Sudo from scripts
Todd Zullinger
tmz at pobox.com
Sat Nov 8 15:43:11 UTC 2008
Jerry Feldman wrote:
> Over the years I have used sudo from some of my scripts (RHEL 3 and
> 4, SuSE (5-11), but I found in Fedora 9 (and CentOS 5.2) that sudo
> will fail:
>
> sudo: sorry, you must have a tty to run sudo
>
> In this particular case it was run on a CentOS 5.2 system, but I had
> the same issue with Fedora 9. In both cases the user account was set
> to NOPASSWD. Actually, on my home system it was my nightly backup
> script I run from my crontab.
>
> There are certainly some easy workarounds, such as running these
> scripts from root's cron (cron.daily, cron.weekly, ...), or writing
> my own sudo command (which I've done before Sudo arrived).
>
> Is there now a setting where I can run sudo non-interactively, or is
> this a new security restriction.
It is, as mentioned in /etc/sudoers:
#
# Disable "ssh hostname sudo <cmd>", because it will show the password
# in clear.
# You have to run "ssh -t hostname sudo <cmd>".
#
Defaults requiretty
I don't know if there's a good way to run things via cron and convince
sudo that you have a tty. If not, you might just comment out the
requiretty setting.
--
Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Moral indignation is jealousy with a halo.
-- H. G. Wells
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 542 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20081108/421727be/attachment-0001.sig>
More information about the fedora-list
mailing list