richard richard - 1 month ago 13
Linux Question

ElasticBeanstalk - Adding ec2-user to another group

I have a cron job that needs to be run under

ec2-user
on my EC2 instance and it needs to be able to write to the standard log files for my web app. However, the log files are owned by
webapp
(as per normal).

I've successfully changed the permissions on the log files so that they are accessible by both the owner and the group
webapp:webapp
. But where I'm running into trouble is when I try to add the
ec2-user
to the
webapp
group.

I can do it fine in SSH with
sudo usermod -a -G webapp ec2-user
but when I try to add this command via EB container-commands, I get an error saying that
you must have a tty to run sudo
. Running the command without sudo gives me
/bin/sh: usermod: command not found
.

Anybody know of any other way to be able to add
ec2-user
to the
webapp
group via the Elastic Beanstalk deployment config.

Answer

You need to run this command from a container_command before executing any commands with sudo:

echo Defaults:root \!requiretty >> /etc/sudoers

In context (in .ebextensions/yourconf.config)

container_commands:
  001-enableroot:
    command: echo Defaults:root \!requiretty >> /etc/sudoers #disables error related to needing a tty for sudo, allows running without cli