Run rsync with --rsync-path="rsync sudo" flag

[patcon]

knife-solo might be used first as the root user, and then as a another user after the first run creates it and locks down root login.

Can use --rsync-path to allow rsync to delete the files in the cache path as needed.

See: http://crashingdaily.wordpress.com/2007/06/29/rsync-and-sudo-over-ssh/

[matschaffer]

I think this will break CentOS (maybe RHEL too). Those systems don't typically come with sudo installed. You can use https://github.com/myplanetdigital/knife-solo/blob/2ef57cf738edce0031a55261831cc6acbf32f43e/lib/knife-solo/ssh_command.rb#L165 to check that, but what happens if the user needs a password to sudo? We compensate for that in https://github.com/myplanetdigital/knife-solo/blob/2ef57cf738edce0031a55261831cc6acbf32f43e/lib/knife-solo/ssh_command.rb#L172 and https://github.com/myplanetdigital/knife-solo/blob/2ef57cf738edce0031a55261831cc6acbf32f43e/lib/knife-solo/ssh_command.rb#L214, but I'm not sure it would work in this case.

[matschaffer]

Small correction, the minimal builds of CentOS and RHEL don't have sudo. A regular install does but often the cloud images are a "no package" install which skips sudo.

[patcon]

Ah... gotcha. Could we ensure sudo is installed during the bootstraps to run during knife prepare?
https://github.com/myplanetdigital/knife-solo/tree/master/lib/knife-solo/bootstraps

And as for password, perhaps we could add a --sudo flag back into the options? (I think it was there originally..?)

[matschaffer]

I sorta liked sudo being a detected thing. If you have to specify it it gets us that much closer to just being knife bootstrap.

My plan to get cookbooks transfered as sudo was to "prime" it using the method described at http://linuxexchange.org/questions/411/rsync-backups-using-sudo-instead-of-root (see #1 for some more info)

[patcon]

Hm. Ok... was trying to wrap my mind around run_command(), but I'm actually installing sudo cookbook as part of my project on any platform I boot, so I think I'll probably just maintain a fork for now. Thanks for the direction though!

[tmatilai]

I would like knife-solo UI being as close to the knife bootstrap to make the integration easier. If we have a better solution for detecting the need of sudo, we should try to get it in knife bootstrap, too.

[matschaffer]

If it helps, my intent for "prepare" was to make a command that would discover system params and try to do the right thing for the 80% case. Using knife bootstrap to cover the other 20% is pretty easy as is mentioned in the Readme.

I've often wondered if a "discover" command that could then power knife bootstrap was a good idea, but I tend to get tripped up on how to get info between the two parts and how to transfer the cookbooks et al.

[matschaffer]

@patcon following the above comment would a bootstrap template like in the Readme be easier for you than a fork?

[matschaffer]

Hey @patcon, in the course or working on #1 I found out that this would either require passwordless sudo or tty_tickets to be set up which I didn't feel right depending on. So instead I did #145.

Separating the file cache path from the sudo path should avoid the sudo/non-sudo build issues that people have been seeing. Let me know if this isn't the case.

[patcon]

Awesome. I'll follow that sucker. Thanks!