Unset requiretty if it exists in sudoers
Fedora sets requiretty globally by default. This makes sense for interactive machines with lots of password typing, but is pretty attrocious for machines that might need users who remotely sudo to do things. Just remove the setting. Change-Id: Ic32bd92061a73f854683cc0d2d8919071dabe8cf
This commit is contained in:
parent
019196ef7f
commit
bec83686f4
@ -1,8 +0,0 @@
|
||||
#!/bin/bash
|
||||
set -eu
|
||||
set -o pipefail
|
||||
|
||||
# heat-admin can not sudo without a tty by default
|
||||
echo 'Defaults:heat-admin !requiretty' >> /etc/sudoers.d/heat-admin-notty
|
||||
chmod 0440 /etc/sudoers.d/heat-admin-notty
|
||||
visudo -c
|
@ -1,8 +0,0 @@
|
||||
#!/bin/bash
|
||||
set -eu
|
||||
set -o pipefail
|
||||
|
||||
# root can not sudo without a tty by default.
|
||||
echo "Defaults:root !requiretty" >> /etc/sudoers.d/root-notty
|
||||
chmod 0440 /etc/sudoers.d/root-notty
|
||||
visudo -c
|
12
elements/rpm-distro/pre-install.d/00-fix-requiretty
Executable file
12
elements/rpm-distro/pre-install.d/00-fix-requiretty
Executable file
@ -0,0 +1,12 @@
|
||||
#!/bin/bash
|
||||
set -eu
|
||||
set -o pipefail
|
||||
|
||||
# Fedora sets requiretty by default, which while great for machines that are
|
||||
# going to see a lot of passwords sent over the wire because of interactive
|
||||
# activity, that's not how we're using these. Remove the setting, and the
|
||||
# comments about it
|
||||
|
||||
sed -i -e '/^Defaults\s*requiretty/d' -e '/Disable "ssh hostname/d' /etc/sudoers
|
||||
sed -i -e '/You have to run/d' /etc/sudoers
|
||||
visudo -c
|
Loading…
Reference in New Issue
Block a user