X-Git-Url: https://feistymeow.org/gitweb/?a=blobdiff_plain;f=scripts%2Fcore%2Ffunctions.sh;h=3a2151b1f22a68814e360c62ecb334df16851911;hb=eb5aaa6fdd69119c1f15831368a8618b04fd2bf6;hp=7876fb90908617b9ee79e435f85edd8bd16bde0a;hpb=da723ece2de56b2542158c060d98923a6b6e2850;p=feisty_meow.git diff --git a/scripts/core/functions.sh b/scripts/core/functions.sh index 7876fb90..3a2151b1 100644 --- a/scripts/core/functions.sh +++ b/scripts/core/functions.sh @@ -355,22 +355,6 @@ if [ -z "$skip_all" ]; then done } -#hmmm: not really doing anything yet; ubuntu seems to have changed from pulseaudio in 17.04? - # restarts the sound driver. - function fix_sound_driver() { - # stop bash complaining about blank function body. - local nothing= -#if alsa something -# sudo service alsasound restart -#elif pulse something -# sudo pulseaudio -k -# sudo pulseaudio -D -#else -# something else...? -#fi - - } - function screen() { save_terminal_title #hmmm: ugly absolute path here. @@ -422,49 +406,45 @@ if [ -z "$skip_all" ]; then fi } -#bork # su function: makes su perform a login. -#bork # for some OSes, this transfers the X authority information to the new login. -#bork function su() { -#bork if debian_like; then -#bork # debian currently requires the full version which imports X authority -#bork # information for su. -#bork -#bork # get the x authority info for our current user. -#bork source "$FEISTY_MEOW_SCRIPTS/security/get_x_auth.sh" -#bork -#bork if [ -z "$X_auth_info" ]; then -#bork # if there's no authentication info to pass along, we just do a normal su. -#bork /bin/su -l $* -#bork else -#bork # under X, we update the new login's authority info with the previous -#bork # user's info. -#bork (unset XAUTHORITY; /bin/su -l $* -c "$X_auth_info ; export DISPLAY=$DISPLAY ; bash") -#bork fi -#bork else -#bork # non-debian supposedly doesn't need the extra overhead any more. -#bork # or at least suse doesn't, which is the other one we've tested on. -#bork /bin/su -l $* -#bork fi -#bork } - # this function wraps the normal sudo by ensuring we replace the terminal - # label before we launch what they're passing to sudo. we also ensure that - # the feisty meow environment is recreated; normal subshells don't need - # this, but when switching identity with sudo, it seems important. yet, - # we also don't want to hose up their normal sudo actions, such as passing - # along the current environment, should the user choose. + # label before we launch what they're passing to sudo. we also preserve + # specific variables that enable the main user's ssh credentials to still + # be relied on for ssh forwarding, even if the '-i' flag is passed to cause + # a fresh shell (which normally doesn't get the launching user's environment + # variables). + +##questioning our approach: we also ensure that +# # the feisty meow environment is recreated; normal subshells don't need +# # this, but when switching identity with sudo, it seems important. yet, +# # we also don't want to hose up their normal sudo actions, such as passing +# # along the current environment, should the user choose. + function sudo() { save_terminal_title + # hoist our X authorization info in case environment is passed along; - # this can allow root to use our display to show Xorg windows. - if [ ! -z "$DISPLAY" ]; then + # this can allow root to use our display to show X.org windows. + if [ -z "$IMPORTED_XAUTH" -a ! -z "$DISPLAY" ]; then export IMPORTED_XAUTH="$(xauth list $DISPLAY | head -n 1 | awk '{print $3}')" fi + + # launch sudo with just the variables we want to reach the other side. + # we take an extra step to null out the PATH, since MacOS seems to want + # to pass that even for a login shell (-i) somehow. + PATH= /usr/bin/sudo --preserve-env=SSH_AUTH_SOCK,IMPORTED_XAUTH "$@" +#"SSH_AUTH_SOCK='$SSH_AUTH_SOCK'" "IMPORTED_XAUTH='$IMPORTED_XAUTH'" "$@" + retval=$? + + unset IMPORTED_XAUTH + restore_terminal_title + return $retval + +##potential boneyard: # prep a simple command string here, rather than messing with arguments # in the already complicated command below. i was seeing some really # screwy behavior trying to expand $@ when embedded for the bash -c flag, # but making the variable ahead of time gets rid of that. - cmd="/usr/bin/sudo ""$@" + cmd="/usr/bin/sudo --preserve-env=SSH_AUTH_SOCK,IMPORTED_XAUTH ""$@" # omit any variables that are either wrong for a different user or used # to shield the feisty meow scripts from reconfiguring. when we do the @@ -474,10 +454,11 @@ if [ -z "$skip_all" ]; then # aliases). we turn off the expand_aliases shell option to avoid passing # the sentinel, which ensures aliases do get recreated for the new user. BUILD_VARS_LOADED= \ - CORE_VARIABLES_LOADED= \ - FEISTY_MEOW_SCRIPTS_LOADED= \ - function_sentinel= \ - MAIL= \ + CORE_VARIABLES_LOADED= \ + FEISTY_MEOW_SCRIPTS_LOADED= \ + function_sentinel= \ + MAIL= \ + HOME= \ bash +O expand_aliases -c "$cmd" retval=$? restore_terminal_title @@ -988,6 +969,28 @@ return 0 ############## + # you have hit the borderline functional zone... + +#hmmm: not really doing anything yet; ubuntu seems to have changed from pulseaudio in 17.04? + # restarts the sound driver. + function fix_sound_driver() { + # stop bash complaining about blank function body. + local nothing= +#if alsa something +# sudo service alsasound restart +#elif pulse something +# sudo pulseaudio -k +# sudo pulseaudio -D +#else +# something else...? +#fi + + } + + # ...and here's the end of the borderline functional zone. + + ############## + # NOTE: no more function definitions are allowed after this point. function function_sentinel()