On Wed, Feb 14, 2007 at 05:20:37AM +0100, Alain Kalker wrote:
> Package: menu
> Version: 2.1.33
> Severity: important
>
> On systems installed such that root cannot login (users have to use
> sudo), menu entries that use su-to-root to start non-X11 programs
> cannot work, because su-to-root tries to use su instead of sudo.
Hello,
As promised, I am working on a new su-to-root script (in attachement)
that support SU_TO_ROOT_SU=sudo
You need to set SU_TO_ROOT_SU=sudo in your .su-to-rootrc.
Please test it on your system, especially in graphic mode.
One possible issue is environment variables that might be clobbered
by sudo (for su, I use su -p to avoid the problem) but I think
it ca be fixed in /etc/sudoers.
Cheers,
--
Bill. <[EMAIL PROTECTED]>
Imagine a large red swirl here.
#!/bin/bash
if test -r ~/.su-to-rootrc; then
. ~/.su-to-rootrc
fi
PRIV=root
COMMAND=
NEEDS=text
gettext=$(which gettext 2>/dev/null)
transl() {
txt="$1";
shift;
if [ -n "$gettext" ]; then
txt="$(gettext su-to-root "$txt")";
fi
printf "$txt" "$@"
}
eshell() {
getent passwd $1 | cut -f7 -d:
}
usage () {
transl 'usage: %s [-X] [-p <user>] -c <command>
-c command: command to execute as a string (mandatory)
-p <user>: user to switch to (default: root)
-X: command is a X11 program\n' $0 >&2
exit 1
}
for i in "$@"; do
case "$prev" in
-p)
PRIV="$i";;
-c)
COMMAND="$i";;
-X)
NEEDS="X11";;
esac
prev="$i"
done
if [ -z "$COMMAND" ] ; then
usage;
fi
euid=$(id -u)
privid=$(id -u $PRIV)
if test "$euid" = "$privid"; then
$COMMAND
else
case $NEEDS in
text)
if test "$euid" != 0; then
transl "About to execute %s.\n" $COMMAND
transl "This command needs %s privileges to be executed.\n" $PRIV
fi
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/bin/X11:/usr/local/sbin:/usr/local/bin
SHELL=`eshell $PRIV`
case $SU_TO_ROOT_SU in
sux) suname=sux; cmd='sux -p "$PRIV" "$COMMAND"';;
sudo) suname=sudo;cmd='sudo -u "$PRIV" "$COMMAND"';;
*) suname=su; cmd='su -p "$PRIV" -c "$COMMAND"';;
esac
transl 'Using %s...\n' $suname
transl 'Enter %s passwd:\n' $PRIV
yesexpr=$(locale yesexpr)
while ! eval $cmd; do
transl 'Incorrect password or command failed. Try again? (y/N)'
read ans
if echo "$ans" | perl -e "<> =~ /$yesexpr/ and exit(1);"; then
exit 1
fi
done;;
X11)
if test -z "$SU_TO_ROOT_X"; then
if which gksu >/dev/null 2>&1 ; then
if test "X$KDE_FULL_SESSION" = "Xtrue" \
&& which kdesu >/dev/null 2>&1 ; then
SU_TO_ROOT_X=kdesu
else
SU_TO_ROOT_X=gksu
fi;
elif which kdesu >/dev/null 2>&1 ; then
SU_TO_ROOT_X=kdesu
elif which sux >/dev/null 2>&1 ; then
SU_TO_ROOT_X=sux
else
SU_TO_ROOT_X=su-to-root
fi
fi
case $SU_TO_ROOT_X in
gksu) gksu -u "$PRIV" "$COMMAND";;
kdesu) kdesu -u "$PRIV" "$COMMAND";;
sux) env SU_TO_ROOT_SU=sux \
x-terminal-emulator -e su-to-root -p "$PRIV" -c "$COMMAND";;
# As a last resort, open a new x-terminal-emulator and prompt for the password
# Do not use -X here!
*) x-terminal-emulator -e su-to-root -p "$PRIV" -c "$COMMAND";;
esac;;
esac
fi
