Hi Julien,
Have you tried using the "shell" argument to disable shell wrapping? e.g.
sudo('uptime', shell=False)
See
http://docs.fabfile.org/en/1.7/api/core/operations.html#fabric.operations.run
Regards,
Ronan Amicel
On Thu, Aug 22, 2013 at 12:34 AM, julien silverston <
julien.silvers...@gmail.com> wrote:
> Hello,
>
> I'm very please with Fabric and I use it with a lot success to manage my
> servers.
> Even convinced my collegues to use it.
> But actually for security reason, mostly to avoid shell escape I can't use
> it.
>
> As exemple I do with sudo :
>
> @task
> def host_type():
> run('sudo su -c "uname -a"')
> sudo('uptime')
>
>
> [serverX] Executing task 'host_type'
> [serverX] run: sudo su -c "uname -a"
> [serverX] Login password for 'me':
> [serverX] out: [sudo] password for me:
> [serverX] out: Sorry, user me is not allowed to execute '/bin/su -c uname
> -a' as root on serverX.
> [serverX] out:
>
> Warning: run() received nonzero return code 1 while executing 'sudo su -c
> "uname -a"'!
>
> [serverX] sudo: uptime
> [serverX] out: sudo password:
> [serverX] out: Sorry, user me is not allowed to execute '/bin/bash -l -c
> uptime' as root on serverX.
> [serverX] out:
>
>
> Warning: sudo() received nonzero return code 1 while executing 'uptime'!
>
> I know how to setup sudoers, but for company policies I can't change it.
>
> sudoers contains :
> !/bin/bash,!/bin/su
>
> I tried to use env.shell = "" , pty=False but with no success.
>
> How I can update Fabric and others framework, like cuisine to continue to
> use Fabric despite this rule that I can't change.
>
> I can change all sudo command for run('sudo xxx') but will ask my password
> each time and I can use cuisine anymore.
>
> Thank you,
>
> Julien
>
> _______________________________________________
> Fab-user mailing list
> Fab-user@nongnu.org
> https://lists.nongnu.org/mailman/listinfo/fab-user
>
>
_______________________________________________
Fab-user mailing list
Fab-user@nongnu.org
https://lists.nongnu.org/mailman/listinfo/fab-user
