Sudo: no tty present and no askpass program specified

simos · April 23, 2018, 7:24am

When launching a 16.04 container, I could sudo to root.

$ lxc launch ubuntu:x old
Creating old
Starting old
$ lxc exec old -- sudo --user ubuntu --login
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.

ubuntu@old:~$ sudo su -
mesg: ttyname failed: Success
root@old:~#

But when I try with LXD 3.0 and a container with 18.04, I cannot anymore.

$ lxc launch images:ubuntu/18.04 openvpn
Creating openvpn
Starting openvpn

$ lxc exec openvpn -- sudo --user ubuntu --login
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.

ubuntu@openvpn:~$ sudo su -
sudo: no tty present and no askpass program specified
ubuntu@openvpn:~$

How can this be dealt with?

stgraber · April 23, 2018, 7:57pm

@brauner this even happens on up to date Ubuntu 18.04 with the current kernel, any idea what’s going on here? Smells like our favorite kernel/glibc interaction but I thought you sorted that out.

containerperson · April 24, 2018, 9:10am

I am trying lxc-attach commands in lxc and getting this error. Was looking to find an answer on here but looks like you guys are coming up short too :(.

My initial command to run a python script within the container doesn’t need sudo however the script itself wants sudo for running openvpn. Maybe I will have to look into running openvpn as non sudo if there is no clear solution to this or just run as root.

How come you can sudo within the container normally but not via lxc-attach?

brauner · April 24, 2018, 2:30pm

Is it a kernel that has my devpts patches backported?

brauner · April 24, 2018, 2:39pm

What kernel version is this and what host distro?

dann1 · April 24, 2018, 3:00pm

try sudo with -S argument

stgraber · April 24, 2018, 3:03pm

As I mentioned earlier, I see it on current Ubuntu 18.04 with the latest kernel, so that should be the new libc with the kernel using your commits, unless they haven’t made it yet somehow.

brauner · April 24, 2018, 3:26pm

I saw but a uname -a would still be appreciated.

brauner · April 24, 2018, 3:37pm

Doesn’t work for me on either 16.04 or 18.04.

stgraber · April 24, 2018, 3:40pm

ubuntu@bionic:~$ logout
root@vm06:~# lxc launch images:ubuntu/18.04 openvpn
Creating openvpn
Starting openvpn                            
root@vm06:~# lxc exec openvpn -- sudo --user ubuntu --login
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.

ubuntu@openvpn:~$ sudo su -
sudo: no tty present and no askpass program specified
ubuntu@openvpn:~$ uname -a
Linux openvpn 4.15.0-19-generic #20-Ubuntu SMP Sun Apr 22 00:03:34 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
ubuntu@openvpn:~$

stgraber · April 24, 2018, 3:43pm

Ah, looks like it’s a difference between the cloud and non-cloud images somehow, though even the cloud image isn’t super happy about it

stgraber · April 24, 2018, 3:50pm

root@vm06:~# lxc launch ubuntu:16.04 cloud-16
Creating cloud-16
Starting cloud-16                           
root@vm06:~# lxc launch ubuntu-daily:18.04 cloud-18
Creating cloud-18
Starting cloud-18
root@vm06:~# lxc launch images:ubuntu/16.04 images-16
Creating images-16
Starting images-16
root@vm06:~# lxc launch images:ubuntu/18.04 images-18
Creating images-18
Starting images-18
root@vm06:~# lxc exec cloud-16 -- sudo -u ubuntu -i
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.

ubuntu@cloud-16:~$ sudo su -
mesg: ttyname failed: Success
root@cloud-16:~# logout
ubuntu@cloud-16:~$ logout
root@vm06:~# lxc exec cloud-18 -- sudo -u ubuntu -i
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.

ubuntu@cloud-18:~$ sudo su -
mesg: ttyname failed: No such device
root@cloud-18:~# logout
ubuntu@cloud-18:~$ logout
root@vm06:~# lxc exec images-16 -- sudo -u ubuntu -i
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.

ubuntu@images-16:~$ sudo su -
sudo: no tty present and no askpass program specified
ubuntu@images-16:~$ logout
root@vm06:~# lxc exec images-18 -- sudo -u ubuntu -i
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.

ubuntu@images-18:~$ sudo su -
sudo: no tty present and no askpass program specified
ubuntu@images-18:~$ logout

brauner · April 24, 2018, 3:58pm

Yeah, this is really weird. There doesn’t seem to be a difference in sudo though, is there?

stgraber · April 24, 2018, 5:15pm

To make the images: based containers behave the same, you can create /etc/sudoer.d/ubuntu containing:

ubuntu ALL=(ALL) NOPASSWD:ALL

iliv · October 24, 2018, 12:00pm

I have the same problem with a new user account in an ubuntu:18.04 container (LXD 3.0):

$ lxc exec c1 -- sudo --login --user joe
joe@c1:~$ sudo ls -la /root
sudo: no tty present and no askpass program specified
joe@c1:~$

The default ubuntu account can run sudo command without any problems. What is missing?

iliv · October 24, 2018, 12:05pm

This is a pretty much default unprivileged container.

vsuojanen · November 19, 2018, 9:21pm

The ubuntu sudo user seems to work for me in ubuntu:18.04 with LXD 3.7:

lxc exec ltsp-server -- sudo --user ubuntu --login
ubuntu@ltsp-server:~$ sudo su -
mesg: ttyname failed: No such device

I added new user account to sudo group but that has this same 18.04 problem

lxc exec ltsp-server -- sudo --user ltsp --login
ltsp@ltsp-server:~$ sudo su -
sudo: no tty present and no askpass program specified

You can try screen also as workaround

ltsp@ltsp-server:~$ screen su ltsp
[screen is terminating]