Comments (8)
Laszlo,
Make sure you have edited your sudoers file as instructed in the
README.rst, especially the "NOPASSWD" part. If that doesn't help, tell us
exactly how you are running CodeJail that produces that error.
--Ned.
On Tue, Oct 1, 2013 at 10:58 AM, Jabba Laci [email protected]:
Hi,
I followed the installation instructions but I keep getting this error:
SafeExecException: Couldn't execute jailed code: sudo: no tty present and no askpass program specified
Do you have any idea?
Thanks,
Laszlo
—
Reply to this email directly or view it on GitHubhttps://github.com//issues/17
.
from codejail.
Hi Ned,
I tried it in dev. mode. My username is "jabba" and I have this directory structure:
jabba@jabba-VM-server ~/python/secure $ pwd
/home/jabba/python/secure
jabba@jabba-VM-server ~/python/secure $ ls -al
drwxrwxr-x 5 jabba jabba 4096 okt 1 18:00 .
drwx------ 4 jabba jabba 4096 okt 1 16:10 ..
drwxr-xr-x 3 jabba jabba 4096 okt 1 16:51 codejail
drwxrwxr-x 7 jabba jabba 4096 okt 1 16:26 venv
drwxr-xr-x 6 root root 4096 okt 1 18:00 venv-sandbox
(It's not clear to me why the sandbox env. must be created with "sudo".)
The sandbox user is created as explained in Step 3.
The /etc/sudoers.d/01-sandbox
file is created:
jabba ALL=(sandbox) SETENV:NOPASSWD:/home/jabba/python/secure/venv-sandbox/bin/python
jabba ALL=(ALL) NOPASSWD:/usr/bin/pkill
If I understand well, the 1st line means this: the user "jabba" can run the command .../python
as user "sandbox".
The AppArmor profile is created as seen in Step 5.
Now in /home/jabba/python/secure
I activate venv
and launch the command nosetests
. The result: FAILED (SKIP=1, errors=7, failures=23). The problem is this: sudo: unable to execute /home/jabba/python/secure/venv-sandbox/bin/python: Permission denied
I also tried to launch just .../venv-sandbox/bin/python
as the user "sandbox":
[venv] jabba@jabba-VM-server ~/python/secure $ ls -al
total 20
drwxrwxr-x 5 jabba jabba 4096 okt 1 18:00 .
drwx------ 4 jabba jabba 4096 okt 1 16:10 ..
drwxr-xr-x 3 jabba jabba 4096 okt 1 16:51 codejail
drwxrwxr-x 7 jabba jabba 4096 okt 1 16:26 venv
drwxr-xr-x 6 root root 4096 okt 1 18:00 venv-sandbox
[venv] jabba@jabba-VM-server ~/python/secure $ sudo -u sandbox /home/jabba/python/secure/venv-sandbox/bin/python
sudo: unable to execute /home/jabba/python/secure/venv-sandbox/bin/python: Permission denied
It seems there is a problem with the sudoers.d file but I can't figure out what exactly.
Thanks,
Laszlo
from codejail.
Hmm, I'm not sure what's causing your problem. I notice that your
venv-sandbox is owned by root. Mine is owned by "ned", though not sure why
that would matter.
Can you show your apparmor config file?
Next step after that would be to try loosening permissions, just as a
diagnostic to find out what is being prevented.
--Ned.
On Thu, Oct 3, 2013 at 1:08 PM, Jabba Laci [email protected] wrote:
Hi Ned,
I tried it in dev. mode. My username is "jabba" and I have this directory
structure:jabba@jabba-VM-server ~/python/secure $ pwd
/home/jabba/python/secure
jabba@jabba-VM-server ~/python/secure $ ls -al
drwxrwxr-x 5 jabba jabba 4096 okt 1 18:00 .
drwx------ 4 jabba jabba 4096 okt 1 16:10 ..
drwxr-xr-x 3 jabba jabba 4096 okt 1 16:51 codejail
drwxrwxr-x 7 jabba jabba 4096 okt 1 16:26 venv
drwxr-xr-x 6 root root 4096 okt 1 18:00 venv-sandbox(It's not clear to me why the sandbox env. must be created with "sudo".)
The sandbox user is created as explained in Step 3.
The /etc/sudoers.d/01-sandbox file is created:jabba ALL=(sandbox) SETENV:NOPASSWD:/home/jabba/python/secure/venv-sandbox/bin/python
jabba ALL=(ALL) NOPASSWD:/usr/bin/pkillIf I understand well, the 1st line means this: the user "jabba" can run
the command .../python as user "sandbox".The AppArmor profile is created as seen in Step 5.
Now in /home/jabba/python/secure I activate venv and launch the command
nosetests. The result: FAILED (SKIP=1, errors=7, failures=23). The
problem is this: sudo: unable to execute
/home/jabba/python/secure/venv-sandbox/bin/python: Permission deniedI also tried to launch just .../venv-sandbox/bin/python as the user
"sandbox":[venv] jabba@jabba-VM-server ~/python/secure $ ls -al
total 20
drwxrwxr-x 5 jabba jabba 4096 okt 1 18:00 .
drwx------ 4 jabba jabba 4096 okt 1 16:10 ..
drwxr-xr-x 3 jabba jabba 4096 okt 1 16:51 codejail
drwxrwxr-x 7 jabba jabba 4096 okt 1 16:26 venv
drwxr-xr-x 6 root root 4096 okt 1 18:00 venv-sandbox
[venv] jabba@jabba-VM-server ~/python/secure $ sudo -u sandbox /home/jabba/python/secure/venv-sandbox/bin/python
sudo: unable to execute /home/jabba/python/secure/venv-sandbox/bin/python: Permission deniedIt seems there is a problem with the sudoers.d file but I can't figure out
what exactly.Thanks,
Laszlo
—
Reply to this email directly or view it on GitHubhttps://github.com//issues/17#issuecomment-25639024
.
from codejail.
