[
https://issues.apache.org/jira/browse/JCLOUDS-973?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Yavor Yanchev updated JCLOUDS-973:
----------------------------------
Description:
Some older Suse versions have a configuration which prevents provisioning of
VMs with jclouds.
One such version is Suse Enterprise Linux 11. Its default PATH configuration
for ordinary users is missing privileged paths such as */usr/sbin* and */sbin*.
The problem is explained with more details at:
https://features.opensuse.org/310406
Current configuration for sudo created by jclouds
{code}
# cat /etc/sudoers
root ALL = (ALL) ALL
%wheel ALL = (ALL) NOPASSWD:ALL
{code}
It needs superuser paths to be part of the default user PATH configuration.
This is the case for RedHat- and Debian-derivatives, but not for SLES 11
If jclouds' configuration for sudo is extended with the following the
parameters:
{code}
Defaults env_reset
Defaults
secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
{code}
So it creates /etc/sudoers like:
{code}
Defaults env_reset
Defaults
secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
root ALL = (ALL) ALL
%wheel ALL = (ALL) NOPASSWD:ALL
{code}
It will retain full backward compatibility and provide workaround for Suse
deployments where sudo is needed and/or used.
Adding the parameters will not change the current behavior. It will just make
it more explicit, because
1. By default, the env_reset option is enabled
2. secure_path parameter is already used by most of the Linux distributions
was:
Some older Suse versions have a configuration which prevents provisioning of
VMs with jclouds.
One such version is Suse Enterprise Linux 11. Its default PATH configuration
for ordinary users is missing privileged paths such as */usr/sbin* and */sbin*.
The problem is explained with more details at:
https://features.opensuse.org/310406
Current configuration for sudo created by jclouds
# cat /etc/sudoers
root ALL = (ALL) ALL
%wheel ALL = (ALL) NOPASSWD:ALL
{code}
It needs superuser paths to be part of the default user PATH configuration.
This is the case for RedHat- and Debian-derivatives, but not for SLES 11
If jclouds' configuration for sudo is extended with the following the
parameters:
{code}
Defaults env_reset
Defaults
secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
{code}
So it creates /etc/sudoers like:
{code}
Defaults env_reset
Defaults
secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
root ALL = (ALL) ALL
%wheel ALL = (ALL) NOPASSWD:ALL
{code}
It will retain full backward compatibility and provide workaround for Suse
deployments where sudo is needed and/or used.
Adding the parameters will not change the current behavior. It will just make
it more explicit, because
1. By default, the env_reset option is enabled
2. secure_path parameter is already used by most of the Linux distributions
> Sudo configuration for Suse Enterprise which prevents execution of superuser
> commands
> -------------------------------------------------------------------------------------
>
> Key: JCLOUDS-973
> URL: https://issues.apache.org/jira/browse/JCLOUDS-973
> Project: jclouds
> Issue Type: Bug
> Affects Versions: 2.0.0, 1.9.0
> Environment: Suse Enterprise Linux 11 SP3 on AWS
> Reporter: Yavor Yanchev
>
> Some older Suse versions have a configuration which prevents provisioning of
> VMs with jclouds.
> One such version is Suse Enterprise Linux 11. Its default PATH configuration
> for ordinary users is missing privileged paths such as */usr/sbin* and
> */sbin*.
> The problem is explained with more details at:
> https://features.opensuse.org/310406
> Current configuration for sudo created by jclouds
> {code}
> # cat /etc/sudoers
> root ALL = (ALL) ALL
> %wheel ALL = (ALL) NOPASSWD:ALL
> {code}
> It needs superuser paths to be part of the default user PATH configuration.
> This is the case for RedHat- and Debian-derivatives, but not for SLES 11
> If jclouds' configuration for sudo is extended with the following the
> parameters:
> {code}
> Defaults env_reset
> Defaults
> secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
> {code}
> So it creates /etc/sudoers like:
> {code}
> Defaults env_reset
> Defaults
> secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
> root ALL = (ALL) ALL
> %wheel ALL = (ALL) NOPASSWD:ALL
> {code}
> It will retain full backward compatibility and provide workaround for Suse
> deployments where sudo is needed and/or used.
> Adding the parameters will not change the current behavior. It will just make
> it more explicit, because
> 1. By default, the env_reset option is enabled
> 2. secure_path parameter is already used by most of the Linux distributions
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
