Menu
When I would like to do something that requiers sudo privelegies, the build process stucks and when ps aux for that command, it hanging in the list but doing nothing.
E.g.:
in the buildscript:
# stop nginx echo "INFO: stopping nginx. pid [$(cat /opt/nginx/logs/nginx.pid)]" sudo kill $(cat /opt/nginx/logs/nginx.pid) in the gitlab ci output console:
INFO: stopping nginx. pid [2741] kill $(cat /opt/nginx/logs/nginx.pid) # with a spinning wheel in the bash:
> ps aux | grep nginx root 6698 0.0 0.1 37628 1264 ? Ss 19:25 0:00 nginx: master process /opt/nginx/sbin/nginx nobody 6700 0.3 0.3 41776 3832 ? S 19:25 0:00 nginx: worker process kai 7015 0.0 0.0 4176 580 pts/0 S+ 19:27 0:00 sh -c sudo kill $(cat /opt/nginx/logs/nginx.pid) kai 7039 0.0 0.0 7828 844 pts/2 S+ 19:27 0:00 grep nginx So:
sudo kill $(cat /opt/nginx/logs/nginx.pid) is going to execute, but sh -c sudo kill $(cat /opt/nginx/logs/nginx.pid) 
581
In Linux, the sudo command allows us to execute a command or script as the superuser. However, by default, the sudo command works in an interactive mode.
SSH Runner You can configure the gitlab-ci-runner to connect to a remote host using SSH. You configure this to use a user remotely that has sudo permissions, and perform the build using that user. The remote host can be the same machine that the gitlab runner is executing on, or it can be another host.
Step 1: Install the 'sudo' command To achieve this, log in or switch to root user and use the APT package manager to update the system package list. Then install sudo as shown. When prompted to continue. hit 'Y' to proceed.
There are a couple of ways to resolve this.
You can grant sudo permissions to the gitlab-runner user as this is who is executing the build script.
$ sudo usermod -a -G sudo gitlab-runner You now have to remove the password restriction for sudo for the gitlab-runner user.
Start the sudo editor with
$ sudo visudo Now add the following to the bottom of the file
gitlab-runner ALL=(ALL) NOPASSWD: ALL Do not do this for gitlab runners that can be executed by untrusted users.
You can configure the gitlab-ci-runner to connect to a remote host using SSH. You configure this to use a user remotely that has sudo permissions, and perform the build using that user. The remote host can be the same machine that the gitlab runner is executing on, or it can be another host.
This build user account will still need to have sudo and passwordless permissions. Follow the instruction below, except replace gitlab-runner with the build user.
157
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
