Release Automation

Hi All,

I am using Run Command (SSH) action to execute the sudo command on remote host where CA agent is not installed but the action is not coming out with any result. it just show that "Process is Running."

Here is the action snapshot with all parameter, I need to create one tar file on remote host so that i need to execute the below command,

sudo su - abcd;tar -cvf <folder path to be archive>

Hi, please see the following post for sudo access with RA actions

Nolio Official KB: Run as User

Hi, 

I think the KB article describes how to run the action using sudo - which may be what you want. But, the way that it is described I don't think it is what you want. Configuring the action to use a specific user via the properties tab (in asap, settings tab in roc) would just change who was issuing the ssh command where the agent is running. It wouldn't get the ssh command itself to issue a command using sudo. 

Before you try and get the action to work I would recommend trying to get this to work manually from the agent machine. Doing it on a system here I found I could use the following to read a file owned by root with file permissions of 600:

ssh <my non root user>@<remote servername> "sudo cat /tmp/test.txt"

But, before I could get that to work I needed to change sudoers file. Specifically

From: Defaults    requiretty

To: Defaults    !requiretty

Otherwise you get an error:
sudo: sorry, you must have a tty to run sudo

Regards,

Gregg

Hi Gregg,

Do I need to make a changes in Sudoers files on system where agent is installed?

Hi,

First, to answer your question directly... No. On the remote machine.

Second, changing the default for all users might be an overkill. And an overkill that your admins don't accept. I have verified that using the following would work for the specific <my non root user> that you're using in the ssh command:

Defaults:<my non root user>    !requiretty

But, this may only be needed while running it manually. It was needed for me to run it manually. And the purpose of running it manually is to make sure that the command works as you expect it to work without having to parse through agent logs, etc.. Once you have gotten it to work then:

a. you know what command to use successfully via the action; and

b. you might be able to remove that entry based on some of the other agent fields (like force tty). I haven't tried the action with/without these sudo settings so your findings would be much appreciated. 

Also, I'm taking a closer look at the command you're running (sudo su - <username>; tar -cvf abc.tar abc/). I think the command will have a problem all by itself. It does if I try something similar on the local machine. Running it on the local machine takes ssh out of the equation - which is probably step 1. Then step 2 would be testing it manually with ssh and comparing the versions of this command that you get working with the options that action offers to result in a working version of the action. 

But I digress. The command that I needed to run to successfully run something similar to what you show in your screenshot was: sudo su - <username> -c "cat /tmp/test.txt"

This assumes that su is really necessary and you can't just use sudo in a command like this:

sudo -u <username> cat /tmp/test.txt

I hope this helps.

Regards,

Gregg

Hi Gregg,

I got something without doing any any changes in Sudoers files under /etc. I used the same action "Run Command (SSH)" with below command and that worked for me,

sudo -u <non root user> tar -cPvf  <path to create a tar file> <source files to be archived in a tar>

Thanks a lot for your help and suggestion and from there only i got a solution.

Great, glad to help. If your question is answered could you please click the "Mark Correct" button for whichever response you found most helpful? 

Cheers,

Gregg

Check your sudoers file, probably the session is waiting for password typing.

Your user should have NOPASSWD instruction similar to this one:

username ALL=(ALL) NOPASSWD: ALL