I'm using a wonderful libssh wrapper for Objective-C called NMSSH. I am able to make a connection, send commands, etc, but I'm having some trouble. Whenever I send an elevated command like "sudo..something", I get the following error in my response object:
Error: Error Domain=NMSSH Code=0 "sudo: no tty present and no askpass program specified
" UserInfo=0x145a65e0 {command=sudo apachectl start, NSLocalizedDescription=sudo: no tty present and no askpass program specified
, NSLocalizedFailureReason=54}
How can I tell the program what the password is?
Use sudo -S:
[session.channel execute:#"echo password | sudo -S apachectl start" error:&error];
From the man page:
The -S (stdin) option causes sudo to read the password from the
standard input instead of the terminal device. The password must be
followed by a newline character.
jonahb's solution is a nice and easy way to do it but it is very unsecure!
In case anyone wants to do it in a securer way he should edit the "Sudoers File" on the target system if possible like showen here or here.
Just start editing with
sudo visudo
and past the edited version from:
USERNAME ALL=(ALL) NOPASSWD: /path/to/script
in the very end of the file.
Related
I have a set of docker run commands in my sudoer file. Some of the commands work fine with sudo, but others are not being accepted with statement "Sorry, user xxx is not allowed to execute '/bin/docker run ....'
A few things to note:
Script syntax is just "sudo docker ...", sudoer file command syntax is "/usr/bin/docker" but for some reason the message is using "/bin/docker"
the command that has the error seems to also only appear with error "Error: no such container..." after the sudo error message
There were new line characters in the sudoer file it was believed.
We are running Jenkins in a docker container and using the Docker-outside-of-Docker approach. As is well documented, we added:
jenkins ALL=NOPASSWD: ALL
to /etc/sudoers.
http://container-solutions.com/running-docker-in-jenkins-in-docker/
How to fix 'sudo: no tty present and no askpass program specified' error?
The problem we face is that our pipeline job randomly fails when executing the first make command:
sudo -E make login
with the error:
sudo: no tty present and no askpass program specified
Why are we experiencing this error only sometimes?
If you get the issue like as mentioned below
error message image
Login to the instance in GitBash and open the following file.
sudo visudo
And in this file Add the following command in the end of the file
jenkins ALL=(ALL) NOPASSWD: ALL
Save the file and Run the Jenkins onnce again.
Hope your issue will be solve.
Thanks!
Image
I need to get access to pg_hba.conf to try and fix my broken postgres development db that gives the error on RAILS_ENV=development rails s of
PG::ConnectionBad
fe_sendauth: no password supplied
This post at least seems to suggest that such access may help: PG::ConnectionBad: fe_sendauth: no password supplied
The problem is, even though I know the path
/Library/PostgreSQL/9.3/data/pg_hba.conf
When I actually try to cd into it:
cd /Library/PostgreSQL/9.3/data/
I get: cd:cd:13: permission denied: /Library/PostgreSQL/9.3/data/
The seemingly obvious fix would be to sudo, so I try that:
sudo cd /Library/PostgreSQL/9.3/data/
And nothing happens. Literally the next line shows that I'm still exactly where I was. How can sudo be denied? And how can I either access this file or fix my issue?
Thanks!
This:
sudo cd /Library/PostgreSQL/9.3/data/
runs the cd command under sudo. sudo actually runs a new instance of the shell (/bin/sh or whatever) then runs the command in the shell.
The current directory is a property of the current process. It is inherited by new child processes, but it changes do not get propagated up to parent processes.
What you've done is the equivalent of:
sh -c 'cd /tmp'
It makes a new shell, cds to a location, then exits. The effect of the cd only affects that shell, So it effectively did nothing.
What you should do instead is use sudo to open the file in your text editor by absolute path, e.g.:
sudo nano /Library/PostgreSQL/9.3/data/pg_hba.conf
(nano is a simple and user-friendly command line text editor; I'm assuming you don't know how to use vi given this question.)
I have a resque worker which will run some shell command.
for example
ruby
`sudo echo "XXX" >> xx.log`
but when worker run, will raise below error
sudo: no tty present and no askpass program specified
I have add 'whoami' debug code to find which user run this sudo command,
and also set this user's group "test" when execute command will don't need password.
I'm also run same command in shell console, it works right, don't need input password.
sudo visudo
%test ALL=NOPASSWD:ALL
but when the worker run sudo, will says above error, require input password.
Who can tell me why?
Thanks.
I am really hesitant to offer this as a "fix" because #AJcodez asks correctly, "why do you need sudo?" However, you can probably get around the tty requirement by adding the following:
Defaults requiretty
Defaults: %test !requiretty
to the /etc/sudoers file, but please use the visudo command. Also, is test here a user or a group? I also suspect that your sudoers line is malformed. The syntax is:
jane ALL=(LIST_OF_COMMANDS) NOPASSWD: ALL
Where you seem to have it set to run the NOPASSWD setting for all zero commands the %test group can run. Or I could be misunderstanding your paste here.
I am trying to execute a command like this from a Ruby on Rails app:
sudo service squid3 restart
If i try it with this code:
output = ´sudo service squid3 retsart´
It don't work, in the console i see that linux asks the password.
How can i pass a password with this command? Or other suggestions...
You can add the following line to your sudoers file (/etc/sudoers)
rails_user ALL=(root) NOPASSWD:/usr/sbin/service
This will basically let the rails_user user execute the service command as sudo, and the system won't ask you for a password.
rails_user should be replaced with whatever user that you are running your rails process under. And you should also make sure that
Defaults requiretty
is not present in your /etc/sudoers. If not you won't be able use sudo from a script.
You can try the sudo -S flag if available on you system (check man):
echo secretPasswd | sudo -S service squid3 restart
This means that the password will be in clear so you can add the user which needs to perform the task to the sudoers (which creates another security issue by the way).
Does your sudo have a -A switch?
-A
Normally, if sudo requires a password, it will read it from the current terminal. If the -A (askpass) option is specified, a helper program is executed to read the user's password and output the password to the standard output. If the SUDO_ASKPASS environment variable is set, it specifies the path to the helper program. Otherwise, the value specified by the askpass option in sudoers(5) is used.
I wouldn't recommend having the password available in any way to your web server processes though so you'd want to use the sudoers file.
You can use the expect method to catch the password prompt and send the password. However, it might be a better idea to allow your Rails user access to the service command without a password using the NOPASSWD option in /etc/sudoers.