Sudo from scripts
Jerry Feldman
gaf at blu.org
Sun Nov 9 12:58:33 UTC 2008
On 11/08/2008 10:43 AM, Todd Zullinger wrote:
> Jerry Feldman wrote:
>
>> Over the years I have used sudo from some of my scripts (RHEL 3 and
>> 4, SuSE (5-11), but I found in Fedora 9 (and CentOS 5.2) that sudo
>> will fail:
>>
>> sudo: sorry, you must have a tty to run sudo
>>
>> In this particular case it was run on a CentOS 5.2 system, but I had
>> the same issue with Fedora 9. In both cases the user account was set
>> to NOPASSWD. Actually, on my home system it was my nightly backup
>> script I run from my crontab.
>>
>> There are certainly some easy workarounds, such as running these
>> scripts from root's cron (cron.daily, cron.weekly, ...), or writing
>> my own sudo command (which I've done before Sudo arrived).
>>
>> Is there now a setting where I can run sudo non-interactively, or is
>> this a new security restriction.
>>
>
> It is, as mentioned in /etc/sudoers:
>
> #
> # Disable "ssh hostname sudo <cmd>", because it will show the password
> # in clear.
> # You have to run "ssh -t hostname sudo <cmd>".
> #
> Defaults requiretty
>
> I don't know if there's a good way to run things via cron and convince
> sudo that you have a tty. If not, you might just comment out the
> requiretty setting.
>
>
Thanks.
--
Jerry Feldman <gaf at blu.org>
Boston Linux and Unix
PGP key id: 537C5846
PGP Key fingerprint: 3D1B 8377 A3C0 A5F2 ECBB CA3B 4607 4319 537C 5846
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 251 bytes
Desc: OpenPGP digital signature
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20081109/b5965eea/attachment-0001.bin
More information about the users
mailing list