From 67817fe26d4d87bbec1964dae21188387c47bca2 Mon Sep 17 00:00:00 2001 From: Gerald Pinder Date: Fri, 21 Mar 2025 12:30:46 -0400 Subject: [PATCH] Fix some logic errors when checking whether or not we need sudo --- Cargo.lock | 1 - Cargo.toml | 1 - process/signal_handler.rs | 8 ++++---- src/commands/generate_iso.rs | 8 +------- src/commands/switch.rs | 30 +++++++++--------------------- 5 files changed, 14 insertions(+), 34 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 8c36278..8a64e3d 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -410,7 +410,6 @@ dependencies = [ "jsonschema", "log", "miette", - "nix", "oci-distribution", "open", "os_info", diff --git a/Cargo.toml b/Cargo.toml index 409fb6c..e18a37c 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -92,7 +92,6 @@ indexmap.workspace = true indicatif.workspace = true log.workspace = true miette = { workspace = true, features = ["fancy", "syntect-highlighter"] } -nix = { workspace = true, features = ["user"] } oci-distribution.workspace = true reqwest.workspace = true semver.workspace = true diff --git a/process/signal_handler.rs b/process/signal_handler.rs index 7cfcea9..a33bbcd 100644 --- a/process/signal_handler.rs +++ b/process/signal_handler.rs @@ -6,7 +6,7 @@ use std::{ thread, }; -use blue_build_utils::{constants::SUDO_ASKPASS, has_env_var}; +use blue_build_utils::{constants::SUDO_ASKPASS, has_env_var, running_as_root}; use comlexr::cmd; use log::{debug, error, trace, warn}; use nix::{ @@ -122,17 +122,17 @@ where debug!("Killing container {id}"); let status = cmd!( - if cid.requires_sudo { + if cid.requires_sudo && !running_as_root() { "sudo".to_string() } else { cid.container_runtime.to_string() }, - if cid.requires_sudo && has_env_var(SUDO_ASKPASS) => [ + if cid.requires_sudo && !running_as_root() && has_env_var(SUDO_ASKPASS) => [ "-A", "-p", format!("Password needed to kill container {id}"), ], - if cid.requires_sudo => cid.container_runtime.to_string(), + if cid.requires_sudo && !running_as_root() => cid.container_runtime.to_string(), "stop", id ) diff --git a/src/commands/generate_iso.rs b/src/commands/generate_iso.rs index 76998d3..5201a7b 100644 --- a/src/commands/generate_iso.rs +++ b/src/commands/generate_iso.rs @@ -12,7 +12,7 @@ use oci_distribution::Reference; use tempfile::TempDir; use blue_build_process_management::{ - drivers::{opts::RunOpts, types::RunDriverType, Driver, DriverArgs, RunDriver}, + drivers::{opts::RunOpts, Driver, DriverArgs, RunDriver}, run_volumes, }; @@ -127,12 +127,6 @@ impl BlueBuildCommand for GenerateIsoCommand { fn try_run(&mut self) -> Result<()> { Driver::init(self.drivers); - if !nix::unistd::Uid::effective().is_root() - && matches!(Driver::get_run_driver(), RunDriverType::Podman) - { - bail!("You must be root to build an ISO!"); - } - let image_out_dir = if let Some(ref dir) = self.tempdir { TempDir::new_in(dir).into_diagnostic()? } else { diff --git a/src/commands/switch.rs b/src/commands/switch.rs index 6818102..2d934f8 100644 --- a/src/commands/switch.rs +++ b/src/commands/switch.rs @@ -14,12 +14,10 @@ use blue_build_utils::{ }; use bon::Builder; use clap::Args; -use colored::Colorize; use comlexr::cmd; use indicatif::ProgressBar; -use log::{debug, trace, warn}; +use log::{debug, trace}; use miette::{bail, IntoDiagnostic, Result}; -use nix::unistd::Uid; use tempfile::TempDir; use crate::{commands::build::BuildCommand, rpm_ostree_status::RpmOstreeStatus}; @@ -91,15 +89,6 @@ impl BlueBuildCommand for SwitchCommand { let temp_file_path = tempdir.path().join(&image_file_name); let archive_path = Path::new(LOCAL_BUILD).join(&image_file_name); - if !Uid::effective().is_root() { - warn!( - "{notice}: {} {sudo} {}", - "The next few steps will require".yellow(), - "You may have to supply your password".yellow(), - notice = "NOTICE".bright_red().bold(), - sudo = "`sudo`.".italic().bright_red().bold(), - ); - } Self::clean_local_build_dir()?; Self::move_archive(&temp_file_path, &archive_path)?; @@ -171,12 +160,12 @@ impl SwitchCommand { } else { "sudo" }, - if running_as_root() && has_env_var(SUDO_ASKPASS) => [ + if !running_as_root() && has_env_var(SUDO_ASKPASS) => [ "-A", "-p", format!("Password needed to move {from:?} to {to:?}"), ], - if running_as_root() => "mv", + if !running_as_root() => "mv", from, to, ); @@ -207,7 +196,6 @@ impl SwitchCommand { if local_build_path.exists() { debug!("Cleaning out build dir {LOCAL_BUILD}"); - trace!("sudo ls {LOCAL_BUILD}"); let mut command = { let c = cmd!( if running_as_root() { @@ -215,12 +203,12 @@ impl SwitchCommand { } else { "sudo" }, - if running_as_root() && has_env_var(SUDO_ASKPASS) => [ + if !running_as_root() && has_env_var(SUDO_ASKPASS) => [ "-A", "-p", format!("Password required to list files in {LOCAL_BUILD}"), ], - if running_as_root() => "ls", + if !running_as_root() => "ls", LOCAL_BUILD ); trace!("{c:?}"); @@ -249,12 +237,12 @@ impl SwitchCommand { } else { "sudo" }, - if running_as_root() && has_env_var(SUDO_ASKPASS) => [ + if !running_as_root() && has_env_var(SUDO_ASKPASS) => [ "-A", "-p", format!("Password required to remove files: {files:?}"), ], - if running_as_root() => "rm", + if !running_as_root() => "rm", "-f", for files, ); @@ -283,12 +271,12 @@ impl SwitchCommand { } else { "sudo" }, - if running_as_root() && has_env_var(SUDO_ASKPASS) => [ + if !running_as_root() && has_env_var(SUDO_ASKPASS) => [ "-A", "-p", format!("Password needed to create directory {local_build_path:?}"), ], - if running_as_root() => "mkdir", + if !running_as_root() => "mkdir", "-p", local_build_path, );