I'm very please with Fabric and I use it with a lot success to manage my servers.
Even convinced my collegues to use it.
But actually for security reason, mostly to avoid shell escape I can't use it.
[serverX] Executing task 'host_type'
[serverX] run: sudo su -c "uname -a"
[serverX] Login password for 'me':
[serverX] out: [sudo] password for me:
[serverX] out: Sorry, user me is not allowed to execute '/bin/su -c uname -a' as root on serverX.
[serverX] out:
Warning: run() received nonzero return code 1 while executing 'sudo su -c "uname -a"'!
[serverX] sudo: uptime
[serverX] out: sudo password:
[serverX] out: Sorry, user me is not allowed to execute '/bin/bash -l -c uptime' as root on serverX.
[serverX] out:
Warning: sudo() received nonzero return code 1 while executing 'uptime'!
I know how to setup sudoers, but for company policies I can't change it.
sudoers contains :
!/bin/bash,!/bin/su
I tried to use env.shell = "" , pty=False but with no success.
How I can update Fabric and others framework, like cuisine to continue to use Fabric despite this rule that I can't change.
I can change all sudo command for run('sudo xxx') but will ask my password each time and I can use cuisine anymore.
Thank you,
Julien