0

I still have my problem to use ansible-vault command with a non root user and got an error message. Works great with root user.

I have done a ton of tests with different installations method (rpm file, pip install module) and a lot of access rights on files, and different users but still stuck on this :(.

Same python version, rpm etc for both users/root

Any help would be apprecied :) !

[myuser@server:~]$ python3 -m pip show cryptography
Name: cryptography
Version: 36.0.1
Summary: cryptography is a package which provides cryptographic recipes and primitives to Python developers.
Home-page: https://github.com/pyca/cryptography
Author: The Python Cryptographic Authority and individual contributors
Author-email: cryptography-dev@python.org
License: BSD or Apache License, Version 2.0
Location: /usr/lib64/python3.9/site-packages
Requires: cffi
Required-by: ansible-core
[1]+  Done                    code


[myuser@server:~]$ ansible-vault --version
ansible-vault [core 2.12.2]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/myuser/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.9/site-packages/ansible
  ansible collection location = /home/myuser/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible-vault
  python version = 3.9.10 (main, Feb  9 2022, 00:00:00) [GCC 11.2.1 20220127 (Red Hat 11.2.1-9)]
  jinja version = 2.11.3
  libyaml = True


[myuser@server:~]$ ansible-vault view /home/myuser/Password.yml
Vault password: 
ERROR! ansible-vault requires the cryptography library in order to function for /home/Password.yml
Zeitounator
  • 38,476
  • 7
  • 53
  • 66
user20340761
  • 11
  • 2
  • You can turn this however you like, the cause will always be the same: you are using `ansible(-vault)` in a version of python where the missing package is not installed. As a debugging step, you can check the sheebang line in the following command output: `cat $(which ansible-vault)` and compare it with `which python3`. You should also check if python3 is not aliased in your environement (i.e. `type python3`). – Zeitounator Nov 22 '22 at 11:00
  • 1
    The easiest solution is probably running as your user `python3 -m pip install ansible cryptography` – Zeitounator Nov 22 '22 at 11:10
  • Also tried the python3 pip install and python3.9 pip install which says already installed: `[myuser@server:~]$ python3 -m pip install ansible cryptography Defaulting to user installation because normal site-packages is not writeable Requirement already satisfied: ansible in /usr/lib/python3.9/site-packages (5.4.0) Requirement already satisfied: cryptography in /usr/lib64/python3.9/site-packages (36.0.1) Requirement already satisfied: ansible-core~=2.12.2 in /usr/lib/python3.9/site-packages (from ansible) (2.12.2)` – user20340761 Nov 22 '22 at 12:48
  • Hey, i tried your command as root and myuser, here the outpout: `[myuser@server:~]$ cat $(which ansible-vault) #!/usr/bin/python3.9` `[myuser@server:~]$ which python3 /usr/bin/python3` My ansible use python 3.9, library are installed for this version of python i think And type command: `[myuser@server:~]$ type python3 python3 is (/usr/bin/python3)` – user20340761 Nov 22 '22 at 12:55
  • `[myuser@server:~]$ python3.9 -m pip show cryptography Name: cryptography Version: 36.0.1 Summary: cryptography is a package which provides cryptographic recipes and primitives to Python developers. Home-page: https://github.com/pyca/cryptography Author: The Python Cryptographic Authority and individual contributors Author-email: cryptography-dev@python.org License: BSD or Apache License, Version 2.0 Location: /usr/lib64/python3.9/site-packages Requires: cffi Required-by: ansible-core` – user20340761 Nov 22 '22 at 12:56
  • `[myuser@server:~]$ python3 -m pip show cryptography Name: cryptography Version: 36.0.1 Summary: cryptography is a package which provides cryptographic recipes and primitives to Python developers. Home-page: https://github.com/pyca/cryptography Author: The Python Cryptographic Authority and individual contributors Author-email: cryptography-dev@python.org License: BSD or Apache License, Version 2.0 Location: /usr/lib64/python3.9/site-packages Requires: cffi Required-by: ansible-core` – user20340761 Nov 22 '22 at 12:57
  • 1
    For information, i tried on a fresh install and ansible-vault is working with standard user. I will resintall my server from a fresh clean install because i don't find the problem.. Thank you ! – user20340761 Nov 22 '22 at 13:10
  • In case someone else stubles upon this question with the same problem: I was able to fix this by making sure python actually uses the correct packages: `sudo apt remove python3-cryptography python3-cffi` followed by installing them via pip: `python3 -m pip install cryptography cffi`. – Entropy0 Aug 02 '23 at 08:11

0 Answers0