Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 8 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Improve this question
I have written a bash script that goes to each machine and runs set of command. I am using the user iis that has sudo privlidges on that machine. However, when i run the sudo yum command i get sudo: sorry, you must have a tty to run sudo.
Not sure what is wrong ? I am using the -t command to force but it would still not work
bash script
#!/bin/bash
INPUT=ccidetails.csv
OLDIFS=$IFS
IFS=,
[ ! -f $INPUT ] && { echo "$INPUT file not found"; exit 99; }
while read privateip password
do
echo $privateip
scp /home/Data/Test.c iis#$privateip:/tmp
sshpass -p$password </dev/null ssh -t -o "StrictHostKeyChecking no" iis#$privateip "
hostname
cd /tmp
gcc Test.c -o TEST
./TEST
sudo yum -y update glibc
gcc Test.c -o TEST
./TEST
exit
" >> output.txt
done < $INPUT
IFS=$OLDIFS
Error:
sudo: sorry, you must have a tty to run sudo
On remote host comment the line below on /etc/sudoers:
grep tty /etc/sudoers
#Defaults requiretty
That will allow you to continue. Make sure you understand the consequences of doing so:
man sudoers | grep -i requiretty -A 5
requiretty If set, sudo will only run when the user is logged in
to a real tty. When this flag is set, sudo can only be
run from a login session and not via other means such
as cron(8) or cgi-bin scripts. This flag is off by
default.
If you don't want disable requiretty globally you can disable it for a specific user:
example:
Defaults requiretty
Defaults:your_username_goes_here !requiretty
While this isn't a question for SO, you're almost there ... what you need to change is the number of -t above ... try this:
sshpass -p$password </dev/null ssh -ttt -o "StrictHostKeyChecking no" iis#$privateip "
Related
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I would like to run sudo with my password as parameter so that I can use it for a script. I tried
sudo -S mypassword execute_command
but without any success. Any suggestions?
The -S switch makes sudo read the password from STDIN. This means you can do
echo mypassword | sudo -S command
to pass the password to sudo
However, the suggestions by others that do not involve passing the password as part of a command such as checking if the user is root are probably much better ideas for security reasons
You can set the s bit for your script so that it does not need sudo and runs as root (and you do not need to write your root password in the script):
sudo chmod +s myscript
echo -e "YOURPASSWORD\n" | sudo -S yourcommand
One option is to use the -A flag to sudo. This runs a program to ask for the password. Rather than ask, you could have a script that just spits out the password so the program can continue.
# Make sure only root can run our script
if [ "$(id -u)" != "0" ]; then
echo "This script must be run as root" 1>&2
exit 1
fi
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
It's possible to make ZSH extends bash autocompletion? Bash can autocomplete almost every command in the system, and in ZSH i always need to enable a plugin for it.
Here is an example (ignore the warnings, are from custom scripts that don't work in bash)
You can install the project zsh-completions
(https://github.com/zsh-users/zsh-completions)
From Ubuntu packages
echo "deb http://download.opensuse.org/repositories/shells:/zsh-users:/zsh-completions/xUbuntu_19.10/ /" | sudo tee /etc/apt/sources.list.d/shells:zsh-users:zsh-completions.list
curl -fsSL https://download.opensuse.org/repositories/shells:zsh-users:zsh-completions/xUbuntu_19.10/Release.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/shells:zsh-users:zsh-completions.gpg > /dev/null
sudo apt update
sudo apt install zsh-completions
From Gitub repository
Clone the repository:
git clone git://github.com/zsh-users/zsh-completions.git
Include the directory in your $fpath, for example by adding in ~/.zshrc:
fpath=(path/to/zsh-completions/src $fpath)
You may have to force rebuild zcompdump:
rm -f ~/.zcompdump; compinit
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
I have a file with root permissions like this
[root#testbox ~]# ls -l /etc/resolv.conf
-rw-r--r-- 1 root root 113 Feb 21 21:29 /etc/resolv.conf
I have enabled passwordless sudo for my user using /etc/sudoer
%mayur ALL=(ALL) NOPASSWD: ALL
I want some way where if I try to edit this particular file I get blocked.
for eg .. I want to block these commands based on THE FILE NAME
$ echo 123 | sudo tee /etc/resolv.conf ## SHOULD GET BLOCKED
$ touch newfile | echo 123 > newfile | sudo cp newfile /etc/resolv.conf ## SHOULD GET BLOCKED
My Efforts:
%mayur ALL=(ALL) NOPASSWD: ALL,!/* /etc/resolv.conf
This did not help at all.
