4

As per this answer, I tried to edit, say, /etc/resolv.conf as a super user on my vagrant box by using the following command:

C-x C-f /vagrant@127.0.0.1#2200|sudo:127.0.0.1#2200:/etc/resolv.conf

But it just opened a file on my local machine, reporting /vagrant@127.0.0.1#2200|sudo:127.0.0.1#2200:/etc/ as my PWD and telling me to use some M-x command to create the directory, since it didn't exist.

Meaning it didn't connect to my vagrant box. But when I type

C-x C-f /vagrant@127.0.0.1#2200:/etc/resolv.conf

It opens the file just fine in a read-only buffer (not using sudo) on my vagrant box.

How does one open a remote file on a vagrant box (note the NAT connection which vagrant uses by default above) with sudo access using Emacs 24.3? (I'm on Fedora 20.)

Community
  • 1
  • 1
djhaskin987
  • 9,741
  • 4
  • 50
  • 86
  • 1
    What's your value for `tramp-default-method`? Try specifying `ssh` explicitly as follows: `/ssh:vagrant@localhost#2222|sudo:localhost#2222:/etc/resolv.conf` – Carl Groner Nov 19 '14 at 22:58

2 Answers2

4

The #port syntax is only supported for SSH-based connection types, so it's confusing the sudo hop. You could try something like

/ssh:127.0.0.1#2222|sudo:127.0.0.1:/etc/resolv.conf

but this has the same problem outlined in the answer you linked: the HOST for the dynamic proxy entry will now be 127.0.0.1, which is your local system, which prevents /sudo:: from working locally.

You can avoid this by giving your Vagrant machine a name.

This is almost trivial if you add an entry to ~/.ssh/config, e.g.

Host vagrant
HostName 127.0.0.1
User vagrant
Port 2222
UserKnownHostsFile /dev/null
StrictHostKeyChecking no
PasswordAuthentication no
IdentityFile /home/chris/.vagrant.d/insecure_private_key
IdentitiesOnly yes
LogLevel FATAL
ForwardAgent yes
ForwardX11 yes

and then use C-x C-f /ssh:vagrant|sudo:vagrant:/etc/resolv.conf. This has the added benefit of being much shorter to type.

The configuration block came from vagrant ssh-config.

Community
  • 1
  • 1
ChrisGPT was on strike
  • 127,765
  • 105
  • 273
  • 257
  • Great tip. Fixing the port in ssh config can be a problem if you have a lot of Vagrant VMs that change their listening port around to avoid conflicting. – cms Nov 20 '14 at 14:39
  • @cms, true. I only ever have a single Vagrant instance running, so this isn't a problem for me. Unfortunately, the way TRAMP's dynamic proxies work makes doing this all dynamically very difficult... I haven't been able to get `localhost#2222` working in the `sudo` step as you suggested (using TRAMP 2.2.11-pre on an Emacs trunk build). – ChrisGPT was on strike Nov 20 '14 at 15:00
  • 1
    I can edit sudo buffers using #port on both hops, as per my edited answer without breaking /sudo::/ for localhost sudo edits, fwiw. – cms Nov 20 '14 at 15:01
0

Works for me ok if I use something like 

/ssh:vagrant@localhost#2222|sudo:root@localhost#2222:/etc/hosts

as the path. I think the only difference to your recipe is the ssh: method explicitly included as suggested by @Carl Groner in the comment

Updated I previously suggested leaving the hostname for the sudo part empty, but it turns out that this is rather a bad idea, as pointed out by @Chris in the comments. I also agree with his point that #port is really only intended to work with ssh method tramp paths, and this is probably better avoided.

I think the best way to do this is to either use his clever suggestion to set up an ssh alias for the vagrant machine in .ssh/config , or alternatively - add your authorized ssh public key to the root account for vagrant machine - and use a single hop to edit as root e.g. 

/ssh:root@192.168.100.10:/etc/hosts

avoiding the multi complexity entirely.

This is how I manage my vagrant edits. I configure my vagrant machines to have a private network address with config.vm.network "private_network" , ip: 192.168.100.10, and for non-ephemeral machines like development vms, I add this IP to my hosts file. ( you could also add an ssh alias for this host address into .ssh/config, as per below). I then put my own ssh pubkey into ~root/.ssh/authorized_keys , either manually or using provisioning.

Obviously this involves more vagrant configuration, but keeps the complexity away from tramp, because I'm on standard port 22 and using basic ssh: method paths.

Community
  • 1
  • 1
cms
  • 5,864
  • 2
  • 28
  • 31
  • 2
    As mentioned in [the answer the OP linked](http://stackoverflow.com/questions/2177687/open-file-via-ssh-and-sudo-with-emacs/16408592#16408592), it is important to specify the host on that second hop. IMO the biggest problem is that "any subsequent attempt to use `sudo::` on your localhost will instead be proxied to the remote server". Read the "Always specify the remote hostname explicitly" section in that answer for more details. – ChrisGPT was on strike Nov 20 '14 at 14:21
  • Also, thanks for the hosts file tip, but the whole reason I use vagrant is so that I can tear down machines and make new ones all the time :P – djhaskin987 Nov 20 '14 at 17:34
  • 1
    @djhaskin987 sure - me too! the hosts file only needs to point at IP addresses though, so if you assign a set of known IPs you use for different classes of machine, it's workable. Or just use the IP – cms Nov 20 '14 at 19:15