However when attempting to deploy the same Ansible role using the plugin it fails with the error message included below. I guess it relates to some file permissions or something similarly obvious, but I’ve yet to trace the cause. Anyone got any suggestions?

Foreman and Proxy versions:
Foreman 1.17
Ansible Plugin 2.0.2
Ansible 2.5.3

Other relevant data:

 1:  [WARNING]: Unable to set correct type for configuration entry:
 2:  DEFAULT_LOCAL_TMP
 3:  PLAY [h2.mydomain.com] *******************************************************
 5:  TASK [Gathering Facts] *********************************************************
 6:  An exception occurred during task execution. To see the full traceback, use -vvv. The error was: OSError: [Errno 13] Permission denied: '~'
 7:  fatal: [h2.mydomain.com]: FAILED! => {"msg": "Unexpected failure during module execution.", "stdout": ""}
 8:  to retry, use: --limit @/tmp/foreman-playbook-74027ca9-200b-49cd-8536-d2ed8ffba717.retry
10:  PLAY RECAP *********************************************************************
11:  h2.mydomain.com : ok=0 changed=0 unreachable=0 failed=1
12:  Exit status: 2
          
Foreman-proxy user doesn’t have permission to create .ansible directory

in /usr/share/foreman-proxy. Create it and give foreman-proxy rights to

it. Depending on versions you might hit ssh-key problems next.
Regards,
          
Thank you @Joop1 and @dLobatog. So after…
chown -R foreman-proxy:foreman-proxy /usr/share/foreman-proxy
The original error message has gone, but has been replaced by another one. I guess this is the ssh-key issue alluded to by @Joop1…? BTW… the remote shell plug-in continues to work just fine to the same host so is it safe to assume that keys and known_hosts are correctly configured? Any suggestions?
@dLobatog - quick feature request while I’m at it… I can log it elsewhere if needed… let me know.
Feature Request

Puppet is correctly updated after a host rebuild but remote execution (and likely Ansible) fail due to outdated known_hosts. Is it possible to fix this? The last line on the provisioning scripts is the following foreman ping…
wget -q -O /dev/null --no-check-certificate http://foreman.url/unattended/built ) 2>&1 | tee /root/install.post.log
I guess this is used to update the associated records on the foreman post installation and maybe sign puppet keys? Could we take care of remote execution/Ansible at the same time? Maybe something as simple as… ssh-keygen -R <myhost> -f ~foreman-proxy/.ssh/known_hosts
Error Message
   1: PLAY [h2.mydomain.com] *******************************************************
   3: TASK [Gathering Facts] *********************************************************
   4: fatal: [h2.mydomain.com]: UNREACHABLE! => {"changed": false, "msg": "Authentication failure.", "unreachable": true}
   5: to retry, use: --limit @/tmp/foreman-playbook-2fedd1ba-7bc1-4450-8941-82d5bb8ff68f.retry
   7: PLAY RECAP *********************************************************************
   8: h2.mydomain.com : ok=0 changed=0 unreachable=1 failed=0
   9: Exit status: 4
          
Looks like it might be the ssh-key problem.

Two ways to solve this I think. One in Settings you can add the path of

the desired key. There was a thread about it recently.

Second, make a link from id_rsa_foreman_proxy to id_rsa and also for the

pubkey part.