0

I am trying to access the docker image labels from Python as follows

hostname = socket.gethostname()
cmd = "sudo curl --unix-socket /var/run/docker.sock http:/containers/" + hostname + "/json"
output = os.popen(cmd).read()

But, the thing is I am getting the following error:

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.

sudo: no tty present and no askpass program specified

It's one of the fancy messages by Unix from some other posts I read from StackOverflow.

I am following the below link

https://stackoverflow.com/questions/37439887/how-to-access-the-metadata-of-a-docker-container-from-a-script-running-inside-th

Only thing is I want to run these things from Python not from the Terminal. Also, FYI, I get the response when I run the same command from the terminal.

I tried appending the following piece in Dockerfile

RUN echo "root ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers

Thanks

Improve this question
4
  • 1
    Why would you want to do this? I mean, why would you run curl as sudo? There's no point in doing that unless you need to write the output to a directory only root has access to. If that is the case, why aren't you running the script as sudo?
    – terdon
    Commented Jan 29, 2019 at 19:40
  • I think you are mixing the concepts of host and Docker container.
    – Rui F Ribeiro
    Commented Jan 29, 2019 at 19:44
  • Or change the permissions on the directory. Also note you sudo snip-it gives root permission to run sudo (Why: root already can do anything).
    – ctrl-alt-delor
    Commented Jan 29, 2019 at 20:36
  • What OS are you doing this on?
    – ctrl-alt-delor
    Commented Jan 29, 2019 at 20:36

1 Answer 1

Reset to default
0

sudo configuration by default has requiretty set so that password authentication is known as reliably as possible to be presented to an actual meatbag rather than to standard input. This is checked even if NOPASSWD is set for a specific sudoers entry.

First, I would suggest you look long and hard at why you need to sudo curl in the first place. This is highly ill-advised as a general rule -- you don't need to be 'root' to run curl to pull something from a remote host. Run curl as a non-priveleged user and if you need superuser access to do something with whatever you've fetched, do that separately.

All that said, you can either disable requretty for the specific sudoers entry or for the entire configuration, and a TTY will no longer be required.

Improve this answer
1
  • I think from the comments and discussion I got my answer. I was confused between Operation not permitted and Permission denied. For resolving and getting rid of both of these I was thinking that sudo is the solution. But, for permission denied we have to change the permissions preferably using chown and later execute whatever we want. @ctrl-alt-delor, I am doing this on CentOS and the host OS is Mac OS. And yes, we should not use sudo to run curl on our system, because there is no need.
    – jaruto
    Commented Jan 29, 2019 at 23:07

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.