Received Sat 30 Jul 2005 9:45am +1000 from Karl Chen: > >>>>> On 2005-07-28 12:53 PDT, Graham Williams writes: > > Graham> After some testing, a problem with the proposed > Graham> solution is that a user may have sudo set up with the > Graham> NOPASSWD option for certain commands. "sudo -v" > Graham> requires the password unconditionally, thus not > Graham> matching the user's configuration. > > Good point. Also affects users that cannot run all commands but > only certain commands. I thought about it for a while, and the > only solution I see that preserves NOPASSWD usage is to break the > pipeline up into separate commands, e.g. sudo command1 > tmpfile > && sudo command2 < tmpfile. (That has the minor advantage that > you can additionally check exit codes in each pipeline component.)
Thanks Karl. I'll have another think about this. Perhaps the tmpfiles is a solution. > Graham> So I think I need to go back to the specific example > Graham> where the previous behaviour of wajig has a > Graham> problem. could you give me an example of using wajig > Graham> where it has a problem with the previous behaviour. > > These functions use root=1 with pipeline: do_hold, do_listnames, > do_unhold, do_update. Thanks. But I was more wondering how the problem manifests itself. What happened that caused you to submit a bug report? I don't think I've ever noticed a problem with these pipes. Regards, Graham -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
