Execute commands with sudo

Hi, I have a GitHub action set on self hosted Ubuntu VPS on Linode.
I ran sudo ./svc.sh install and then ./svc.sh start. The runner is up and working but I have a command in my yaml file that needs to run as sudo. I have this command in sudoers file to run without sudo
%sudo ALL= NOPASSWD: /bin/systemctl restart twentydb.service
But still when I push on the server the following error occurs.
sudo: a terminal is required to read the password; either use the -S option to read from standard input or configure an askpass helper

  • name: restart the service
    run: |
    sudo systemctl restart twentydb

Please help, thanks. I also need to setup 2 more runners on the same server and same setup.

The command in your workflow file is not the same as the one in your sudoers file, sudo doesn’t know they are functionally equivalent. Use twentydb.service in the workflow, too.

Also, is the user your runner runs as in the sudo group? If not, that entry won’t apply to it. However I’d suggest using a separate entry for the user rather than adding the runner to the sudo group.

Yes, thanks for pointing that out, everything works as expected now, is it permissible to run two more runners in the same account and VPS? Also

However, I’d suggest using a separate entry for the user rather than adding the runner to the sudo group.

I didn’t get that advice, could you please elaborate a little?

It’s a security rule to give each process as little rights as possible, to minimize the damage in case of compromise or bugs. On most systems adding the runner to the sudo group will also give it general sudo rights (with password), and the rule above will give any other user in the group the right to restart the twentydb service without giving a password. This is not the most critical example for that rule (though that depends on the setup of your VPS), but it’s still a good idea to follow it. :slightly_smiling_face:

Regarding the questions about runner details I hope someone with experience on that matter can chip in.