>>>>> On 2005-07-27 02:56 PDT, Graham Williams writes:
>> For some wajig commands, wajig executes "sudo command1 |
>> sudo command 2...", which is impossible to authenticate
>> properly. Doing a "sudo -v" before any pipeline solves it.
Graham> Thanks for the bug report Karl. Yes, this seems like
Graham> it could be a problem. I've had a look for places
Graham> where I might be doing such a pipe. Do you have any
Graham> examples where this arises?
Well, there are a couple solutions. The following patch does a
`sudo -v' before every command requiring sudo, even if there is no
pipeline. But you could check for pipeline first if you wish.
The additional advantage of doing it even without pipeline is that
if sudo authentication fails, currently wajig confuses it with a
failure in the invocation of the command.
--- perform.py.orig 2005-07-27 14:02:25.000000000 -0700
+++ perform.py 2005-07-27 14:08:42.000000000 -0700
@@ -118,8 +118,16 @@
print command
if root > 0:
if setroot == "/usr/bin/sudo":
+ # Verify sudo authentication -- this forces the timestamp, which
+ # is necessary if the command contains a pipeline, and also
+ # avoids mixing up sudo password failures and other failures.
+ #if command.find("|") != -1:
+ if 0 != os.system(setroot + " -v"):
+ raise SystemExit("wajig: sudo authentication failed.")
# If the command contains a pipe, and requires root,
# each part must be sudo.
+ # TODO: That's not always true! Sometimes root is not needed,
+ # e.g. wajig hold does: echo package hold | dpkg --set-selections
command = setroot + " " + command.replace("|", "| %s " % setroot)
else:
if quiet == "" and user != "root":
--
Karl 2005-07-27 13:58
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
