Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sudo won't accept password on remote host #112

Open
jzs opened this issue Apr 23, 2017 · 5 comments
Open

Sudo won't accept password on remote host #112

jzs opened this issue Apr 23, 2017 · 5 comments

Comments

@jzs
Copy link

jzs commented Apr 23, 2017

I have a command in my Supfile sudo systemctl restart myservice.service.

When running it against a localhost host it asks for a sudo password just fine, and accepts my input. However when running it against a remote ubuntu host, it doesn't show the password prompt and it looks like sup is hanging.
When pressing ^C then it prints: [sudo] password for xxxx: followed by terminating the connection.

Adding: stdin:true seems to do the trick, however it then prints out [sudo] password for xxxx: after i type my password. (It looks like it hangs, i write the password, it prints out [sudo] password for xxxx and then accepts the password i typed in. On the same time, my password is printed to the console when typeing. Hence no read -s functionality.

Alternatively adding %xxxx ALL=NOPASSWD: /bin/systemctl stop myservice.service to the sudoers file on the remote host also works. Since it will then skip asking for password.

Here's a minimal Supfile to recreate my issue:

# Supfile for myservice
---
version: 0.4

networks:
  dev:
    hosts:
      - localhost
  release:
    hosts:
      - myserver.com:999

commands:
  stop: 
    desc: Stop service
    run: sudo systemctl stop myservice.service

My Dev machine is running arch linux and the server is running Ubuntu 16.04.2 LTS.
@alinz
Copy link

alinz commented May 11, 2017

@VojtechVitek do you think we can add input for asking password?

@wildan2711
Copy link

Getting the same behaviour deploying on my CentOS server

@VojtechVitek VojtechVitek mentioned this issue Jan 17, 2018
Open
@MatthiasKauer
Copy link

Are all the examples done with passwordless sudo?
Or is this an isolated problem?
Haven't used sup yet myself but I'm very intrigued.

@VojtechVitek
Copy link
Collaborator

VojtechVitek commented Jan 18, 2018
edited
Loading

Yes, all the examples were done with password-less sudo.

It all comes down to the infrastructure set-up. From my experience, most of the companies use private/public SSH key pairs to login to the instances (sometimes via a bastion host) and then the sudo itself doesn't have password, but is restricted to certain commands (like. sudo docker, ie. https://askubuntu.com/a/477554) etc.

There was some work done to make sudo a Supfile option, but it was never finished. #51

@slavaGanzin
Copy link

man sudo

  -S, --stdin
                 Write the prompt to the standard error and read the password from the standard input
                 instead of using the terminal device.  The password must be followed by a newline
                 character.

@VojtechVitek @alinz You dont' ask me, but IMHO: in this cases it's better to add cookbook with answers like this, than add a new feature that do exactly the same, but with new syntax.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@VojtechVitek @jzs @alinz @slavaGanzin @MatthiasKauer @wildan2711