Re: [Fab-user] sudo fails every now and again

[Jeff Forcier]

On Fri, Dec 2, 2011 at 9:27 AM, Hajducko, Steven
<address@hidden> wrote:
>>First time it prompts me for a password - why? As far as I understand
>> Fabric should be able to handle this?

Steven is right that Fabric can't make your sudo setup not require a
password initially, but I wonder if something got missed in
translation in all of this (I didn't see mention of it in the earlier
conversation): you can set your sudo password as "env.password" in
your fabfile.

Fabric should then try that password for any initial sudo prompts, and
only interactively prompt if that fails.


Another alternative is actually to remove the sudo password entirely
and give the user running this script (and only that user!) "ALL=(ALL)
NOPASSWD: ALL" access. Combined with key-only SSH authentication and
proper key management, it grants that user script-friendly admin
access without having the user's login password in your code.

There are pluses and minuses to both approaches but either one should
work for the most part.

Hope that helps,
Jeff

-- 
Jeff Forcier
Unix sysadmin; Python/Ruby engineer
http://bitprophet.org