[geeks] ansible - aws - nudge needed
Andrew Jones
andrew at jones.ec
Mon Jun 17 10:03:38 CDT 2013
For the record, you can force ssh to allocate a tty for a
non-interactive session with "ssh -tt"
I'm not sure what the sudo "requiretty" measure is supposed to prevent.
Sudoers mentions cron and cgi-bin as the threat models, but those
would be easily sidestepped by anyone with a brain.
On 06/17/2013 12:17 AM, Brian Dunbar wrote:
>
> Runs fine. Problem is when ansible-playbook runs 'download.sh' on server2
> it blows up with ..
>
> stderr: sudo: sorry, you must have a tty to run sudo
>
> Which is _fixable_ by removing that directive from sudoers on server2. But
> that's the way it comes from AWS and having to manually hack that file
> rather defeats the purpose of having ansible do stuff _for_ me.
More information about the geeks
mailing list