On Sep 8, 2009, at 3:06 PM, Alan Hawrylyshen wrote:
On Sep 8, 2009, at 11:59 , Jeff Forcier wrote:
Secondly, I'm not sure offhand why it would complain unless your
server has an oddball sudoers setup. Have you worked with sudo
before?
Are you sure the account you're connecting as has sudoers permissions
(e.g. is in the 'admin' or 'wheel' group)?
Actually, it sounds like Tom has specifically cranked down the
access for sudo.
Yes, that's exactly right. My sudoers line is:
%staff ALL=NOPASSWD: /etc/init.d/apache2,/etc/init.d/memcache,/etc/
init.d/postgresql-8.3
I don't see much point in using sudo if you need access to /bin/bash,
might as well just ssh as root.
(...)
Can fabric be configured to dispense with the shell wrapper?
I suspect this is a deep and complex issue; but it is well worth
discussing.
Tom; It might be possible to build a custom shell that would work in
place of bash that restricted the sub-commands.
Cant' fabric just execute sudo remotely instead of using bash to
execute sudo?
(Granted, I'm speaking fairly ignorantly, I haven't even glanced at
the internals.)
-Tom
_______________________________________________
Fab-user mailing list
Fab-user@nongnu.org
http://lists.nongnu.org/mailman/listinfo/fab-user
