Issues with no tty present, when using Jenkins

StackOverflow https://stackoverflow.com/questions/19936351

  •  30-07-2022
  •  | 
  •  

Question

So in short I have a Jenkins job, that need to change user and permissions. SSH-part looks something like this:

ssh -i {$id_rsa} {$user}@{$server} sudo chown -R nobody:nogroup {$root}/{$checkout_path}/

So the issue is that I get an error:

"Pseudo-terminal will not be allocated because stdin is not a terminal.
sudo: no tty present and no askpass program specified"

So I tried single -t, which didn't work, but double should do the trick:

ssh -i {$id_rsa} -t -t {$user}@{$server} sudo chown -R nobody:nogroup {$root}/{$checkout_path}/

So... the real issue is that of some reason the script stops at the line, and just keep on running. Forever I would guess. I let it run for about 15 minutes, which is way to long anyway. No effect on the remote server, and it seems to do pretty much nothing.

Anyone got any ideas of why this happens?

Was it helpful?

Solution

So finally got it all right. As mentioned in my comment before (Issues with no tty present, when using Jenkins), the issue wasn't directly the call itself. The issue what that jenkins was asked for password, which didn't appear in output.

Solution was to first correct sudoers, and then make a small change to call (replace nobody:nogroup with nobody.nogroup):

ssh -i {$id_rsa} {$user}@{$server} sudo chown -R nobody.nogroup {$root}/{$checkout_path}/

So actual call would be something like this:

ssh -i /var/opt/jenkins/.ssh/id_rsa -t jenkins@remote.server sudo chown -R nobody.nogroup /var/www/some/directory

Sudoers now looks something like:

jenkins ALL=(ALL) NOPASSWD: /bin/chown nobody.nogroup *,/bin/chown -R nobody.nogroup *

Ps. I'm aware of the security issues with letting jenkins user use sudo chown nobody.nogroup anywhere. On the other hand it wouldn't do any good to restrict with /var/www/* as it is very easy to get around that anyway. So for security reasons it would probably be better to do something completely different...

OTHER TIPS

you probably want to quote the command line (from sudo to the end of the line).

also, bash variable expansion (if your shell is bash) is written ${var} and not {$var}, so maybe try this:

ssh -i ${id_rsa} -t -t ${user}@${server} "sudo chown -R nobody:nogroup ${root}/{$checkout_path}/"
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top