I've recently returned to Linux after a 2-year hiatus. I'm trying to
learn Chef in order to automate some application deployments. In the Chef tutorial, it states that sudo is required to run a command that installs a package, which makes sense.
webserver.rb
package 'httpd'
shell command
sudo chef-apply webserver.rb
Tutorial excerpt:
sudo is required because this command installs a package and therefore must be run with root privileges. If you're running as root on your own machine, you can omit sudo from the command.
I googled the issue I was having and found a "solution" that didn't work, along with an SO question that stated you shouldn't run Chef as root. I'm not sure if I buy it.
First of all, chef is not intended to be run as root. A lot of resources assume they're run as root, and need it. They will fail if not running as root.
He also states that you should use sudo, which conflicts with his previous statement.
use sudo to run chef client with a test user (need an entry in sudoers file)
I think that he meant to say that you shouldn't run Chef as root 100% of the time. I am failing to run Chef as root, which seems to be the opposite of what the OP was trying to solve.
The error I am getting
/opt/rvm/rubies/ruby-2.1.5/lib/ruby/site_ruby/2.1.0/rubygems/dependency.rb:298:in `to_specs': Could not find 'chef' (>= 0) among 13 total gem(s) (Gem::LoadError)
from /opt/rvm/rubies/ruby-2.1.5/lib/ruby/site_ruby/2.1.0/rubygems/dependency.rb:309:in `to_spec'
from /opt/rvm/rubies/ruby-2.1.5/lib/ruby/site_ruby/2.1.0/rubygems/core_ext/kernel_gem.rb:53:in `gem'
from /opt/rvm/gems/ruby-2.1.5/bin/chef-apply:22:in `<main>'
from /opt/rvm/gems/ruby-2.1.5/bin/ruby_executable_hooks:15:in `eval'
from /opt/rvm/gems/ruby-2.1.5/bin/ruby_executable_hooks:15:in `<main>'
If the tutorial says that you CAN run Chef as root, and root is required to execute certain recipes, then I would think that Chef should run as root in certain cases.
My biggest question is how do I fix this error and run Chef as root? It runs fine as any other user, but fails when I try to sudo.
Well rvm reset worked after all.
So the "solution" post that I mocked earlier was actually the solution I was looking for. Karma.
DO NOT INSTALL CHEF BY GEM. (plenty of good reason too long to explain, but trust me, use omnibus package)
What happened here is that your rvm has override the path search order and the ruby call, thus the chef launcher was searching in the rvm path and not in the embedded ruby chef path. Calling rvm reset fix the problem by removing the override/path addition.
For the 'to be or not to be root' part, my answer on the question you linked had a typo. The not was forget after a rewording, (the remaining of the sentence made clear root is needed I hope). Thanks for the head up anyway.
Chef is mean to be run as root, but it's highly discouraged to connect remotely to a machine as root.
So you should use sudo to launch chef-client with root permissions 100% of time. Chef will fail on some operations if run as a normal user as it is intended to manage a whole system.
Note: I say 'should' and not 'must' as someone can probably find an edge case where it's advisable to run chef in a limited environment, but I really think it's an edge case and maybe chef is not the correct tool in this case.
Related
After starting "anaconda-navigator" with a terminal, it ends up with dialogue box prompting that " it can't be run with root privileges.anaconda-navigator startup error as root.
For anaconda-3 run:
source ~/anaconda3/bin/activate root
anaconda-navigator
Hopefully this will solve everything.
I have exactly the same issue that you have and after trying the shocking solutions provided i ended up with more errors as you can find in some of my comments there.
How to Fix this:
The dialogue box as you and I see it, is a common dialogue in the Linux world, it has only one reason and that is your GUI is logged with a "normal user" but somehow you managed to install the anaconda with superuser(root).
so if possible, head to your login section and login with root user + with GUI activated(only saying this because there's a big Linux world out there)
if this didn't help, re-install it but be careful when uninstalling it as python can mess a lot of things up(its an OS bomb actually).
How to prevent this:
1- do not allow Anaconda installation to use any superuser areas like /root
2- try to install it with normal user and with sudo command
Good luck (the thing we all need with python installers)
The installation process should be done with the regular user but no root. In my case, the problem appears when I installed with superuser session. I follow these instructions, installing just with my username (without sudo privileges) and the problem was solved.
In /home/user/anaconda3/lib/python3.7/site-packages/anaconda_navigator/app/start.py:
if (MAC or LINUX) and os.environ.get('SUDO_UID', None) is not None:
I am installing meteor by shell script in root mode. When I try to build app it is prompting
*You are attempting to run Meteor as the "root" user. If you are developing, this is almost certainly not what you want to do and will likely result in incorrect file
permissions. However, if you are running this in a build process (CI, etc.) or you are absolutely sure you know what you are doing, add the --unsafe-perm flag to
this command to proceed.*
I am running other things with shell script which needs root mode. Any help appreciated
You are attempting to run Meteor as the "root" user.
