AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
![]() ![]() This entry was posted in Tips and tagged auth, rsync, ssh, sudo by dg12158. Yes, you could enable remote root login, but it would definitely be preferable to avoid that. Hooray, this works! Bit of a faff but it could be scripted or made into a shell function to save having to remember it □ # rsync -av -e 'ssh -X' -rsync-path='SUDO_ASKPASS=/usr/libexec/openssh/ssh-askpass sudo -A rsync' /some/local/path password: Detailed instructions are in WinSCP FAQ How do I change user after login (e.g. And make sure that the sudoers option requiretty is turned off. > sudo vim /etc/sudoers Depending on the user add at the bottom of the file: Apache can check lsof as root for cronlocalbatch.php apache ALLNOPASSWD:/. Plain Text clusterPreError.txt Download file clusterPreError. Make sure you enable password-less sudo to the sftp-server. Again sudo won’t have a tty to ask for the password on, so how about we use an X11 askpass program and enable X forwarding for ssh: PrevalidationCmdMsgs20010: 'Defaults requiretty' is commented in sudoers files FAILED Output:sudo: no tty present and no askpass program specified Thank you in advance. We’ll use /usr/libexec/openssh/ssh-askpass as that should pick an appropriate version according to what is available to sudo. We can find this with locate askpass on the remote locate askpass Fortunately there is a -A option for sudo which tells it to use an “askpass” program, but we also need to tell it what askpass program to use (and it’s not in the default path on most machines). So we need to tell sudo to ask for the password some other way. # rsync -av -e 'ssh -t' -rsync-path='sudo rsync' /some/local/path will not be allocated because stdin is not a password: Adding the -t option to the ssh used by rsync doesn’t work either, as it can’t allocate a tty: Oh, that didn’t work - sudo couldn’t ask us for a password. See SSH inside SSH fails with 'stdin: is not a tty' for a more detailed explanation. ![]() If you pass a command to ssh, it assumes that the command doesn't need a terminal and doesn't create one, unless you pass -t. The issue is caused by executing a sudo command which tries to request for a password, but sudo does not have access to. Rsync error: error in rsync protocol data stream (code 12) at io.c(632) 8 Answers Sorted by: 12 You need to have a terminal available to run sudo so that it can prompt you for the password. Basics of sudo, tty and askpass First, we’ll take a look at sudo. Additionally, we’ll learn how to fix this error. Rsync: connection unexpectedly closed (0 bytes received so far) Overview What does the sudo: no tty present and no askpass program specified error in Linux mean In this tutorial, we’ll answer this question by examining the sudo, tty, and askpass commands. Sudo: no tty present and no askpass program specified no tty present and no askpass program specified Ask Question Asked 1 year, 8 months ago Modified 1 year, 8 months ago Viewed 209 times 0 I have configured the /etc/sudoers file to include all files in the /etc/sudoers.d folder. # rsync -av -e 'ssh' -rsync-path='sudo rsync' /some/local/path password: # rsync -av -e 'ssh' /some/local/path works fine and prompts for the ssh password to log into the remote machine if required.īut what if the remote end needs root (or a different user) rights to write into the destination directory? Just whack in an -rsync-path option to add sudo to the rsync command, right?: The command was a python shell script that ran some of the above commands just adding the script name itself wasn't enough.Using rsync normally is nice and straightforward. For example, I just needed one command run and ended up changing it to this: erp ALL = NOPASSWD: /usr/sbin/serviceĮrp ALL = NOPASSWD: /usr/sbin/service nginx *Įrp ALL = NOPASSWD: /usr/sbin/service supervisord *Įrp ALL = NOPASSWD: /bin/systemctl * nginxĮrp ALL = NOPASSWD: /bin/systemctl * supervisordĮrp ALL = NOPASSWD: /usr/bin/supervisorctl The actual lines in your visudo file will probably be much more complicated, and may take some fiddling. To keep things secure, I'm not doing the ALL command that sysadmins that haven't been hacked yet recommend. In the interests of time, I'm just doing the visudo approach listed above. Sudo: no tty present and no askpass program specified This is what it looked like in the GitHub action log: # printf "***\n" | sudo -S myscript myparams uses: name: Use Node.js $\n" | sudo -S myscript myparams # Steps represent a sequence of tasks that will be executed as part of the job # The type of runner that the job will run on # This workflow contains a single job called "build" # A workflow run is made up of one or more jobs that can run sequentially or in parallel ![]() # Allows you to run this workflow manually from the Actions tabĭescription: 'repos built out for the job.' Hey so I have this github action for saving a package-lock and package.json file like so: # workflow that generates the package files for my webapp :) ![]()
0 Comments
Read More
Leave a Reply. |