I have set up a CI build server using the GitHub Actions self-hosted runner instructions. Everything works fine until it reaches this instruction:
sudo xcode-select -switch /Applications/Xcode_11.5.app
it asks for my password inside the macOS Terminal. This defeats the purpose of a build server if I have to type in my password every single time this job runs. I've tried configuring the runner as a service but when I did that the job completely failed because it needs a terminal to ask for the password.
Is there a way to set the password so the runner stops asking me every single time?
You can try to remove the sudo command.
The following worked for me by editing the visudo file
do use this with caution as you are making sudo passwordless
Editing visudo
╰─ sudo EDITOR=vi visudo
Commenting the %admin line and adding the following line
╰─ sudo cat /etc/sudoers | grep admin
# %admin ALL = (ALL) ALL
%admin ALL=(ALL) NOPASSWD: ALL
In case you get locked out of sudo, the following will help.
Locked out of sudo ?
Related
I'm on Mac OSX and I've always had to run the gcloud command with sudo. I can usually work around it, but it has started to cause me some issues. I tried following this answer here, but I am not sure where the gcloud command gets called from. It's not in /usr/bin.
I have found that my gcloud sdk is installed at /Users/Max/Desktop/google-cloud-sdk/, and I have tried adding /bin/gcloud and '/lib/gcloud.py' from that path. No luck! Any idea how I can give NOPASSWD permissions to this command?
I'm on macOS and my issue was that my google-cloud-sdk install folder and it's config folder at ~/.config/gcloud were owned by root. The fix is to sudo chown -R <your-username> google-cloud-skd and sudo chown -R <your-username> ~/.config/gcloud. And done: no more sudo.
I was able to resolve this issue myself. This article was very helpful. Ultimately, you just have to add sudo privileges to the gcloud command. You will have to give those permissions by running sudo visudo and adding a line in the following format:
<yourusername> ALL=NOPASSWD: <command1>, <command2>
Mine line ended up looking like this:
Max ALL=NOPASSWD: /Users/Max/Desktop/google-cloud-sdk/bin/gcloud
The part that tripped me up was figuring out where the gcloud command was installed. You have to add that path at the end of the permissions. You can find out where it is installed by running which gcloud.
I installed elasticsearch this way :
retrieved the tar.gz on windows, extracted it and put it on a zip
uploaded the zip over ssh on a server and use 'unzip file' to unzip it.
I modified the elasticsearch file so that it has this line
export JAVA_HOME = "/home/xxx/project1/jdk1.8.0_73_linux64"
just below
#!/bin/sh
now when I go into /home/xxx/project1/elasticsearch/bin and type
./elasticsearch
I get
-bash: ./elasticsearch: Permission denied
What could I do to get more information about the problem?
I'm logged as user xxx
Thanks.
The problem is, that you've installed elastic being logged in as root. Now you're surely logged in as not root. If you're working as a user with root privileges, you potentially could start elastic, but it tells you, you can't run in as root. The owner of your elastic folder is root (he installed it). So, all you need to do is to change the owner of a folder to your xxx-user (to let him run elastic). You can easily do it executing a command:
chown -R new_owner path
for example, user is xxx and path is /opt/elasticsearch-2.3.5:
chown -R xxx /opt/elasticsearch-2.3.5
"-R" parameter ensures, that not only folder, but all files inside will recursively change the owner you provide.
Try to install using the package Yum Install for elasticsearch.
Else try: Its sounds like the user permission to access the files.
Ensure that you have downloaded the linux distribution (Optional) Since you have mentioned its tar.gz.
If you have extracted using sudo command then you need to change the user permission for elasticsearch folder to logged in user OR start the elasticsearch using sudo command
sudo ./elasticsearch -d
Check the execution permission if not please do the same by following command
sudo chmod +x /home/xxx/project1/elasticsearch/bin/elasticsearch.sh
Try this things if not please create a chat window and invite me.
