Hi Tim, On Wed, Nov 14, 2012 at 5:48 AM, Tim T. <[email protected]> wrote:
> I want to install software remotely, using some python scripting. I can > create a user and allow all commands through sudo. However, I don't want to > leave this account as an available login for others. > > Setting the shell to /sbin/nologin stops the sudo command from executing. > Using /bin/false and /bin/true also don't work. Can you post an example of both your fabfile & the (full!) output from your run? There's a few possible reasons and it'd be helpful to rule some out. I can't recreate this on a Debian system, but I know the default sudoers configs differ a bit between distros. On Fri, Nov 23, 2012 at 12:01 AM, Chris Withers <[email protected]> wrote: > Didn't realise the client could specify what shell it wanted to use, > wouldn't this be a bit of a security hole? This is about a Fabric specific shell "wrapper" -- a command Fabric wraps run()'s argument in, not the actual login shell of the user (which isn't typically invoked. See e.g. http://docs.fabfile.org/en/1.5/usage/env.html#shell . Best, Jeff -- Jeff Forcier Unix sysadmin; Python/Ruby engineer http://bitprophet.org _______________________________________________ Fab-user mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/fab-user
