Hi Julien, Have you tried using the "shell" argument to disable shell wrapping? e.g.
sudo('uptime', shell=False) See http://docs.fabfile.org/en/1.7/api/core/operations.html#fabric.operations.run Regards, Ronan Amicel On Thu, Aug 22, 2013 at 12:34 AM, julien silverston < julien.silvers...@gmail.com> wrote: > Hello, > > I'm very please with Fabric and I use it with a lot success to manage my > servers. > Even convinced my collegues to use it. > But actually for security reason, mostly to avoid shell escape I can't use > it. > > As exemple I do with sudo : > > @task > def host_type(): > run('sudo su -c "uname -a"') > sudo('uptime') > > > [serverX] Executing task 'host_type' > [serverX] run: sudo su -c "uname -a" > [serverX] Login password for 'me': > [serverX] out: [sudo] password for me: > [serverX] out: Sorry, user me is not allowed to execute '/bin/su -c uname > -a' as root on serverX. > [serverX] out: > > Warning: run() received nonzero return code 1 while executing 'sudo su -c > "uname -a"'! > > [serverX] sudo: uptime > [serverX] out: sudo password: > [serverX] out: Sorry, user me is not allowed to execute '/bin/bash -l -c > uptime' as root on serverX. > [serverX] out: > > > Warning: sudo() received nonzero return code 1 while executing 'uptime'! > > I know how to setup sudoers, but for company policies I can't change it. > > sudoers contains : > !/bin/bash,!/bin/su > > I tried to use env.shell = "" , pty=False but with no success. > > How I can update Fabric and others framework, like cuisine to continue to > use Fabric despite this rule that I can't change. > > I can change all sudo command for run('sudo xxx') but will ask my password > each time and I can use cuisine anymore. > > Thank you, > > Julien > > _______________________________________________ > Fab-user mailing list > Fab-user@nongnu.org > https://lists.nongnu.org/mailman/listinfo/fab-user > >
_______________________________________________ Fab-user mailing list Fab-user@nongnu.org https://lists.nongnu.org/mailman/listinfo/fab-user