Geek Answers Handbook

SUDO SU can't anymore, "no tty present and no missed program"

I have a root server on which I disabled login via the root user and created another user who is in the sudoer list. Therefore, when I want to work on a server, I:

ssh myusername@IP _ADDRESS

On server:

 sudo su

enter my password to get root privileges. This worked perfectly for 6 months. Today I get this message when running sudo su:

 sudo: no tty present and no askpass program specified

What hacking is happening? What does this error mean and why am I getting it? Without root privileges, I cannot do so much on the server. Any idea how to fix this?

+7
linux ssh sudo
source share
3 answers

sudo tries to open /dev/tty for read-write and prints this error if it fails. You indicated in the comments that / dev / tty is missing from your system.

Sudo has the -S option to read the password from standard input instead of / dev / tty. You can run sudo -S to become root.

Regarding the recovery of / dev / tty, it is possible that a server reboot will be enough; the system can recreate all devices in / dev at boot time. In addition, you use the mknod command to create the device, but you need to know the correct primary and minor numbers for the tty device. On an Ubuntu system, I have access, I see these entries in / dev:

 crw------- 1 root root 5, 1 Apr 16 18:36 console crw-rw-rw- 1 root tty 5, 2 Sep 24 15:35 ptmx crw-rw-rw- 1 root tty 5, 0 Sep 24 14:25 tty

In this case, the main number is 5, and the youngest is 0./dev/console and / dev / ptmx have the same main number. So I checked / dev / console or / dev / ptmx to find the correct main number, then run:

 mknod /dev/tty c major 0

where "major" is the correct base number.

After reconstructing / dev / tty, make sure the permissions are correct:

 chmod 666 /dev/tty
+17
source share

It fails because sudo tries to ask for the root password and no pseudo-tty is allocated.

You must either log in as root or configure the following rules in /etc/sudoers (or: sudo visudo ):

 # Members of the admin group may gain root privileges. %admin ALL=(ALL) NOPASSWD:ALL

Then make sure your user belongs to the admin (or wheel ) group.

Ideally (safer) it would be possible to restrict root privileges only to specific commands, which can be specified as %admin ALL=(ALL) NOPASSWD:/path/to/program

+6
source share

One thing to check is whether the OS thinks the various processes “have tty”. If you still have problems, you should probably do this both in the shell in which you run ssh and in the shell in which you run sudo. An easy way to check is the "tty" command - if it returns "not tty", this shell does not have a "controlling tty" and cannot open / dev / tty even if it exists on the file system.

Various circumstances can lead to the shell not starting using the tty control command, and some of them do not provide any visible warnings. For example, I recently encountered a problem in High Sierra with Emacs shell windows ( I can’t open pty under Mac OS High Sierra ) - High Sierra uses a different mechanism for distributing pty than before Mac OS X releases, so if your code is not reconfigured for him, he will not be able to allocate pty.

0
source share

More articles:


All Articles