Login as one user and run commands as a deploy user

[alexwebgr]

hi guys

i have encountered a scenario where for the sake of security commands must run as a 'deploy' user but i login as 'alex' how can i switch users before executing any commands and ideally without touching mina source code ? so far i have added a new task in mina-1.0.7/tasks/mina/deploy.rb

task :switch_user do command %{sudo su - deploy} end

which i invoke in the setup task but i when i run the mina setup it hangs. I assume this is because mina is running in a non-interactive ssh mode.

when i add this task in the generated deploy.rb setup task it runs last

thanks alex

[d4be4st]

You are correct in your assumption about mina running in non-interactvie ssh mode. And i believe it hangs because it is waiting for your to input your password.

I believe a fix would be to set execution mode to system

set :execution_mode, :system

Another solution would be to remove the need of a password when changing su to deploy. Like adding this: username ALL=(ALL) NOPASSWD: sudo su - deploy to your sudoers file.

[alexwebgr]

it appears that the deploy user was already set with NOPASSWD however after setting the execution to system now it logs in and does nothing ! and when i exit i starts to run again

[d4be4st]

We do not have this kind of setup so I can't test it unfortunately.

Will try to set something up in the coming days and see if I can find a fix/workaround for this problem

[alexwebgr]

Ok cool !

On Oct 6, 2017 7:46 AM, "štef" notifications@github.com wrote:

We do not have this kind of setup so I can't test it unfortunately.

Will try to set something up in the coming days and see if I can find a fix/workaround for this problem

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/mina-deploy/mina/issues/574#issuecomment-334672616, or mute the thread https://github.com/notifications/unsubscribe-auth/ADSY7zQS5Ev1SXUhkgizUPtdKnrtdpOMks5spczAgaJpZM4Pry2H .