Looking ahead I will immediately say that the ES app doesn't work using the sudo
In my case with ES 6.8.1 version on ubuntu i solved the problem using this steps:
Add the current user(or any other) to ES group:
sudo adduser <yourName> elasticsearch
Add possibility to execute ES:
sudo chmod +x /usr/share/elasticsearch/bin/elasticsearch
Then i changed owner of some paths**, in my case these were:
sudo chown -R <yourName>:elasticsearch /etc/default/elasticsearch
sudo chown -R <yourName>:elasticsearch /etc/elasticsearch
sudo chown -R <yourName>:elasticsearch /var/log/elasticsearch
**I started the application several times and then looked where I had no permission
Then i started ./usr/share/elasticsearch/bin/elasticsearch and saw the long-awaited JSON on port 9200 :)
Hope this will help someone.
I recently installed Arch Linux on my Raspberry Pi and, after logging in as root and creating myself a user account I tried to use the sudo command. This was the result:
[phillipus#alarmpi home]$ sudo mkdir Public
bash: sudo: command not found
After searching for the problem, I logged in as root and executed pacman -S sudo. This was followed by a long output and a confirmation of installation. Following this, I retried to use sudo both as root and as my user, both times getting the same response. Following another solution to the problem, I tried to add myself to /etc/sudoers, only to find out that it didn't exist.
I am not very experienced with Linux, so could you please try to explain your responses fully?
First, you need to install the sudo package to use sudo:
pacman -S sudo
After that, you need to edit the sudoers file and add your username to it.
You can add yor user to the wheel group using usermod -G wheel yourusername and uncomment the %wheel ALL=(ALL) ALLline in the sudoers file. For more information, have a look at Sudo - ArchWiki
BACKGROUND:
I have an application that is freshly deployed every day -- a VM is created, and then root for that system creates a "systemuser", which then installs the application.
It's running:
CentOS 6
RVM
Ruby 1.8.7 on Rails
passenger
The way it's set up, I have to have Ruby on Rails install itself, and install passenger. To this end the user running the service has sudo powers, but the intention is to only allow the commands needed during installation. For security and maintainability reasons we cannot put the sudo password in the script.
my /etc/sudoers includes:
systemuser ALL = NOPASSWD: /usr/bin/env, /bin/bash, /usr/local/rvm/rubies/ruby-1.8.7-p358/bin/gem, /bin/cp, /bin/ln, /bin/mv, /bin/rm, /etc/init.d/httpd *
THE PROBLEM:
Until recently a variant of this worked great. However recently something changed somewhere (?) and the rvmsudo command no longer executes without a password prompt.
$ rvmsudo passenger-install-apache2-module
We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:
#1) Respect the privacy of others.
#2) Think before you type.
#3) With great power comes great responsibility.
[sudo] password for systemuser:
THE QUESTION:
What is the minimal set of commands that should be in /etc/sudoers to install rvm, ruby, bundler/gem, and then passenger2 on apache?
Yes, I've read the "documentation" at https://rvm.io/integration/passenger/
Creative solutions welcomed! I realize one may say this looks like a pretty hacky system, and I'd agree with you. But at the moment it's hard for me to improve it without understanding what commands are being run by this passenger install script.
Removing "env" and "bash" from the front and adding "rvm" gets a little farther:
systemuser ALL = NOPASSWD: /usr/local/rvm/bin/rvmsudo, /usr/local/rvm/gems/ruby-1.8.7-p358/bin/passenger-install-apache2-module, /bin/cp, /bin/ln, /bin/mv, /bin/rm, /etc/init.d/httpd *
running this:
$ rvmsudo passenger-install-apache2-module
[sudo] password for systemuser:
Thanks for your attention!
/usr/bin/env is a router allowing to run any command, the same for /bin/bash, you would have to add which passenger-install-apache2-module instead of them.
I am trying to run a bash script on a MacOSX Node (master is on windows) through hudson,
but get 'Operation not permitted' when script invokes sudo command (su as well).
I added the following line to
/etc/sudoers:
'user' ALL:(ALL) NOPASSWD: ALL
'user' is logged on the Mac Node, java agent started with the same user.
still getting this error...
any idea ?
Is it possible your syntax is wrong? On my OSX 10.6 I have:
username ALL=(ALL) NOPASSWD: ALL
Note the equals vs. colon. I have no problem running sudo tasks either with Hudson or from command-line.