Hi,

I recently came up with this 'issue' (not really an issue in fact, please read along) when I configured a Webmin panel on a CentOS 6.7 instance we use at work.

Thing is that the sudo tool provides a configuration flag to deny a command execution if it's not being invoked from a console. Originally this was thought as an additional security layer but ultimately proved to be more a nuisance than anything else and that's why Red Hat decided to switch it off by default on newer releases starting with RHEL 7 (I don't know starting at which Fedora release though).

To disable this check launch visudo, look for "Defaults requiretty" and comment the line. I believe that you can accomplish the same by adding the entry to a file in /etc/sudo.d/ but I didn't test it myself.

HTH

On Wed, Aug 19, 2015 at 1:31 AM inode0 <inode0@gmail.com> wrote:

On Tue, Aug 18, 2015 at 2:09 AM, Scott Mattan <s-mattan@niscom.co.jp> wrote:
> Hello,
>
> I am seeing some disparity between (two distributions granted) CentOS 6.6
> and Fedora22 in their use of the su utility. I cannot figure out the cause,
> so I cannot fix it.
>
> In CentOS there is no way to script login to root... this is of course a
> desirable trait.
> for instance,
> [ user@localhost user ]$ su root <<EOF
>> password
>> echo ""
>> id
>> EOF
> standard in must be a tty

$ (sleep 1; echo password) | python -c "import pty;
pty.spawn(['/bin/su','-c','id']);"

Some programs require stdin on a tty, su has gone back and forth on
it. It really doesn't stop anything.

John
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org