Replies: 16 comments 3 replies
-
We're having a similar issue when trying to run herd from a non-sudoers account. Our organisation has a requirement where day-to-day activities (i.e. web, email) must be carried out on a non-admin account. Developers can have an admin account, but must use it sparingly and not use it by default. Installing from a non-admin account was promising: prompted for an admin username and password. When it came to running the services, the same problem occurred as above happened when trying to start the services; only affecting nginx and dnsmasq. Ideally, we'd like to be prompted for a sudo username and password when starting the services (if sudo is required). |
Beta Was this translation helpful? Give feedback.
-
Same problem nginx won't start logged into my standard account. Works when logged in as admin. |
Beta Was this translation helpful? Give feedback.
-
The same thing is happening to me, if the account is not an admin account you get that error in the logs |
Beta Was this translation helpful? Give feedback.
-
Beta Was this translation helpful? Give feedback.
-
Herd cheaters a sudoers file in /etc/sudoers.d/herd We usually target the "admin" group which by default every Mac user belongs to. |
Beta Was this translation helpful? Give feedback.
-
For security reasons, I decided to use a separate admin account with That's why I'm thinking about how cool it would be if Herd would ask for additional permissions via the admin login window when a user doesn't have enough permissions. Many users like me would be delighted with such a function. |
Beta Was this translation helpful? Give feedback.
-
I am in a similar boat as some of the others here. I am on a locked down corporate laptop. I do have sudo access, but any sudo interactions have to be prompted, but I don't get a change to provide one in herd. I am not able to start Nginx, DNSMasq or FPM. |
Beta Was this translation helpful? Give feedback.
-
Same issue here :/ |
Beta Was this translation helpful? Give feedback.
-
Any updates here? |
Beta Was this translation helpful? Give feedback.
-
We've identified the problem and have a rough idea for a solution but don't know when this will be implemented |
Beta Was this translation helpful? Give feedback.
-
Great that you've managed to identify it. Are you able to share details so that we may look for a potential workaround? Separation of privileged and non-privileged accounts is a pain for us to manage as an organisation. If this could be addressed, we'd have no hesitation in purchasing Herd Pro for all of our developers. |
Beta Was this translation helpful? Give feedback.
-
I don't think there's a workaround. I assume in your setup, the sudoers file exists, but it got written for a different user. We basically allow the herd commands for everyone in the %admin group, which your user is not a part of. |
Beta Was this translation helpful? Give feedback.
-
I have made this a feature request as it's not a bug. The plan is to promt for every interaction that needs admin permissions if the use of the sudoers file fails. |
Beta Was this translation helpful? Give feedback.
-
Rather than using the sudoers configuration, this can be achieved with a Privileged Helper Tool to allow an app to launch services with root permissions using secure XPC calls. For reference, Mist is an open-source Swift App that implements a Privileged Helper Tool using Blessed and SecureXPC to support the Privileged Helper Tool. I hope this is useful - I also work in an organisation where admin/sudo access is gated behind an escalation tool. After uninstalling my Laravel brew/valet environment, I discovered that Herd doesn't work even after escalating my account (due to our escalation tool editing the sudoers file). 😭 |
Beta Was this translation helpful? Give feedback.
-
There's been a bit of a buzz around here, so I'd like to ask if you're already working on a solution and if you have a specific implementation date? |
Beta Was this translation helpful? Give feedback.
-
I'm using Herd on a mac which is under my full controll. None the less I got an error for nginx and dnsmasq all the time. |
Beta Was this translation helpful? Give feedback.
-
Operating system version
macOS Sonoma 14.0
System architecture
ARM64 (M1, M2, etc)
Herd Version
1.3.1
PHP Version
PHP 8.2
Bug description
I have installed herd.
FPM 8.2 runs.
But nginx and dnsmasq wont start.
Logfile says for both: "sudo: a terminal is required to read the password; either use the -S option to read form standard input or configure an askpass helper"
What can i do to start the complete environment?
Steps to reproduce
No response
Relevant log output
No response
Beta Was this translation helpful? Give feedback.
All reactions