search

delano / rye

Safe, parallel access to Unix shells from Ruby
http://delano.github.com/rye
MIT License
235 stars 32 forks source link

How do you cope with distros having requiretty enabled in /etc/sudoers #24

Open rubiojr opened 12 years ago

rubiojr commented 12 years ago

Hey Delano,

Having issues with:

box = Rye::Box.new host, args
box.sudo 'my-foo-command'

or

box = Rye::Box.new host, args
box.enable_sudo
box.execute 'my-bar-command'

when /etc/sudoers has "Defaults requiretty" (like CentOS):

/home/rubiojr/.rvm/gems/ruby-1.9.3-p194/gems/rye-0.9.7/lib/rye/box.rb:855:in `rescue in run_command': sudo: sorry, you must have a tty to run sudo (cmd: sudo cat /etc/issue; status: 1) (Rye::Err)
    from /home/rubiojr/.rvm/gems/ruby-1.9.3-p194/gems/rye-0.9.7/lib/rye/box.rb:806:in `run_command'
    from /home/rubiojr/.rvm/gems/ruby-1.9.3-p194/gems/rye-0.9.7/lib/rye/box.rb:597:in `sudo'
        ...

Haven't been able to find a good way to cope with this without patching. Any hints?

rubiojr commented 12 years ago

Not really sure of the consequences but anyway, here's the patch that works for me:

--- /home/rubiojr/.rvm/gems/ruby-1.9.3-p194/gems/rye-0.9.7/lib/rye/box.rb   2012-09-06 00:31:52.393855539 +0200
+++ /home/rubiojr/.rvm/gems/ruby-1.9.3-p194/gems/rye-0.9.7/lib/rye/box.rb.new   2012-09-06 00:31:34.417766396 +0200
@@ -894,7 +894,7 @@
                               :modes       => {} }

       channel = @rye_ssh.open_channel do |channel|
-        if self.rye_shell && blk.nil?
+        if (self.rye_shell && blk.nil?) or sudo?
           channel.request_pty(pty_opts) do |ch,success|
             self.rye_pty = success
             raise Rye::NoPty if !success
rubiojr commented 12 years ago

Looks like that's only part of the equation unfortunately, since box.sudo? evals to false when using box.sudo instead of box.enable_sudo and then running the command with execute.

delano commented 12 years ago

I don't have any solution for this currently unfortunately (other than to update the sudoers config).

rberger commented 11 years ago

Anything new on this? I also have a situation where I need to ship a program to 3rd parties and can't control the Sudoers file. It looks like Centos 6 at least sets requiretty as the default.

rubiojr commented 11 years ago

@rberger I did find a solution to the problem and I've been using it with CentOS boxes since then:

https://github.com/rubiojr/shexy/blob/master/lib/shexy.rb#L104

ms-ati commented 9 years ago

If you are using an Amazon linux AMI that supports user data, it's probably best to just change the sudoers config like this: https://github.com/mitchellh/vagrant/issues/1482#issuecomment-17444459