rundeck on the local system - sudo: sorry, you must have a tty to run sudo

[Craig White]

54 systems, no problem. If I try to run this simple test on the rundeck server itself, I have a problem.

First, I run the command much the same as rundeck and it works.

$ ssh rundeck@localhost '/bin/sh -c "sudo -l"'

Matching Defaults entries for rundeck on this host:

    !requiretty, requiretty, !visiblepw, always_set_home, env_reset, env_keep="COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR LS_COLORS", env_keep+="MAIL PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE", env_keep+="LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES", env_keep+="LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE", env_keep+="LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY", secure_path=/sbin\:/bin\:/usr/sbin\:/usr/bin, !requiretty

User rundeck may run the following commands on this host:

    (ALL) NOPASSWD: ALL

This system was setup the same as all of the others and shouldn't be getting that 'must have a tty to run sudo' error so I ended up editing sudoers and adding 'Defaults:rundeck  !requiretty' which is why you see the first !requiretty in the output above.

But when I execute the command from within the rundeck UI, this is what the verbose logs say (times trimmed out)...

[workflow] Begin execution: rundeck-workflow-node-first context: null

preparing for sequential execution on 1 nodes

Executing command on node: run001.stt.local, NodeEntryImpl{tags=[rundeck], attributes={tags=rundeck, osVers=2.6.32-431.40.1.el6.x86_64, username=rundeck, osArch=x86_64, file-copy-destination-dir=/tmp, description=Last updated 2014-12-31 13:16:13, hostname=run001.stt.local, nodename=run001.stt.local, osName=Linux}, project='null'}

NodeSet: MultiNodeSelector{nodenames=[run001.stt.local]}

Workflow: com.dtolabs.rundeck.core.execution.workflow.StepFirstWorkflowStrategy$stepFirstWrapper@146b82d9

data context:  {node={tags=rundeck, osVers=2.6.32-431.40.1.el6.x86_64, username=rundeck, os-version=, file-copy-destination-dir=/tmp, description=Last updated 2014-12-31 13:16:13, name=run001.stt.local, os-arch=x86_64, hostname=run001.stt.local, os-name=Linux, os-family=}, job={loglevel=DEBUG, wasRetry=false, url=https://run001.stt.local:4440/project/Infrastructure/execution/follow/191, id=8c610692-8bf8-4831-988c-286a4f131ba7, project=Infrastructure, username=craig.white, retryAttempt=0, user.name=craig.white, name=Sudo check, serverUUID=null, group=null, execid=191, serverUrl=https://run001.stt.local:4440/}, option={}}

[workflow] Begin step: 1,NodeDispatch

1: Workflow step executing: com.dtolabs.rundeck.execution.ExecutionItemFactory$4@38e9c8ce

preparing for sequential execution on 1 nodes

Executing command on node: run001.stt.local, NodeEntryImpl{tags=[rundeck], attributes={tags=rundeck, osVers=2.6.32-431.40.1.el6.x86_64, username=rundeck, osArch=x86_64, file-copy-destination-dir=/tmp, description=Last updated 2014-12-31 13:16:13, hostname=run001.stt.local, nodename=run001.stt.local, osName=Linux}, project='null'}

[workflow] beginExecuteNodeStep(run001.stt.local): NodeDispatch: com.dtolabs.rundeck.execution.ExecutionItemFactory$4@38e9c8ce

Current OS is Linux

Adding reference: ant.PropertyHelper

Project base dir set to: /var/lib/rundeck

Setting environment variable: RD_JOB_URL=https://run001.stt.local:4440/project/Infrastructure/execution/follow/191

Setting environment variable: RD_NODE_DESCRIPTION=Last updated 2014-12-31 13:16:13

Setting environment variable: RD_NODE_OS_ARCH=x86_64

Setting environment variable: RD_JOB_NAME=Sudo check

Setting environment variable: RD_JOB_WASRETRY=false

Setting environment variable: RD_JOB_ID=8c610692-8bf8-4831-988c-286a4f131ba7

Setting environment variable: RD_JOB_RETRYATTEMPT=0

Setting environment variable: RD_JOB_EXECID=191

Setting environment variable: RD_NODE_HOSTNAME=run001.stt.local

Setting environment variable: RD_NODE_TAGS=rundeck

Setting environment variable: RD_JOB_SERVERURL=https://run001.stt.local:4440/

Setting environment variable: RD_JOB_PROJECT=Infrastructure

Setting environment variable: RD_NODE_NAME=run001.stt.local

Setting environment variable: RD_JOB_USER_NAME=craig.white

Setting environment variable: RD_JOB_LOGLEVEL=DEBUG

Setting environment variable: RD_NODE_OS_VERSION=

Setting environment variable: RD_NODE_USERNAME=rundeck

Setting environment variable: RD_NODE_OSVERS=2.6.32-431.40.1.el6.x86_64

Setting environment variable: RD_NODE_OS_FAMILY=

Setting environment variable: RD_JOB_USERNAME=craig.white

Setting environment variable: RD_NODE_FILE_COPY_DESTINATION_DIR=/tmp

Setting environment variable: RD_NODE_OS_NAME=Linux

Executing '/bin/sh' with arguments:'-c'

