search

sprinkle-tool / sprinkle

Sprinkle is a software provisioning tool you can use to build remote servers with. eg. to install a Rails, or Sinatra stack on a brand new slice directly after its been created
https://github.com/sprinkle-tool/sprinkle
MIT License
1.15k stars 138 forks source link

Ability to run verifiers as sudo #181

Closed raldred closed 10 years ago

raldred commented 10 years ago

Some verifiers fail because you need to be a privileged user. I can't seem to see any way to make the has_apt verifier work.

I'm running as a non-privileged user with full sudo.

At the moment i'm getting Could not open lock file /var/lib/dpkg/lock - open (13: Permission denied)

Same applies for other verifiers such as:

verify do
  file_contains '/home/bind-sync/.ssh/authorized_keys', File.open(File.join(keydir, 'sync-key.pub')).read
end

** [out :: server.net] grep: /home/bind-sync/.ssh/authorized_keys
** [out :: server.net] : Permission denied
joshgoebel commented 10 years ago

What distro is this? I just tried quickly on Ubuntu Lucid and dpkg --status works fine as an unprivileged user… so it might be your using a super paranoid distro or something that most other users haven't run into. has_apt is code that has been in Sprinkle a long time. That won't help your other example though.

raldred commented 10 years ago

Im using Ubuntu 12.04 minimal. I'll do some more digging, thanks for your reply. On 2 Dec 2013 21:58, "Josh Goebel" notifications@github.com wrote:

What distro is this? I just tried quickly on Ubuntu Lucid and dpkg --status works fine as an unprivileged user… so it might be your using a super paranoid distro or something that most other users haven't run into. has_apt is code that has been in Sprinkle a long time. That won't help your other example though.

— Reply to this email directly or view it on GitHubhttps://github.com/sprinkle-tool/sprinkle/issues/181#issuecomment-29662185 .

joshgoebel commented 10 years ago

Also, are you using SSH or Capistrano actors?

raldred commented 10 years ago

I'm using cap 2. On 3 Dec 2013 03:00, "Josh Goebel" notifications@github.com wrote:

Also, are you using SSH or Capistrano actors?

— Reply to this email directly or view it on GitHubhttps://github.com/sprinkle-tool/sprinkle/issues/181#issuecomment-29679725 .

joshgoebel commented 10 years ago

You know you can turn on sudo at the Capistrano level, right?

raldred commented 10 years ago

i tried, it didnt seem to do anything

set :use_sudo, true

On 3 December 2013 14:37, Josh Goebel notifications@github.com wrote:

You know you can turn on sudo at the Capistrano level, right?

— Reply to this email directly or view it on GitHubhttps://github.com/sprinkle-tool/sprinkle/issues/181#issuecomment-29714201 .

joshgoebel commented 10 years ago

You have to set :run_method to :sudo.

ebeigarts commented 10 years ago

@yyyc514 sudo in devliery still doesn't work for me either, I think @delivery is set to nil when installer and verifier commands are evaluated and @delivery is set only later, my workaround currently is to use use_sudo true at package level.

joshgoebel commented 10 years ago

Shouldn't matter… sudo is added later inside the Actor if it isn't detected in the command string… if you've set the settings properly. For Capistrano setting run_method to :sudo in your Capfile or whatever should make everything run as sudo… if not please post the exact code you're using and a verbose debug output.

ebeigarts commented 10 years ago

@yyyc514 https://github.com/ebeigarts/sprinkle_sudo_example

joshgoebel commented 10 years ago

Should be resolved by 37dd29aaaa083c6508029e67220751e3cbc805f3.

I'll push a new gem shortly.