Reputation: 1282
Execute a remote command after sudo - su anotheruser in Rundeck
I'm new with Rundeck and completely amazed with it and I'm trying to execute a job and my scenario is detailed bellow:
Rundeck is configured with ssh password less authentication between node Server (rundeck server) and node Target (remote Solaris host) for user "master".
In node Target I want to execute a script
/app/acme/stopApp.shwith userappmanager.Normally when I need to run the script above I manually proceed with:
ssh master@server
sudo su - appmanager
or simply
ssh -t master@server
sudo su - appmanager
works without password and finally run (as appmanager)
/app/acme/stopApp.sh
But I don't know how can I reproduce these steps using Rundeck. I read in some previous messages that for each job line rundeck uses a new ssh connection, so the workflow bellow always fails for me with the messages:
sudo: no tty present and no askpass program specified Remote command failed with exit status 1
Could someone please help me with this issue?
Without this functionality I wouldn't be able to introduce a little DevOps in my department. :-D
I read the user guide and admin guide but I couldn't find an easy example, neither in this forum, to follow.
I will appreciate your help.
Rundeck version is 1.4
Upvotes: 1
Views: 19381
Answers (2)
Reputation: 15972
Although your ssh login works without a password, you also need to configure sudo on your Target server so that it doesn't require a password.
Since you only need for the master user to be able to run commands as the appmanager user, you can handle this completely through sudo. In /etc/sudoers on Target, add:
master ALL=(appmanager) NOPASSWD: ALL
Then your ssh command becomes:
ssh -t master@server 'sudo -u appmanager /app/acme/stopApp.sh'
If you need environment setup that is normally handled by the appmanager login shell, you'll need to source that setup explicitly. (And I would argue that the deployment environment setup should not be confined to a login shell anyway.)
More details on how to let one user run commands as another user are in a ServerFault answer and the much denser sudoers man page.
Upvotes: 2
Reputation: 575
sudo su - appmanager
Tries to open a login shell, and therefore wants a real terminal. Remove the "-" to avoid this behavior. In the end, your command is going to look like
sudo su -c /app/acme/stopApp.sh appmanager
Upvotes: 4
Related Questions
- Rundeck 4.0.0 - Remote node command execution using ssh
- rundeck sudo: no tty present and no askpass program specified
- Rundeck user fails to switch user
- How to set a different Rundeck user in a scheduled job?
- Rundeck permission denied issue while executing a job in remote host machine
- Problem of running command from Rundeck (Linux)
- Rundeck: running command in remote server using ssh
- rundeck - switch to root user in job script
- sharing rundeck jobs between users
- Using Net::SSH Ruby library to remote command execution that requires sudo su - another user