logo标签列表

当我尝试执行"cat /etc/chef/client.pem"命令时,Vagrant::Butcher出现了"sudo: no tty present and no askpass program specified"错误。

chef-infravagrantsudo
5

使用Vagrant 1.4.3和Vagrant::Butcher 2.1.5的Ubuntu 10.04.1 LTS。

在“vagrant up”结束时,我遇到以下错误:

...
[2014-03-17T22:50:56+00:00] INFO: Chef Run complete in 245.448117502 seconds
[2014-03-17T22:50:56+00:00] INFO: Running report handlers
[2014-03-17T22:50:56+00:00] INFO: Report handlers complete

[Butcher] Creating /home/testuser/vagrant_test/.vagrant/butcher
[Butcher] Failed to create /home/testuser/vagrant_test/.vagrant/butcher/DEV-35-51-client.pem: Vagrant::Errors::VagrantError - The following SSH command responded with a non-zero exit status.
Vagrant assumes that this means the command failed!

cat /etc/chef/client.pem

Stdout from the command:



Stderr from the command:

sudo: no tty present and no askpass program specified
Sorry, try again.
sudo: no tty present and no askpass program specified
Sorry, try again.
sudo: no tty present and no askpass program specified
Sorry, try again.
sudo: 3 incorrect password attempts

厨师客户端已成功运行,我们的烹饪书籍都已安装。其中之一是“sudo”社区烹饪书,我在思考我们是否删除了vagrant用户需要执行cat以读取client.pem文件的条目。

有人能告诉我那可能是什么吗?

更新:

1)vagrant用户是“sudo”组的一部分:

$ grep sudo /etc/group
sudo:x:27:vagrant

2) sudoers文件包含一个条目,允许“sudo”用户组运行任何命令:

# This file is managed by Chef.
# Do NOT modify this file directly.

Defaults      env_reset
Defaults      secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

# User privilege specification
root      ALL=(ALL:ALL) ALL
nagios    ALL=(ALL) NOPASSWD: /usr/local/nagios/libexec/


# Members of the group 'admin' may gain root privileges
%admin ALL=(ALL) ALL

# Allow members of group sudo to execute any command
%sudo     ALL=(ALL:ALL) ALL

#includedir /etc/sudoers.d
那么,为什么不在vagrant-butcher插件上报告这个问题呢?https://github.com/cassianoleal/vagrant-butcher - sethvargo
“sudo” 组具有 sudo 访问权限,但不是无需密码的。@tmatilai 的答案似乎很准确。 - cassianoleal
2个回答
5
这实际上不是一个Vagrant-Butcher问题;那个插件只是第一个遇到这个问题的。任何后续的Vagrant操作也会失败。
Vagrant需要无需密码的sudo权限。看起来基础盒子在/etc/sudoers中声明了它,而你又用sudo cookbook覆盖了它。
你至少有以下几个选择:
1. 将node['authorization']['sudo']['passwordless']属性设置为true。 2. 根本不包括sudo cookbook的默认recipe。 3. 使用sudo LWRP授予vagrant用户无需密码的sudo访问权限。 4. 使用或构建一个已经使用/etc/sudoers.d/的基础盒子。
不是很确定为什么,但我必须做#1和#4。 - Chris
5

tmatilai已经非常好地解决了这个问题,但我想在这里发表我的解决方案以供将来参考。我发现与他提到的第三种选项相同的解决办法是为vagrant用户编写一个sudoers.d配置文件的配方。这迫使我修改sudo社区食谱,以支持SETENV选项。否则,您会收到以下错误:

sudo: sorry, you are not allowed to preserve the environment

生成的文件是/etc/sudoers.d/vagrant,请注意,它需要同时具有NOPASSWD和SETENV权限:
# This file is managed by Chef.
# Do NOT modify this file directly.

vagrant  ALL=(ALL) NOPASSWD:SETENV: /bin/

以下是我所做的更改:

文件:sudo/recipes/default.rb

# if the node belongs to the "development" environment, create a config file
# for the vagrant user, e.g. /etc/sudoers.d/vagrant
if node.chef_environment == 'development'
  sudo 'vagrant' do
    user      'vagrant'
    runas     'ALL'  # can run as any user
    host      'ALL'  # from any Host/IP
    nopasswd  true   # prepends the runas_spec with NOPASSWD
    setenv    true   # prepends the runas_spec with SETENV
    commands  ['/bin/']  # let the user run anything in /bin/ without a password
  end
end

File: sudo/resources/default.rb

# add new attribute "setenv"
attribute :setenv,     :equal_to => [true, false],  :default => false

# include it in the state_attrs list
state_attrs :commands,
            :group,
            :host,
            :nopasswd,
            :setenv,
            :runas,
            :template,
            :user,
            :variables

File: sudo/providers/default.rb

# in render_sudoer, add setenv to the variables list
variables     :sudoer => sudoer,
              :host => new_resource.host,
              :runas => new_resource.runas,
              :nopasswd => new_resource.nopasswd,
              :setenv => new_resource.setenv,
              :commands => new_resource.commands,
              :defaults => new_resource.defaults

文件:sudo/templates/default/sudoer.erb
# generate SETENV option in the config file entry
<% @commands.each do |command| -%>
<%= @sudoer %>  <%= @host %>=(<%= @runas %>) <%= 'NOPASSWD:' if @nopasswd %><%= 'SETENV:' if @setenv %> <%= command %>
<% end -%>
网页内容由stack overflow 提供, 点击上面的
可以查看英文原文,
原文链接