mina/foreman does not work due to sudo

[postmodern]

Every sudo command fails to run:

-----> Restarting resque services
       sudo: no tty present and no askpass program specified
       sudo: no tty present and no askpass program specified
 !     ERROR: Deploy failed.

[mcescalante]

If it is possible for you on your system (some production systems will not allow this), add NOPASSWD to the sudoers file for the specific user you are deploying with. Example sudoers entry:

admin ALL = NOPASSWD: ALL

[postmodern]

@mcescalante adding user ALL = NOPASSWD: ALL for the deploy user is a major security risk. If an attacker can compromise the user running the app, then they also get full root access. It's much safer to individually white-list the sudo commands. See my example: #234 (comment)

[mcescalante]

Right, it being a security risk is what my intentions were by including the "possible on your system" part. If one was deploying to an isolated test environment and didn't want to keep adding & removing command whitelist lines to sudoers, adding that as a temporary solution until ready to a production deploy may be okay. I agree this should absolutely not be used in production. As you mentioned, whitelisting the specific commands necessary is the most secure & elegant solution. Clearly, my answer was poor - thanks for posting in here to clarify especially if future users are trying to address something like this 😄

[gabskoro]

Ok, we have a nice solution, so I can close this "issue".

[postmodern]

@gabskoro could you include my example /etc/sudoers.d/ code into the documentation for mine/foreman?