We use cookies to ensure you get the best experience on our website
Home Verkennen Help
Registreren Inloggen
0ct0pu5
/
ladybird
1
0
Vork 0
Bestanden Issues 0 Pull-aanvragen 0 Wiki
Bladeren bron

Meta: Don't depend on sudo for privileged operations

We previously depended on sudo's specific -E flag to keep all the
environment variables when performing a privilege escalation. We now
incorporate the -E flag into the $SUDO variable, allowing for other
privilege escalation binaries (such as doas) to be used (as long as
they preserve the current environment variables).
Baitinq 2 jaren geleden
bovenliggende
7a51e846b2
commit
88c9e4f3b0
6 gewijzigde bestanden met toevoegingen van 10 en 7 verwijderingen
Zij-aan-zij weergave Toon Diff Stats
  1. 5 2
      Meta/.shell_include.sh
  2. 1 1
      Meta/build-image-extlinux.sh
  3. 1 1
      Meta/build-image-grub.sh
  4. 1 1
      Meta/build-image-limine.sh
  5. 1 1
      Meta/build-image-qemu.sh
  6. 1 1
      Meta/build-native-partition.sh

+ 5 - 2
Meta/.shell_include.sh
Bestand weergeven 

@@ -3,10 +3,13 @@
 
 # SC2034: "Variable appears unused. Verify it or export it."
 
 #         Those are intentional here, as the file is meant to be included elsewhere.
 
 
-SUDO="sudo"
 
+# NOTE: If using another privilege escalation binary make sure it is configured or has the appropiate flag
 
+#       to keep the current environment variables in the launched process (in sudo's case this is achieved
 
+#       through the -E flag described in sudo(8).
 
+SUDO="sudo -E"
 
 
 if [ "$(uname -s)" = "SerenityOS" ]; then
 
-    SUDO="pls"
 
+    SUDO="pls -E"
 
 fi
 
 
 die() {

+ 1 - 1
Meta/build-image-extlinux.sh
Bestand weergeven 

@@ -8,7 +8,7 @@ script_path=$(cd -P -- "$(dirname -- "$0")" && pwd -P)
 
 
 if [ "$(id -u)" != 0 ]; then
 
     set +e
 
-    ${SUDO} -E -- sh -c "\"$0\" $* || exit 42"
 
+    ${SUDO} -- sh -c "\"$0\" $* || exit 42"
 
     case $? in
 
         1)
 
             die "this script needs to run as root"

+ 1 - 1
Meta/build-image-grub.sh
Bestand weergeven 

@@ -8,7 +8,7 @@ script_path=$(cd -P -- "$(dirname -- "$0")" && pwd -P)
 
 
 if [ "$(id -u)" != 0 ]; then
 
     set +e
 
-    ${SUDO} -E -- sh -c "\"$0\" $* || exit 42"
 
+    ${SUDO} -- sh -c "\"$0\" $* || exit 42"
 
     case $? in
 
         1)
 
             die "this script needs to run as root"

+ 1 - 1
Meta/build-image-limine.sh
Bestand weergeven 

@@ -17,7 +17,7 @@ fi
 
 
 if [ "$(id -u)" != 0 ]; then
 
     set +e
 
-    ${SUDO} -E -- sh -c "\"$0\" $* || exit 42"
 
+    ${SUDO} -- sh -c "\"$0\" $* || exit 42"
 
     case $? in
 
         1)
 
             die "this script needs to run as root"

+ 1 - 1
Meta/build-image-qemu.sh
Bestand weergeven 

@@ -25,7 +25,7 @@ if [ "$(id -u)" != 0 ]; then
 
         USE_FUSE2FS=1
 
     else
 
         set +e
 
-        ${SUDO} -E -- sh -c "\"$0\" $* || exit 42"
 
+        ${SUDO} -- sh -c "\"$0\" $* || exit 42"
 
         case $? in
 
             1)
 
                 die "this script needs to run as root"

+ 1 - 1
Meta/build-native-partition.sh
Bestand weergeven 

@@ -16,7 +16,7 @@ cleanup() {
 
 
 if [ "$(id -u)" != 0 ]; then
 
     set +e
 
-    ${SUDO} -E -- sh -c "\"$0\" $* || exit 42"
 
+    ${SUDO} -- sh -c "\"$0\" $* || exit 42"
 
     case $? in
 
         1)
 
             die "this script needs to run as root"

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5