I also checked sudoers man page but it
seems regex support isnt that great.
Any things that works will help. Thanks.
EDIT: I want to be able to apply the solutions accross multiple servers with multiple users having sudo access
You can use a wrapper:
#!/bin/bash
declare -A EXCLUDE
while IFS= read -r FILE; do
EXCLUDE[$FILE]=.
done < /etc/sudoers.exclude-list
for ARG in "$#"; do
TARGET=$(exec /usr/bin/readlink -m -- "$ARG")
[[ -n $TARGET && -n ${EXCLUDE[$FILE]} ]] && {
echo "sudo: Sorry, target is not allowed: $TARGET"
exit 1
}
done
exec /path/to/real/sudo-in-secured-location "$#"
Where /etc/sudoers.exclude-list is a line-based list of absolute real file paths. Entries must not contain extra spaces and list must not be in DOS format.
This script must have same ownership and permissions as the real sudo.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 9 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Improve this question
Newest Update
The flag is -p portnumber
but I can't get into root, got (publickey, permission denied)
I sign up for a vps on digital ocean.
Currently going through this tutorial https://coderwall.com/p/yz8cha and this railscast http://railscasts.com/episodes/335-deploying-to-a-vps
I made a new user inside the vps but this user doesn't have sudo priveledge
when I do cap deploy:setup according to the guide I am getting this
judy is not in the sudoers file. This incident will be reported.
failed: "sh -c 'sudo -p '\\''sudo password: '\\'' ln -nfs /home/judy/apps/lintong/current/config/nginx.conf /etc/nginx/sites-enabled/lintong'" on 192.241.241.204
I changed the port to 888 according to the guide and now I can't ssh into the server
when I do ssh root#ipaddress or ssh judy#ipaddress
its trying to connect to port 22
1st question
how do I pass in a field to when I ssh into the vps with a port option of 888?
2nd question
How do I give judy sudo rights?
according to coderwall's tutorial I should do this
visudo
then
add username ALL=(ALL:ALL) ALL but I think I did it before and it didn't work?
For recent Ubuntu/Debian versions, don't modify /etc/sudoers,
but add the user to to the sudo group in /etc/group.
sudo usermod -a -G sudo judy
or
sudo vigr (and sudo vigr -s)
To use ssh with a specific port, use -p 888 : i.e., ssh -p 888 judy#ipaddress
(Note that if you ever need to set a port with scp, you use a capital -P instead.)
Answering just one question:
ssh -p 888 root#ipaddress
should allow you to log in when ssh is listening on port 888. Not sure what is wrong with the second part... can you show the judy entry from /etc/sudoers?
For ssh to a different port:
ssh -p 888 root#ipaddress
To get judy sudo permission somewhat depends on the OS for proper practice. In Ubuntu you can simply add judy to the admin group.
useradd -G admin judy
This is because there's already an entry that maps that group in the sudoers file for Ubuntu servers.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I would like to run sudo with my password as parameter so that I can use it for a script. I tried
sudo -S mypassword execute_command
but without any success. Any suggestions?
The -S switch makes sudo read the password from STDIN. This means you can do
echo mypassword | sudo -S command
to pass the password to sudo
However, the suggestions by others that do not involve passing the password as part of a command such as checking if the user is root are probably much better ideas for security reasons
You can set the s bit for your script so that it does not need sudo and runs as root (and you do not need to write your root password in the script):
sudo chmod +s myscript
echo -e "YOURPASSWORD\n" | sudo -S yourcommand
One option is to use the -A flag to sudo. This runs a program to ask for the password. Rather than ask, you could have a script that just spits out the password so the program can continue.
# Make sure only root can run our script
if [ "$(id -u)" != "0" ]; then
echo "This script must be run as root" 1>&2
exit 1
fi