sudo: hercules: command not found

[levibollinger]

This command isn't found and I would suspect something is not working with line 297 of the installer bash script.

[wrljet]

Levi,

I'm curious, can you describe your host OS for us. Perhaps, assuming Linux:

cat /etc/os-release

And what are the results of:

which hercules

and

sudo which hercules

Thanks, Bill

[levibollinger]

'which hercules' and 'sudo which hercules' returns nothing from root and cd'd in the zlinux folder.

[popalex]

I also have the same problem with the same Ubuntu version. It seams that sudo does not reconize hercules in the local zlinux/herc4x/bin folder.

[wrljet]

If you do:

sudo su
echo $PATH

You'll see what sudo sees as its path.

Generally sudo has a reduced path as a security measure.

Bill

[popalex]

I've also tested and no it does not the hercules local path in sudo. The current solution works only if you have hercules 4.x installed globally (like in /usr/bin) .

The only solution to this problem that I've found to work with sudo and local hercules (from ./herc4x/bin) to change the line from:

$SUDO HERCULES_RC=hercules.rc hercules -f hercules.cnf > "$FILE"

to

$SUDO --preserve-env=PATH env HERCULES_RC=hercules.rc hercules -f hercules.cnf > "$FILE"

[wrljet]

You can solve this, so you won't need sudo at all to run the Hercules programs, by applying commands similar to shown below in the set_hercenv() function in run_zlinux.bash script.

And then removing the sudo where these binaries are started.

sudo setcap 'cap_sys_nice=eip' ./herc4x/bin/hercules
sudo setcap 'cap_sys_nice=eip' ./herc4x/bin/herclin
sudo setcap 'cap_net_admin+ep' ./herc4x/bin/hercifc

(I'm not sure if Moshix and Matthew had/have security concerns in-mind and don't want those binaries to be setcap-ed.)

Bill

[racingmars]

(I'm not sure if Moshix and Matthew had/have security concerns in-mind and don't want those binaries to be setcap-ed.)

We had some feedback from people testing it that setting the capabilities on hercifc didn't reliably work on all systems to let hercifc set up the interfaces. I typically run with the setuid bit set on hercifc, but because we override LD_LIBRARY_PATH to run from the custom directory Linux doesn't allow setuid for security reasons. So I think we just landed on running w/ sudo as the most reliable way for the most people.

But I agree in general. I never run hercules as root. If capabilities on hercifc work for you, that's the preferred approach. We just had too many people saying it didn't work for them so went with the Big Hammer approach to keep it simple.

[wrljet]

capabilities option doesn't work through the configure/Makefile. I've never gotten around to fixing that. I guess I'll add that to my To-Do list.

So in Hercules-Helper I just use the setcap afterwards. Nobody's complained yet that's not working.

Bill

[misterspock1]

I realize I'm a bit late to the party, but if you run visudo and change the secure_path= to include a path to your Hercules bin directory, it should fix the problem, it worked for me. (Though a another problem occurred now, where it couldn't use the repo for some reason and refused to install, so it may be broken beyond that point for other reasons.).

[vbandke]

For what it' worth: My laptop is runnung Linux Mint 21.3, and I already have a new hercules version installed via the hercules-helper, (great tool) i.e. with the capabilities set, and that hercules bin directory is in the secure_path in sudousers. Works like a charm

I also ran into the issue that the repo archive could not be found. I was running the installer on a laptop, which has an ethernet adapter and a wifi adapter. For some reasom the installer chose to use the the wifi adapter, although the laptop was connected via ethernet. I disabled the wifi adapter, resumed the installation, and that now was working. At least currently it is "loading additional components ... 60%" ...

With best regards

Volker

[vbandke]

Just for completeness: The install finished successfully (after more than 8 hours!!), and I could start zubuntu and log in via SSH. Excellent :) The extreme long elapsed time is due to this being a 12 year old laptop - I would not have expected a blindingly fast run. This was just a proof of concept thingie, and as that it ws an unqualified success

With best regards

Volker

[misterspock1]

May I add, thanks for giving us TK3 over 20 years ago! (I can't believe it's been that long!) I am so happy to see how the community has grown over the years!