Unset requiretty if it exists in sudoers

Fedora sets requiretty globally by default. This makes sense for
interactive machines with lots of password typing, but is pretty
attrocious for machines that might need users who remotely sudo to do
things. Just remove the setting.

Change-Id: Ic32bd92061a73f854683cc0d2d8919071dabe8cf
This commit is contained in:
Monty Taylor 2014-11-28 11:35:00 -05:00
parent 019196ef7f
commit bec83686f4
3 changed files with 12 additions and 16 deletions

View File

@ -1,8 +0,0 @@
#!/bin/bash
set -eu
set -o pipefail
# heat-admin can not sudo without a tty by default
echo 'Defaults:heat-admin !requiretty' >> /etc/sudoers.d/heat-admin-notty
chmod 0440 /etc/sudoers.d/heat-admin-notty
visudo -c

View File

@ -1,8 +0,0 @@
#!/bin/bash
set -eu
set -o pipefail
# root can not sudo without a tty by default.
echo "Defaults:root !requiretty" >> /etc/sudoers.d/root-notty
chmod 0440 /etc/sudoers.d/root-notty
visudo -c

View File

@ -0,0 +1,12 @@
#!/bin/bash
set -eu
set -o pipefail
# Fedora sets requiretty by default, which while great for machines that are
# going to see a lot of passwords sent over the wire because of interactive
# activity, that's not how we're using these. Remove the setting, and the
# comments about it
sed -i -e '/^Defaults\s*requiretty/d' -e '/Disable "ssh hostname/d' /etc/sudoers
sed -i -e '/You have to run/d' /etc/sudoers
visudo -c