Any Update about the error:
child_process.js:651 Uncaught Error: Command failed: sudo --askpass /bin/sh -c open .
sudo: sorry, you must have a tty to run sudo
at checkExecSyncError (child_process.js:630)
at Object.execFileSync (child_process.js:648)
at Object.func [as execFileSync] (electron/js2c/asar.js:140)
at :2:4
Hey there,
Just to confirm, were you able to run the commands in the etcher developer tools console?
const cp = require('child_process');
cp.execFileSync('sudo', ['--askpass', '/bin/sh', '-c', 'open .'], {env: {SUDO_ASKPASS: '/Applications/balenaEtcher.app/Contents/Resources/app/lib/shared/catalina-sudo/sudo-askpass.osascript.js'}})
Hello again!
Upon further investigation, it looks like you are running into this issue because of the added security measures you mentioned. sudo now requires a tty to be able to run. maybe you can try changing the sudoers file with Defaults !requiretty (source: https://apassionatechie.wordpress.com/2018/02/14/sudo-sorry-you-must-have-a-tty-to-run-sudo/)
Let us know if this works
This is working. But because of compliance and CIS Benchmarks it is no useable option.
How can we set an exception for etcher in sudoers?
Hi,
you can override the default per-user:
Defaults:username !requiretty
or per-program:
Defaults!/path/to/etcher !requiretty
Please let us know whether this solves your problem.
Defaults requiretty
Defaults!/path/to/etcher !requiretty
This combination is not working. How can I set requiretty for all, but not for etcher?
Hi, could you please share the /etc/sudoers file you are using?
Note than in the pseudo-code /path/to/etcher should be replaced by the actual path to the etcher binary.
Defaults env_reset
Defaults env_reset,timestamp_timeout=0
Defaults tty_tickets
Defaults!/Applications/balenaEtcher.app/Contents/MacOS/balenaEtcher !requiretty
Defaults env_keep += “BLOCKSIZE”
Defaults env_keep += “COLORFGBG COLORTERM”
Defaults env_keep += “__CF_USER_TEXT_ENCODING”
Defaults env_keep += “CHARSET LANG LANGUAGE LC_ALL LC_COLLATE LC_CTYPE”
Defaults env_keep += “LC_MESSAGES LC_MONETARY LC_NUMERIC LC_TIME”
Defaults env_keep += “LINES COLUMNS”
Defaults env_keep += “LSCOLORS”
Defaults env_keep += “SSH_AUTH_SOCK”
Defaults env_keep += “TZ”
Defaults env_keep += “DISPLAY XAUTHORIZATION XAUTHORITY”
Defaults env_keep += “EDITOR VISUAL”
Defaults env_keep += “HOME MAIL”
Defaults lecture_file = “/etc/sudo_lecture”
…
But I would need this
Defaults env_reset
Defaults env_reset,timestamp_timeout=0
Defaults tty_tickets
Defaults requiretty
Defaults!/Applications/balenaEtcher.app/Contents/MacOS/balenaEtcher !requiretty
Defaults env_keep += “BLOCKSIZE”
Defaults env_keep += “COLORFGBG COLORTERM”
Defaults env_keep += “__CF_USER_TEXT_ENCODING”
Defaults env_keep += “CHARSET LANG LANGUAGE LC_ALL LC_COLLATE LC_CTYPE”
Defaults env_keep += “LC_MESSAGES LC_MONETARY LC_NUMERIC LC_TIME”
Defaults env_keep += “LINES COLUMNS”
Defaults env_keep += “LSCOLORS”
Defaults env_keep += “SSH_AUTH_SOCK”
Defaults env_keep += “TZ”
Defaults env_keep += “DISPLAY XAUTHORIZATION XAUTHORITY”
Defaults env_keep += “EDITOR VISUAL”
Defaults env_keep += “HOME MAIL”
Defaults lecture_file = “/etc/sudo_lecture”
The command is run through sh: https://github.com/balena-io/etcher/blob/master/lib/shared/catalina-sudo/sudo.ts#L34 , try disabling requiretty for /bin/sh.
I’m trying to create a TAILS external hd for my 2020 MacBook Pro, running Catalina 10.15.6. Can someone give me instructions on how to do it, using Etcher? Documentation seem to be pre-APFS.
@bill.mccrosky I see they have some instructions on https://tails.boum.org/install/mac/usb-overview/index.en.html but they look a bit outdated so I’m not too sure. Have you tried following them and/or looking for a more up-to-date guide?
Besides that, it’s better to open a new thread on the forums since it’s a different issue.
Yes I’ve followed those directions. I’ll start a new thread.