I'm trying to trigger an executable file ' post-receive ', after pushing some changes to a git repo on a remote machine . Within this file are some commands that require elevated privileges , such as:
sudo -S rm -f $HOME/.build
sudo -S rm -f $HOME/Packages
I've added a remote to my local repo:
git remote add live ssh://dev@ip/home/dev/app/.git
So I can push changes to my remote repo, like this:
git push live master
The ' post-receive ' file executes, whenever I push.
However , a password is requested for sudo commands within the ' post-receive ' file.
remote: [sudo] password for dev: Sorry, try again.
remote: [sudo] password for dev:
remote: sudo: 1 incorrect password attempt
remote: [sudo] password for dev:
Locally I have setup my SSH keys:
~/.ssh/id_rsa
~/.ssh/id_rsa.pub
Then , I've copied the local ' ~/.ssh/id_rsa.pub ' file contents into the remote ' ~/.ssh/authorized_keys ' file.
I've also setup a ' config ' file, locally, specifying the location of my identity:
HostName ip
IdentityFile ~/.ssh/id_rsa
At this point, I'm able to ssh into the remote machine, without any passwords , like this:
ssh dev@ip
This was already expected, however, when pushing changes to my remote repo:
git push live master
...it asks me for a password when running the remote ' post-receive ' file.
Running :
Following the Digital Ocean Deployment Tutorial
This has nothing to do with GIT or SSH. Linux distributions by default require any user running a sudo
command, even if they have permissions, to enter the password. This can be overridden (see below).
The step to override this :)
Check this answer for example.
You need to add a NOPASSWD
directive in your sudoers
file for the relevant user. Modified from that answer:
dev ALL = NOPASSWD: ALL
You could replace ALL
with a specific command for safety.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.