>>>>> On 2005-07-28 12:53 PDT, Graham Williams writes:
Graham> After some testing, a problem with the proposed
Graham> solution is that a user may have sudo set up with the
Graham> NOPASSWD option for certain commands. "sudo -v"
Graham> requires the password unconditionally, thus not
Graham> matching the user's configuration.
Good point. Also affects users that cannot run all commands but
only certain commands. I thought about it for a while, and the
only solution I see that preserves NOPASSWD usage is to break the
pipeline up into separate commands, e.g. sudo command1 > tmpfile
&& sudo command2 < tmpfile. (That has the minor advantage that
you can additionally check exit codes in each pipeline component.)
Graham> So I think I need to go back to the specific example
Graham> where the previous behaviour of wajig has a
Graham> problem. could you give me an example of using wajig
Graham> where it has a problem with the previous behaviour.
These functions use root=1 with pipeline: do_hold, do_listnames,
do_unhold, do_update.
--
Karl 2005-07-29 16:14
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