I'm getting this same error, but strangely when clicking on the "Check" button on this page:
http://localhost:8000/courses/edX/Open_DemoX/edx_demo_course/courseware/interactive_demonstrations/basic_questions/
It's not clear to me why the codejail would be invoked when I'm checking whether I've dragged-and-dropped the words into the appropriate buckets.
Staff debug info: Traceback (most recent call last): File "/edx/app/edxapp/edx-platform/common/lib/xmodule/xmodule/capa_base.py", line 984, in check_problem correct_map = self.lcp.grade_answers(answers) File "/edx/app/edxapp/edx-platform/common/lib/capa/capa/capa_problem.py", line 330, in grade_answers return self._grade_answers(answers) File "/edx/app/edxapp/edx-platform/common/lib/capa/capa/capa_problem.py", line 392, in _grade_answers results = responder.evaluate_answers(self.student_answers, oldcmap) File "/edx/app/edxapp/edx-platform/common/lib/capa/capa/responsetypes.py", line 247, in evaluate_answers new_cmap = self.get_score(student_answers) File "/edx/app/edxapp/edx-platform/common/lib/capa/capa/responsetypes.py", line 1589, in get_score self.execute_check_function(idset, submission) File "/edx/app/edxapp/edx-platform/common/lib/capa/capa/responsetypes.py", line 1617, in execute_check_function self._handle_exec_exception(err) File "/edx/app/edxapp/edx-platform/common/lib/capa/capa/responsetypes.py", line 1751, in _handle_exec_exception raise ResponseError(err.message, traceback_obj) ResponseError: ("Couldn't execute jailed code: sudo: no tty present and no askpass program specified\nSorry, try again.\nsudo: no tty present and no askpass program specified\nSorry, try again.\nsudo: no tty present and no askpass program specified\nSorry, try again.\nsudo: 3 incorrect password attempts\n", <traceback object at 0x7f19ac1a59e0>)
from codejail.
@natea the latest configuration scripts (johnnycake) weren't configured properly for codejail when running for development. You can fix the problem a few ways:
-
if you don't care to run under a strict codejail environment, you can remove the virtualenv used for sandboxed execution. This will tell the server to go ahead and execute the code directly instead of with CodeJail:
$ rm -rf /edx/app/edxapp/venvs/edxapp-sandbox
-
if you want to run with CodeJail, you can fix the sudoers file: /etc/sudoers.d/95-sandbox has four lines in it, and they should all start with the name of the user running the LMS. If it says "www-data", it will work for fullstack. To make it work for devstack, change those four lines to have "edxapp" instead.
from codejail.
I've running into a similar issue here #29 (comment)
venvs structure:
vagrant@precise64:/edx/app$ ls -la xserver/venvs/
total 16
drwxr-xr-x 4 xserver xserver 4096 Oct 9 20:43 .
drwxr-xr-x 4 xserver xserver 4096 Oct 6 20:22 ..
drwxr-xr-x 8 xserver xserver 4096 Oct 6 22:18 xserver
drwxr-xr-x 7 xserver xserver 4096 Oct 16 19:53 xserver-sandbox
/etc/sudoers.d/01-sandbox
vagrant@precise64:/edx/app$ sudo vi /etc/sudoers.d/01-sandbox
xserver ALL=(sandbox) SETENV:NOPASSWD:/edx/app/xserver/venvs/xserver-sandbox/bin/python
xserver ALL=(sandbox) SETENV:NOPASSWD:/usr/bin/find
xserver ALL=(ALL) NOPASSWD:/usr/bin/pkill
makeitso ALL=(sandbox) NOPASSWD:/usr/bin/python-sandbox
xserver sandbox virtual environment python seems to be working
(xserver)xserver@precise64:/edx/app/xserver/venvs$ sudo -u sandbox xserver-sandbox/bin/python
Python 2.7.3 (default, Feb 27 2014, 19:58:35)
[GCC 4.6.3] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>>
vagrant@precise64:/edx/app$ sudo -u sandbox xserver/venvs/xserver-sandbox/bin/python
Python 2.7.3 (default, Feb 27 2014, 19:58:35)
[GCC 4.6.3] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>>
from codejail.
@morenopc I don't understand: do you have a problem that needs fixing?
from codejail.
Yes @nedbat. Can you please take a look at #29. Thanks.
from codejail.
Related Issues (20)
- Proxy doesn't work, while executing jail_code there is no output displayed
- Figure out a plan for codejail PR tests HOT 3
- Problem loading the codejail settings in async tasks HOT 4
- Tests cannot be run on a PR from a fork HOT 2
- Remove `future` package usages HOT 3
- Facing issue while compiling
- Stop using global state to store configuration options
- Codejail cannot run without a user set
- Test codejail on Python 3.11 HOT 7
- Test codejail on Ubuntu 24.04
- apparmor_parser: Warning: unable to find a suitable fs in /proc/mounts, is it mounted? HOT 8
- No Output ! HOT 9
- Does unsafe code raise an exception? HOT 1
- Debian packaging support
- List in README software projects that are using CodeJail
- not_safe_exec should use a subprocess
- No exception raised when testing HOT 1
- Could not execute jailcode
- These octal literals are not Python3 compatible. HOT 1
- Is it possible to run CodeJail on MacOS?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from codejail.