[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Fab-user] remote sudo permissions
From: |
Alan Hawrylyshen |
Subject: |
Re: [Fab-user] remote sudo permissions |
Date: |
Tue, 8 Sep 2009 12:06:39 -0700 |
On Sep 8, 2009, at 11:59 , Jeff Forcier wrote:
Hi Tom,
Firstly, Fabric uses /bin/bash to execute its commands, which is why
the remote end is complaining about bash specifically. You can specify
--show=debug on the command line to see the commands Fabric is
actually executing on the remote end, it's typically /bin/bash -l -c
"your command".
Secondly, I'm not sure offhand why it would complain unless your
server has an oddball sudoers setup. Have you worked with sudo before?
Are you sure the account you're connecting as has sudoers permissions
(e.g. is in the 'admin' or 'wheel' group)?
Actually, it sounds like Tom has specifically cranked down the access
for sudo.
Lots of administrators will do this. It is generally a good practice.
You don't really want arbitrary root command execution; so interpreted
another way:
Can fabric be configured to dispense with the shell wrapper?
I suspect this is a deep and complex issue; but it is well worth
discussing.
Tom; It might be possible to build a custom shell that would work in
place of bash that restricted the sub-commands.
Alan
--
Alan Hawrylyshen
a l a n a t p o l y p h a s e d o t c a