Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sudo -v fails with a terminal is required to read the password on macos images #10484

Open
3 of 13 tasks
nyoungstudios opened this issue Aug 25, 2024 · 3 comments
Open
3 of 13 tasks

sudo -v fails with a terminal is required to read the password on macos images #10484

nyoungstudios opened this issue Aug 25, 2024 · 3 comments
Assignees
@sarathrajsrinivasan
Labels
Area: Scripting and command line bug report OS: macOS

Comments

@nyoungstudios
Copy link

nyoungstudios commented Aug 25, 2024
edited
Loading

Description

sudo -v fails on macos images even though runner ALL=(root) NOPASSWD:ALL is set properly in the //etc/sudoers.d/runner file.
Interesting, other sudo commands like sudo echo hi work just fine on the macos images without needing a password. I think this is a problem unless I am missing something entirely.

sudo -v runs properly on ubuntu images (I tested ubuntu-22.04)

Platforms affected

  • Azure DevOps
  • GitHub Actions - Standard Runners
  • GitHub Actions - Larger Runners

Runner images affected

  • Ubuntu 20.04
  • Ubuntu 22.04
  • Ubuntu 24.04
  • macOS 12
  • macOS 13
  • macOS 13 Arm64
  • macOS 14
  • macOS 14 Arm64
  • Windows Server 2019
  • Windows Server 2022

Image version and build link

Here is an example run: https://github.com/nyoungstudios/alfa/actions/runs/10543768830

Current runner version: '2.319.1'
Image: macos-14-arm64
Image: macos-13

Is it regression?

no

Expected behavior

sudo -v should run as expected without prompting for password

Actual behavior

sudo -v fails with this error message:

sudo: a terminal is required to read the password; either use the -S option to read from standard input or configure an askpass helper
sudo: a password is required

Repro steps

Run this GitHub action workflow

name: Test Sudo

on:
  push:
  workflow_dispatch:

jobs:
  test-sudo:
    name: Test sudo
    runs-on: ${{ matrix.os }}
    strategy:
      fail-fast: false
      matrix:
        os: [ubuntu-22.04, macos-14, macos-13]

    steps:
      - uses: actions/checkout@v4

      - name: testing
        run: |
          uname -a
          sudo cat /etc/sudoers.d/runner
          sudo echo hi
          sudo -v
@susmitamane
Copy link
Contributor

Hi @nyoungstudios

We are looking into it. Will keep you posted.

@sarathrajsrinivasan
Copy link
Contributor

Hi @nyoungstudios ,

Please use the below workaround in your workflow to enable sudo to run without prompting for a password.

      - name: Enable no password for sudo
        run: |
          sudo sed -i '' 's/%admin		ALL = (ALL) ALL/%admin		ALL = (ALL) NOPASSWD: ALL/g' /etc/sudoers
          sudo -v

We are working on adding the above change to the image as well. Will update here once the changes are done.

@almirsarajcic
Copy link

Thanks, @sarathrajsrinivasan.
That worked!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sarathrajsrinivasan sarathrajsrinivasan

Labels
Area: Scripting and command line bug report OS: macOS
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@almirsarajcic @nyoungstudios @erik-bershel @sarathrajsrinivasan @prasanjitsahoo @sureshe456 @susmitamane