search

SUSE / machinery

A systems management toolkit for Linux
GNU General Public License v3.0
158 stars 32 forks source link

password requirement by sudo is not handled gracefully #2253

Closed matwey closed 5 years ago

matwey commented 5 years ago

Hello,

I am running machinery machinery-1.23.1-lp150.1.22.x86_64 with openSUSE Leap 15.0. When I run it as the following It wants me to file a bug report:

> machinery inspect -n machine_name -r matwey 192.168.10.116
Machinery experienced an unexpected error. Please file a bug report at: https://github.com/SUSE/machinery/issues/new
Execution of "ssh -q -o BatchMode\=yes matwey@192.168.10.116 sudo id" failed with status 1: sudo: no tty present and no askpass program specified.

Error output:
sudo: no tty present and no askpass program specified

Backtrace:
/usr/lib64/ruby/gems/2.5.0/gems/cheetah-0.5.0/lib/cheetah.rb:641:in `check_errors'
/usr/lib64/ruby/gems/2.5.0/gems/cheetah-0.5.0/lib/cheetah.rb:404:in `run'
/usr/lib64/ruby/gems/2.5.0/gems/machinery-tool-1.23.1/lib/logged_cheetah.rb:23:in `run'
/usr/lib64/ruby/gems/2.5.0/gems/machinery-tool-1.23.1/lib/remote_system.rb:212:in `check_sudo'
/usr/lib64/ruby/gems/2.5.0/gems/machinery-tool-1.23.1/lib/remote_system.rb:46:in `connect'
/usr/lib64/ruby/gems/2.5.0/gems/machinery-tool-1.23.1/lib/remote_system.rb:37:in `initialize'
/usr/lib64/ruby/gems/2.5.0/gems/machinery-tool-1.23.1/lib/system.rb:38:in `new'
/usr/lib64/ruby/gems/2.5.0/gems/machinery-tool-1.23.1/lib/system.rb:38:in `for'
/usr/lib64/ruby/gems/2.5.0/gems/machinery-tool-1.23.1/lib/cli.rb:757:in `block (2 levels) in <class:Cli>'
/usr/lib64/ruby/gems/2.5.0/gems/gli-2.13.1/lib/gli/command_support.rb:126:in `execute'
/usr/lib64/ruby/gems/2.5.0/gems/gli-2.13.1/lib/gli/app_support.rb:296:in `block in call_command'
/usr/lib64/ruby/gems/2.5.0/gems/gli-2.13.1/lib/gli/app_support.rb:309:in `call_command'
/usr/lib64/ruby/gems/2.5.0/gems/gli-2.13.1/lib/gli/app_support.rb:83:in `run'
/usr/lib64/ruby/gems/2.5.0/gems/machinery-tool-1.23.1/bin/machinery:41:in `<top (required)>'
/usr/bin/machinery:23:in `load'
/usr/bin/machinery:23:in `<main>'
thardeck commented 5 years ago

Hi @matwey. Thanks for reporting the issue. Are you able to connect from the same machine where you encountered the issue to the host 192.168.10.116 via ssh?

If the ssh connection works for your are you able to run sudo on the remote host via ssh?

It looks like sudo has an issue on the remote machine.

matwey commented 5 years ago

Yeah, sudo asked for a password.

thardeck commented 5 years ago

We only support sudo usage if there is no password required.

When inspecting as non-root the user needs passwordless sudo rights. The following entry in the sudoers file would allow the user machinery to run sudo without password input:

machinery ALL=(ALL) NOPASSWD: ALL

https://github.com/SUSE/machinery/blob/master/manual/docs/machinery-inspect.1.md#prerequisites

Of course we should not throw a backtrace in this case but show a useful error.

thardeck commented 5 years ago

@matwey What was the operating system of the inspected system?

matwey commented 5 years ago

Yes, I fixed that, thank you. It is Leap 42.3.