Capistrano using sudo even with "set :use_sudo, false"

ruby-on-rails-3 capistrano sudo rvm-capistrano
16,186

Solution 1

Apparently, it is not possible to disable sudo functionality with certain capistrano tasks. The assumption is that the unprivileged user on the server should not be able to carry out certain tasks.

The command in question is mkdir. I'd argue that an unprivileged user should be able to run this command if the parent folder is one that they have permission to do so for. I'd also argue that the user may in fact be a privileged user, such as root. Best practice? Not necessarily. Within the realm of reason for certain deployments, yes.

Here is the link to the response to my original question:

https://github.com/capistrano/capistrano/issues/211#issuecomment-7667467

Solution 2

For anyone else who runs into this issue and is a fool like me. Make sure you arn't quoting false. I had:

set :use_sudo, "false"

and when I switched it to

set :use_sudo, false

most things started working the way I expected. As YWCA Hello points out there are still commands that ignore the use_sudo setting. However, don't forget to set it correctly.

Share:
16,186
YWCA Hello
Author by

YWCA Hello

Updated on June 14, 2022

Comments

  • YWCA Hello
    YWCA Hello almost 2 years

    I do not wish to use sudo for any of my remotely executed commands via Capistrano. Specifically, when I run cap deploy:setup, I'm asked for my sudo password during the first mkdir command. I added set :use_sudo, false to my deploy.rb file, but this did not make a difference.

    I started with a fairly complete deploy.rb file, but whittled it down once I started having issues. Here is my minimal version that still shows use_sudo not being respected:

    # App Definitions

set :domain, '[server-ip]'
role :app, domain
role :web, domain
role :db, domain, :primary => true

set :user, "my_app"
set :use_sudo, false

task :sudo_test do
  run "#{try_sudo} whoami"
end

    running cap sudo_test results in me being prompted for my sudo password. What am I missing here (besides the hair I've already pulled out)?

    Google Findings

    https://groups.google.com/forum/?fromgroups#!topic/capistrano/QNYnvW8obrg

    A thread with someone having a similar issue. No conclusion/resolution noted in the thread.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Unable to bind to port 80, but running on the current shell works without any issues
Where to place "before" and "after" in a Capistrano recipe?
Capistrano deploy:migrate and db:migrate run all migrations every time
The --deployment flag requires a Gemfile.lock
How to run commands which require sudo using Capistrano V3?
Starting sidekiq with capistrano
Rails - Nginx needs to be restarted after deploying with Capistrano?
rails capistrano deployment error
Rails: Why "sudo" command is not recognized?
How to seed the production database using the Capistrano gem?