[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Fab-user] remote sudo permissions
|
From: |
Jeff Forcier |
|
Subject: |
Re: [Fab-user] remote sudo permissions |
|
Date: |
Tue, 8 Sep 2009 14:59:41 -0400 |
Hi Tom,
Firstly, Fabric uses /bin/bash to execute its commands, which is why
the remote end is complaining about bash specifically. You can specify
--show=debug on the command line to see the commands Fabric is
actually executing on the remote end, it's typically /bin/bash -l -c
"your command".
Secondly, I'm not sure offhand why it would complain unless your
server has an oddball sudoers setup. Have you worked with sudo before?
Are you sure the account you're connecting as has sudoers permissions
(e.g. is in the 'admin' or 'wheel' group)?
It's remotely possible the error message is misleading and it's
complaining about not using a pseudo-tty; you could test this out by
specifying pty=True in your sudo() call.
Otherwise, if you can provide the contents of your /etc/sudoers file,
that might give us a clue.
Best,
Jeff
On Tue, Sep 8, 2009 at 2:44 PM, Tom von Schwerdtner<address@hidden> wrote:
> Is there a way to keep fabrics remote sudo access under control a bit? It
> looks like I need to grant access to /bin/bash which I don't want to do.
>
> Or am I misunderstanding? I'm getting the error:
>
> err: Sorry, user username is not allowed to execute '/bin/bash -l -c
> /etc/init.d/apache2 reload' as root on hostname.
>
> However, when I'm logged in as that user I can run "/etc/init.d/apache2
> reload" just fine.
>
> -Tom
>
>
> _______________________________________________
> Fab-user mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/fab-user
>