Tim, If you use `visudo` it's as easy as doing something like:
Cmnd_Alias DEPLOY_CMDS=/usr/bin/whatever, /usr/sbin/whatever-else %deployers (ALL);NOPASSWD; DEPLOYCMDS Check the exact syntax (sorry, no time to look it up, and that above is definitely wrong!) but it grants passwordless access to select white-listed commands to members of certain groups, which is a secure-enough solution I think. Beware for security reasons of granting `nopasswd sudo` to utils like `find` (which have an -exec option) - for the paranoid, that is. - Lee On 13 May 2011 13:02, Tim Uckun <[email protected]> wrote: > On Fri, May 13, 2011 at 6:21 PM, Lee Hambley <[email protected]> > wrote: > > You should endeavor to ensure that your deploy user can deploy without > > requiring 'sudo; in preference to configuring a prompt. (which can be > done > > very easily, check the docs and google.) > > > > My applications do deploy without sudo. I just wanted to run some one > off commands on the servers and thought I would try cap shell for the > first time instead of logging into each server and doing it manually. > > I googled around quite a bit but could not find any solutions. Most > posts are from 2007 and 2008 for some reason. > > Is it a difficult thing to set up? As I said ideally I could set the > password in the shell so that I don't have to type it for every server > and every command. > > Cheers. > > -- > * You received this message because you are subscribed to the Google Groups > "Capistrano" group. > * To post to this group, send email to [email protected] > * To unsubscribe from this group, send email to > [email protected] For more options, visit this group > at http://groups.google.com/group/capistrano?hl=en > -- * You received this message because you are subscribed to the Google Groups "Capistrano" group. * To post to this group, send email to [email protected] * To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/capistrano?hl=en
