336643665346236633036653864366462333265373961383132
          3861653763643034630a326637623663653161666564643134646362363931343837643664333037
          30323066663934316566303466303634646665316330346231323965383066363261
    - ansible_become_pass: "{{ lookup('keepass', keepass_group+'/'+keepass_title, 'password') }}"

Used with ansible-playbook --ask-vault-pass -i inventory/* test.yaml -f 1 and an inventory files with hundreds of machine, it works flawlessly, but with ansible-playbook --ask-vault-pass -i inventory/* test.yaml -f 20, it gives the error mentioned on this issue.

I guess it is because one instance of keepass lookup module is launched per ansible fork. And thus the first one create the socket file, but the other instances fail.
If I modify /usr/share/ansible/plugins/lookup/keepass.py to replace

        socket_path_suffix = hashlib.sha1(
            ("%s%s" % (getpass.getuser(), var_dbx)).encode()
        ).hexdigest()[:8]

with

        import uuid
        socket_path_suffix = hashlib.sha1(
            ("%s%s%s" % (getpass.getuser(), var_dbx, uuid.uuid1())).encode()
        ).hexdigest()[:8]

Then both invocations work (not sure it is the best solution though).

Hope it is a bit clearer.

from ansible-keepass.

@matclab I added Dockerfile and docker-compose to docs/example (see develop branch). Run it for emulate 3 different servers.

DOCKER_BUILDKIT=1 docker-compose up --build

Please edit playbook in docs/example for those hosts for reproduce this issue and commit the changes to develop branch

from ansible-keepass.

Hey

I've also still the issue.
I went through every files to fix any typos as well but it worked before (probably before 4.0.1) and I couldn't find any. If I get the time soon, Ill test your example and post some logs if I hit the same issue.

Edit:
ATM I have the following logs:

2022-09-07 08:09:06,002 p=133973 u=dan n=ansible | exception during Jinja2 execution: Traceback (most recent call last):
  File "/usr/lib/python3.10/site-packages/ansible/template/__init__.py", line 984, in _lookup
    ran = instance.run(loop_terms, variables=self._available_variables, **kwargs)
  File "/home/dan/ansible/ansible_collections/viczem/keepass/plugins/lookup/keepass.py", line 133, in run
    raise AnsibleError("KeePass: socket connection failed for %s" % var_dbx)
ansible.errors.AnsibleError: KeePass: socket connection failed for /home/dan/KeePass/Dan.kdbx

I have keepass_ttl: "0". So once I run the first playbook the socket stays and I don't have any issues until I remove the files in /tmp manually and start again.

from ansible-keepass.