'sudo -l'

The ' characters around the executable and arguments are

not part of the command.

Execute:Java13CommandLauncher: Executing '/bin/sh' with arguments:'-c'

'sudo -l'

The ' characters around the executable and arguments are

not part of the command.

sudo: sorry, you must have a tty to run sudo

Setting project property: 1423508773578.node.run001.stt.local.LocalNodeExecutor.result -> 1

Result: 1

Failed: NonZeroResultCode: Result code was 1

[workflow] finishExecuteNodeStep(run001.stt.local): NodeDispatch: NonZeroResultCode: Result code was 1

1: Workflow step finished, result: Dispatch failed on 1 nodes: [run001.stt.local: NonZeroResultCode: Result code was 1]

[workflow] Finish step: 1,NodeDispatch

[workflow] Finish execution:  rundeck-workflow-node-first: [Workflow step failures: {1=Dispatch failed on 1 nodes: [run001.stt.local: NonZeroResultCode: Result code was 1]}, Node failures: {run001.stt.local=[NonZeroResultCode: Result code was 1]}]

[Workflow step failures: {1=Dispatch failed on 1 nodes: [run001.stt.local: NonZeroResultCode: Result code was 1]}, Node failures: {run001.stt.local=[NonZeroResultCode: Result code was 1]}]

Execution failed: 191: [Workflow step failures: {1=Dispatch failed on 1 nodes: [run001.stt.local: NonZeroResultCode: Result code was 1]}, Node failures: {run001.stt.local=[NonZeroResultCode: Result code was 1]}]

Why just on this system?  Same RHEL 6.6 as the others.

[Moses Lei]

Does this go away if you create a new node entry for the RunDeck server, and execute against that?

If so then it's a problem with the environment not being inherited in the same way between the local executor and the remote ssh executor. 

Moses Lei

--
You received this message because you are subscribed to the Google Groups "rundeck-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rundeck-discu...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Craig White]

yes, the error doesn't occur with another entry for the same node using the ip address as the hostname instead of the actual hostname.

I'm not so sure what you mean by 'it's a problem with the environment not being inherited in the same way between the local executor and the remote ssh executor' though. I'm studying the comment for clues.

[Moses Lei]

Rundeck's local executor forks from the java process that runs Rundeck. Because it does not start an ssh session, it behaves differently from when one opens an ssh session on the node. That said, I'm not sure why particularly sudo would behave differently since presumably it's reading from the same sudoers file. The only thing I can think of is that maybe sudo caches its credentials once you run it once. Have you restarted RD since you added "rundeck !requiretty"?

Moses

--

Moses Lei

Principal, Village Chime LLC

mobile: +1 703 901 5969 | skype: moseslei | yahoo: moseslei

[Craig White]

Restarting rundeckd didn't change the outcome but I guess you are highlighting the problem in that it doesn't actually start an ssh session. I removed all of the 'add server node' checks fearing that was the trigger for not actually doing an SSH session but it seems to key on the 'name' (not necessarily 'hostname') in resources.xml so I almost have to lie and make the name not match and set the hostname to something like IP address for it to actually force it onto an SSH session which did seem to work.

Thanks

[Greg Schueler]

you can force local node to use ssh, set the following node attributes:

local-node-executor="jsch-ssh"

local-file-copier="jsch-scp"

make sure username/hostname and keyfile location are appropriate

-- 
Greg Schueler

[Craig White]

Awesome - I get it now. Thanks

[Ashish Mishra]

Where do I add them? in the project.properties ?

[Alex Honor]

Ashish,

Set it for the rundeck server node in the resources.xml file for the project.

Thanks

To view this discussion on the web visit https://groups.google.com/d/msgid/rundeck-discuss/8ed2bffd-d6d1-4de3-8343-af2cd3ae7f20%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

--

Alex Honor

[SimplifyOps, Inc | a...@simplifyops.com ]

Be sure to comment and vote on Rundeck Feature Development!