sudo: sorry, you must have a tty to run sudo

[Kiran Gandhi]

Hi All,
I am trying to run a script to get service status RHEL5. I am using
sudo in the script to get the status but i am getting above error from
ctlcenter. when i run same command using ssh -t option, it is working
fine. Looks like controltier is not using -t option and also there is
no option to configure controltier to use -t option for ssh command.
Any help to resolve this without commenting Defaults requiretty in /
etc/sudoers.

Regards
Kiran

[Anthony Shortland]

Hi Kiran ... this is a known limitation of the JSch implementation in ControlTier (search the Google group for the history) ... one that has been dealt with in the node executor code in Rundeck (where you could literally replace the use of JSch with the OpenSSH client if you wished).

Anthony.

> --
> You received this message because you are subscribed to the Google Groups "ControlTier" group.
> To post to this group, send email to contr...@googlegroups.com
> To unsubscribe from this group, send email to controltier...@googlegroups.com
> For more options, visit this group at http://groups.google.com/group/controltier?hl=en
> http://wiki.controltier.org

[Kiran Gandhi]

Hi Anthony,
Thanks for the info. I will check on rundeck. Is there any way this is
getting fixed in controltier even may be a private patch will do.
Without tty, some of the remote executions are failing in my setup.

Regards,
Kiran

[Anthony Shortland]

You're welcome to jump into the code ... in fact I think there's a thread on this group that isolated the work to the need for a "hack" to the Ant SSHExec task (not directly in the ControlTier code itself) that would be needed to enable this.

No need for private patches ... we can collaborate on merging any ControlTier bug fixes and enhancements directly into the project.

Anthony.

[Moses Lei]

You can get around this by adding this to sudoers:

Defaults:deploy !requiretty 

Where deploy is the user that has the sudo access on the client machine.

Moses

--
Moses Lei
[ Professional Services | DTO Solutions, Inc. ]
[ mobile: +1 703.901.5969 | e-mail: ml...@dtosolutions.com | aim/gtalk: ml...@controltier.com | yahoo: moseslei | windows live (msn): ml...@dtosolutions.com ]

[Charles Scott]

somewhat off topic but has been bugging me

requiretty

What value does this provide other than:

forcing somebody to be logged in on a terminal and MANUALLY executing something and being completely counter-intutive to what automation is all about.

?

Perhaps requiretty forces some type of system logging on the target node and is perhaps one thing that I can think of.

[Anthony Shortland]

Ah! You're picking up on what Kiran mentioned earlier about the possible use of sudo to workaround this? This'll reduce the impact, you're right ...

On Feb 10, 2012, at 10:32 AM, Moses Lei wrote:

[Anthony Shortland]

Oh ... compelling benefit for me is signal propagation over the remote channel ... Ctrl-C locally and the signal is passed (via the tty) to the remote process group ... excellent!

[Charles Scott]

agreed that there is a benefit, most definitely the one you mentioned. 

I wonder if that's the reason why we see this configuration in place.  I tend to think it's for other reasons.