Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: do not hard depend on sudo being installed #671

Merged
merged 1 commit into from
Sep 28, 2024
Merged

fix: do not hard depend on sudo being installed #671

merged 1 commit into from
Sep 28, 2024

Conversation

plurpio
Copy link
Contributor

@plurpio plurpio commented Sep 25, 2024

Type of Change

  • New feature
  • Bug fix
  • Documentation update
  • Refactoring
  • Hotfix
  • Security patch
  • UI/UX improvement

Description

the checkCommandRequirements function under checkEnv function in common-script.sh hard-depended on sudo, although doas could be picked as an $ESCALATION_TOOL.

Testing

I activated acouple of the scripts from with the UI, there was no error for not having sudo on my sudo-less system anymore.

Impact

Allows doas to properly be used as an escalation tool now.

Issues / other PRs related

Additional Information

Checklist

  • My code adheres to the coding and style guidelines of the project.
  • I have performed a self-review of my own code.
  • I have commented my code, particularly in hard-to-understand areas.
  • I have made corresponding changes to the documentation.
  • My changes generate no errors/warnings/merge conflicts.

@plurpio
fix: do not hard depend on sudo being installed
466f875 
similar to #193
the checkCommandRequirements function under checkEnv hard-depended on
sudo, although doas can be picked as an $ESCALATION_TOOL.
nnyyxxxx
nnyyxxxx reviewed Sep 25, 2024
View reviewed changes
core/tabs/common-script.sh
@@ -125,11 +125,11 @@ checkDistro() {
}

checkEnv() {
checkCommandRequirements 'curl groups sudo'
checkEscalationTool

This comment was marked as outdated.

Sign in to view

nnyyxxxx
nnyyxxxx reviewed Sep 25, 2024
View reviewed changes
core/tabs/common-script.sh
checkPackageManager 'nala apt-get dnf pacman zypper'
checkCurrentDirectoryWritable
checkSuperUser
checkDistro
checkEscalationTool

This comment was marked as outdated.

Sign in to view

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It was not removed, just reordered.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It was not removed, just reordered.

oops, was really tired when i typed that lol

nnyyxxxx
nnyyxxxx reviewed Sep 25, 2024
View reviewed changes
core/tabs/common-script.sh
@@ -125,11 +125,11 @@ checkDistro() {
}

checkEnv() {
checkCommandRequirements 'curl groups sudo'
checkEscalationTool
checkCommandRequirements "curl groups $ESCALATION_TOOL"

This comment was marked as outdated.

Sign in to view

This comment was marked as outdated.

Sign in to view

This comment was marked as outdated.

Sign in to view

This comment was marked as outdated.

Sign in to view

Copy link
Contributor

@cartercanedy cartercanedy Sep 25, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if we're starting to broach the topic of advanced privilege escalation tools, you should also look at refactoring this:

linutil/core/tabs/common-script.sh

Lines 91 to 107 in 466f875

checkSuperUser() {
## Check SuperUser Group
SUPERUSERGROUP='wheel sudo root'
for sug in ${SUPERUSERGROUP}; do
if groups | grep -q "${sug}"; then
SUGROUP=${sug}
printf "%b\n" "${CYAN}Super user group ${SUGROUP}${RC}"
break
fi
done
## Check if member of the sudo group.
if ! groups | grep -q "${SUGROUP}"; then
printf "%b\n" "${RED}You need to be a member of the sudo group to run me!${RC}"
exit 1
fi
}

doas might be configured to use wheel group over sudo group for privilege checks

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Both doas and sudo have commands for checking the current user's permission to run commands as root.

  • sudo --validate
  • doas -C /etc/doas.conf echo # requires a command and configuration file to be passed

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

btw both of these need to be interactive so they aren't really an option.

@ChrisTitusTech ChrisTitusTech merged commit 97b7d28 into ChrisTitusTech:main Sep 28, 2024
2 checks passed
@ChrisTitusTech ChrisTitusTech added the bug Something isn't working label Sep 28, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cartercanedy cartercanedy cartercanedy left review comments

@adamperkowski adamperkowski adamperkowski approved these changes

@nnyyxxxx nnyyxxxx nnyyxxxx approved these changes

@ChrisTitusTech ChrisTitusTech ChrisTitusTech approved these changes

Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@plurpio @ChrisTitusTech @adamperkowski @cartercanedy @nnyyxxxx