如何通过SSH将Sudo与Jenkins bash脚本一起使用?
[英]How to use Sudo with a Jenkins bash script over SSH?
问题描述
I have a physical machine (Win7) and a virtual machine (Red Hat) sharing a network. 
我有一台共享网络的物理机(Win7)和一台虚拟机(Red Hat)。 I am executing a bash script as a Jenkins job using the SSH plugin for Jenkins to deploy an application from the physical machine to the virtual machine. 我正在使用Jenkins的SSH插件将bash脚本作为Jenkins作业执行,以将应用程序从物理机部署到虚拟机。
I cannot use Root users due to security policy on the machine I want the script executed on and am instead limited to using standard users with sudo access. 由于要在其上执行脚本的计算机上的安全策略,我无法使用Root用户,而只能使用具有sudo访问权限的标准用户。
However, I want the script to run without interruption (I don't think Jenkins even allows you to enter user passwords when running bash scripts? Also, this doesn't seem like best practice anyway). 但是,我希望脚本可以不间断运行(我不认为Jenkins甚至不允许您在运行bash脚本时输入用户密码?而且,这似乎也不是最佳实践)。
Is there any method of bypassing the sudo request or configuration of the script that would allow this process to run the way I wish? 是否有任何方法可以绕过sudo请求或脚本配置,以使此过程按我希望的方式运行?
1 个解决方案
解决方案1
0 已采纳 2018-10-02 14:42:45
You can use a NOPASSWD directive in /etc/sudoers ; 您可以在/etc/sudoers使用NOPASSWD指令; see the sudoers manual page . 请参阅sudoers手册页 。
If that is not possible, you can always use expect to feed the password (stored somewhere in the account) to the sudo process. 如果无法做到这一点,则可以始终使用Expect将密码(存储在帐户中的某处)提供给sudo进程。 This is probably against your security policy as well. 这也可能违反您的安全策略。 You need to talk to the people who make the policy for advice on how you can automate these jobs (“digital transformation” and all that). 您需要与制定政策的人员交谈,以获取有关如何使这些工作自动化的建议(“数字化转型”等)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.