[RESOLVED] Permissions for knife bootstrap

I want to bootstrap new node but get permission error. I feel like there is some tupo but I can’t get where.
my_user has sudo privileges.

ssh my_user@ubuntu16.lab
my_user@ubuntu16.lab’s password:
my_user@ubuntu16:~$ cat /etc/group | grep sudo

knife bootstrap ubuntu16.lab -x my_user -P --sudo --use-sudo-password
Doing old-style registration with the validation key at /home/pzab/chef/.chef/chef-validator.pem…
Delete your validation key in order to use your user credentials instead

Connecting to ubuntu16.lab
my_user@ubuntu16.lab’s password:
ubuntu16.lab -----> Installing Chef Omnibus (-v 12)
ubuntu16.lab downloading https://omnitruck-direct.chef.io/chef/install.sh
ubuntu16.lab to file /tmp/install.sh.19685/install.sh
ubuntu16.lab trying wget…
ubuntu16.lab ubuntu 16.04 x86_64
ubuntu16.lab Getting information for chef stable 12 for ubuntu…
ubuntu16.lab downloading https://omnitruck-direct.chef.io/stable/chef/metadata?v=12&p=ubuntu&pv=16.04&m=x86_64
ubuntu16.lab to file /tmp/install.sh.19690/metadata.txt
ubuntu16.lab trying wget…
ubuntu16.lab sha1 a8c749bfde759692abdd98ae1b841ad089fe5461
ubuntu16.lab sha256 4fdabf0ae37c999795bef5e97133c1b78182129edec28c17ccf9ca6661dcc754
ubuntu16.lab url https://packages.chef.io/files/stable/chef/12.18.31/ubuntu/16.04/chef_12.18.31-1_amd64.deb
ubuntu16.lab version 12.18.31
ubuntu16.lab downloaded metadata file looks valid…
ubuntu16.lab downloading https://packages.chef.io/files/stable/chef/12.18.31/ubuntu/16.04/chef_12.18.31-1_amd64.deb
ubuntu16.lab to file /tmp/install.sh.19690/chef_12.18.31-1_amd64.deb
ubuntu16.lab trying wget…
ubuntu16.lab Comparing checksum with sha256sum…
ubuntu16.lab Installing chef 12
ubuntu16.lab installing with dpkg…
ubuntu16.lab dpkg: error: requested operation requires superuser privilege
ubuntu16.lab Installation failed
ubuntu16.lab Version: 12

The knife bootstrap command looks a little wrong. Have you tried the following?

# Remove the '--node-ssl-verify-mode none' if you have got SSL working properly
knife bootstrap NodeName -x MyUser -P 'MyPass' -N RegisteredNodeName --sudo  --node-ssl-verify-mode none

Also, if you are using the --use-sudo-password - It might be prudent to have a read of the chef documentation for knife bootstrap as it seems that you still need to provide some data to the -P switch? Here is the knife bootstrap man page from chef.

1 Like

This helped, thanks. Before it wasn’t mandatory.

Great to hear - Have a good day.