rundeck sudo: no tty present and no askpass program specified

Question

I am working on rundeck server. where i added remote node & try to run the script on remote node.

#!/bin/bash
cat /etc/os-release
sed -i  '/#DNS=/c DNS=8.8.8.8' /etc/systemd/resolved.conf && sudo systemctl restart systemd-resolved.service

when i run this job, its stuck & after killing the job manually.

output

NAME="Ubuntu"
VERSION="18.04.6 LTS (Bionic Beaver)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 18.04.6 LTS"
VERSION_ID="18.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=bionic
UBUNTU_CODENAME=bionic
Failed: Interrupted: Connection was interrupted
[sudo] password for anas:

resource.xml

I also tried many other attributes like:

sudo-prompt-pattern="^.*password.*"  

sudo-password-option="option.sudoPassword"  

sudo-command-pattern="^sudo .+? sudo .*$"  

sudo-command-enabled="true"  

always-set-pty="true" 

sudo2-command-enabled="true" 

sudo2-command-pattern="^sudo .+? sudo .*$"

Rundeck version

Rundeck 4.7.0

Can anyone explain, what i'm missing?

MegaDrive68k · Accepted Answer

I replicated your scenario and your issue. Checking your model source entry, I'm sure that you want to use an option as a password to authenticate and execute the sudo commands, let me share a node entry and job definition example:

Node definition example (tested on remote Ubuntu 22.04 and Rocky Linux 8 servers):

As you see, the sudo-command-pattern is different and you need to add the sudo-prompt-pattern attribute which "receives" the sudo prompt to put the password automatically.

Job Definition Example:

- defaultTab: nodes
  description: ''
  executionEnabled: true
  id: 57262967-00f1-4e5e-b872-57ace765daee
  loglevel: INFO
  name: TestSUDO
  nodeFilterEditable: false
  nodefilters:
    dispatch:
      excludePrecedence: true
      keepgoing: false
      rankOrder: ascending
      successOnEmptyNodeFilter: false
      threadcount: '1'
    filter: 'name: ubuntu '
  nodesSelectedByDefault: true
  options:
  - name: sudoPassword
    required: true
    secure: true
  plugins:
    ExecutionLifecycle: null
  scheduleEnabled: true
  sequence:
    commands:
    - description: 'first test: using the command step'
      exec: sudo whoami
    - description: 'second test: on script step'
      fileExtension: .sh
      interpreterArgsQuoted: false
      script: |
        sudo whoami
      scriptInterpreter: sudo /bin/bash
    keepgoing: false
    strategy: sequential
  uuid: 57262967-00f1-4e5e-b872-57ace765daee

Some things to consider:

The option named in the sudo-password-option node entry (sudoPassword on the job), must be a Secure Remote Authentication Option.
The sudo attributes work flawlessly on command steps, that's a little different on script steps (next point).
On Script steps (like your use-case), it needs to define the sudo command in the Invocation String textbox (Edit your job > Go to your script step > click on the Advanced link > Invocation string), in my case, I used sudo /bin/bash with .sh as File Extension.

Check the result here.

rundeck sudo: no tty present and no askpass program specified

Answers (1)

Related Questions