From 3ccfc799c6e1bcc3c0b282797267a65aa7e4c714 Mon Sep 17 00:00:00 2001 From: Chris Koeritz Date: Mon, 1 Jun 2020 10:19:23 -0400 Subject: [PATCH] simplified sudo function tossed out a lot of my changes after discovering the -i option to sudo, which starts a legitimate fresh shell of the type i needed. now, the only weirdity i have to deal with is that the PATH variable still seems to be passed in from sudo even though i've asked for that fresh shell. setting it to null prior to doing the sudo fixes that. works a bit better now. --- scripts/core/functions.sh | 37 +++++++++++++++++++------ scripts/core/reconfigure_feisty_meow.sh | 5 ++-- scripts/core/variables.sh | 3 +- 3 files changed, 33 insertions(+), 12 deletions(-) diff --git a/scripts/core/functions.sh b/scripts/core/functions.sh index baf8a1ea..3a2151b1 100644 --- a/scripts/core/functions.sh +++ b/scripts/core/functions.sh @@ -407,23 +407,44 @@ if [ -z "$skip_all" ]; then } # this function wraps the normal sudo by ensuring we replace the terminal - # label before we launch what they're passing to sudo. we also ensure that - # the feisty meow environment is recreated; normal subshells don't need - # this, but when switching identity with sudo, it seems important. yet, - # we also don't want to hose up their normal sudo actions, such as passing - # along the current environment, should the user choose. + # label before we launch what they're passing to sudo. we also preserve + # specific variables that enable the main user's ssh credentials to still + # be relied on for ssh forwarding, even if the '-i' flag is passed to cause + # a fresh shell (which normally doesn't get the launching user's environment + # variables). + +##questioning our approach: we also ensure that +# # the feisty meow environment is recreated; normal subshells don't need +# # this, but when switching identity with sudo, it seems important. yet, +# # we also don't want to hose up their normal sudo actions, such as passing +# # along the current environment, should the user choose. + function sudo() { save_terminal_title + # hoist our X authorization info in case environment is passed along; - # this can allow root to use our display to show Xorg windows. - if [ ! -z "$DISPLAY" ]; then + # this can allow root to use our display to show X.org windows. + if [ -z "$IMPORTED_XAUTH" -a ! -z "$DISPLAY" ]; then export IMPORTED_XAUTH="$(xauth list $DISPLAY | head -n 1 | awk '{print $3}')" fi + + # launch sudo with just the variables we want to reach the other side. + # we take an extra step to null out the PATH, since MacOS seems to want + # to pass that even for a login shell (-i) somehow. + PATH= /usr/bin/sudo --preserve-env=SSH_AUTH_SOCK,IMPORTED_XAUTH "$@" +#"SSH_AUTH_SOCK='$SSH_AUTH_SOCK'" "IMPORTED_XAUTH='$IMPORTED_XAUTH'" "$@" + retval=$? + + unset IMPORTED_XAUTH + restore_terminal_title + return $retval + +##potential boneyard: # prep a simple command string here, rather than messing with arguments # in the already complicated command below. i was seeing some really # screwy behavior trying to expand $@ when embedded for the bash -c flag, # but making the variable ahead of time gets rid of that. - cmd="/usr/bin/sudo ""$@" + cmd="/usr/bin/sudo --preserve-env=SSH_AUTH_SOCK,IMPORTED_XAUTH ""$@" # omit any variables that are either wrong for a different user or used # to shield the feisty meow scripts from reconfiguring. when we do the diff --git a/scripts/core/reconfigure_feisty_meow.sh b/scripts/core/reconfigure_feisty_meow.sh index 716e97be..b7e5dda0 100644 --- a/scripts/core/reconfigure_feisty_meow.sh +++ b/scripts/core/reconfigure_feisty_meow.sh @@ -51,10 +51,9 @@ export PERLLIB=$(echo $PERLLIB | sed -e "s?\([:]*\)\([^:]*feisty_meow[^:]*\)\([: PERLLIB=$PERLLIB:"$FEISTY_MEOW_SCRIPTS/core":"$FEISTY_MEOW_SCRIPTS/files":"$FEISTY_MEOW_SCRIPTS/generator" PERL5LIB=$PERLLIB #echo PERLLIB after modification is $PERLLIB + # make toast out of generated files right away, but leave any custom scripts. -\rm "$FEISTY_MEOW_LOADING_DOCK"/fmc_* -#NO! find "$FEISTY_MEOW_LOADING_DOCK" -maxdepth 1 -type f -exec perl "$FEISTY_MEOW_SCRIPTS/files/safedel.pl" "{}" ';' -# &>/dev/null +\rm -f "$FEISTY_MEOW_LOADING_DOCK"/fmc_* ## #no, old: ## if [ ! -d "$FEISTY_MEOW_LOADING_DOCK/custom" ]; then diff --git a/scripts/core/variables.sh b/scripts/core/variables.sh index 333598ad..8c21424f 100644 --- a/scripts/core/variables.sh +++ b/scripts/core/variables.sh @@ -288,7 +288,8 @@ define_yeti_variable DEFAULT_FEISTYMEOW_ORG_DIR=/opt/feistymeow.org # add to the PATH variables used for locating applications. this step is taken after any # potential overrides from the user. - define_yeti_variable PATH="$(dos_to_unix_path $FEISTY_MEOW_LOADING_DOCK):$PATH:$(find /usr/local/games -maxdepth 1 -type d -exec echo -n {}: ';' 2>/dev/null)/sbin" +#old: define_yeti_variable PATH="$(dos_to_unix_path $FEISTY_MEOW_LOADING_DOCK):$PATH:$(find /usr/local/games -maxdepth 1 -type d -exec echo -n {}: ';' 2>/dev/null)/sbin" + define_yeti_variable PATH="$PATH:$(find /usr/local/games -maxdepth 1 -type d -exec echo -n {}: ';' 2>/dev/null)/sbin" ############## -- 2.34.1