If you are developing, this is almost certainly not what you want to do and will likely result in incorrect file permissions.
However, if you are running this in a build process (CI, etc.) or you are absolutely sure you know what you are doing, add the
--unsafe-perm
flag to this command to proceed.
I am trying to install python2.7 over given python2.6 on a web server. I am stuck at the last step trying to link new python install over the old one.
The steps I have done:
Downloaded and extracted Python 2.7
configured with --prefix=$HOME/.local
make install
What I don't get is how to link by making changes in .bashrc (and what changes to make). I looked over all the places but most the answers are not generic.
Also, I have to install couple of other lovely python stuff, like pip virtualenv, django, nltk over this. A little help on that would be too great.
Ok, without root privileges you will have to have all the python stuff and your code in your home folder. And also you won't be able to configure your nginx/apache/whatever http server you use. Does not seem like a good idea for production, but for development - sure, why not.
This means you will need to install python in your home folder. You can download and compile, but probably the simplest way to do so is pyenv - https://github.com/yyuu/pyenv. Some reading is required to understand its concepts, but it is much simpler than fiddling with manual compiling if you are not sure what you're doing.
Also it kinda replaces virtualenv, but you can still have it if you want. And of course, it all works with your non-root user. There is an installer that doesn't require root either.
I've got an SVN instance installed on a free EC2 AWS server. In short: I'm using LAMP.
Using what I read in this article and encountered the "you need a TTY" error as mentioned in the comments. I followed the second resource and it cleared the error message, but doesn't seem to be executing the script. When I manually run the script, however, it works.
Any clue what I'm missing?
When I followed the second resource to fix the TTY error I changed the contents of my /svn/repository/hooks/post-commit script from:
#!/bin/bash
sudo /usr/local/bin/svn-post-commit-update-mysite 1>&2
to:
#!/bin/bash
su –session-command=”/usr/local/bin/svn-post-commit-update-mysite 1>&2″ dynamic &
First possible issue:
You cannot rely on the value of the $PATH variable inside the hook. This means you need to specify complete paths for all executables.
In particular, "su" is a program located in "/bin/sh" in most distributions. To be sure, type
type su
Next possible issue:
Is your subversion server being run as root? su will try to ask for password if run by other users, and will fail if it's not being run interactively - even if the user is in the sudoers file!
If you are using Apache+DAV, this means the apache service must be run as root for this to work (instead of www-data), which is a serious security problem.
You probably don't need to use su or sudo at all if all of the files are owned by the same user (www-data, for instance). You can change the ownership of the site files with something like
sudo chown -R www-data:www-data /var/www/<my-project>
And then remove the sudo and su from both the hook and the svn-post-commit-update-mysite file.
My best guess would be that something in your script depends on the PATH environment variable. Subversion runs hooks in an empty environment for security reasons. So you need to either setup the environment in your shell script or use absolute paths.
You might want to read the Subversion book entry on implementing hook scripts. The particular issue I mentioned is explained in the information block.
One of the things I still can't wrap my head around is rules of thumb to uninstall programs in *nix environments. Most of the time I'm happy to let the sleeping dogs lie and not uninstall software that I no longer need. But from time to time I end up with several Apaches, svn, etc.
So far here's what I know about dealing with this:
1) if you installed using apt-get or yum, there's an uninstall command. Very rarely there's an uninstall script somewhere in the app's folder, something like uninstall.sh
2) to figure out which particular install is being called from the command line use "type -a" command
3) use "sudo find / | grep" to find where else stuff might be installed (from what I understand type only looks for things that are in the PATH variable)
4) Add/change order of things in PATH to make the desireable version of the app to be first in line or add an alias to .bashrc
5) delete the stuff I no longer want. This one is easy if the application was installed only in one folder, but tricky if there are multiple. One trick that I've heard of is running a find with a time range to find all the files that changed arount the time when the install happened - that roughly shows what was changed and added.
Do you have anything to add/correct?
If you didn't use a package manager (rpm, apt, etc), then you probably installed from source. To install, you performed a process along the lines of ./configure && make && make install. If the application is well-behaved, that "install" make target should be coupled with an "uninstall" target. So extract the sources again, configure again (with the same paths), and make uninstall.
Generally, if you're compiling something from source, the procedure will be
$ make
$ su
# make install
in which case, the vast majority of programs will have an uninstall target, which will let you reverse the steps that happened during install by
$ su
# make uninstall
As always, read the program's README or INSTALL files to determine what's available. In most situations you'll either install something via a package manager (which will also handle the uninstall), or you'll have invoked some kind of manual process (which should have come with a readme explaining how to uninstall it).