particle-os/particle-os-cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix some logic errors when checking whether or not we need sudo

Browse source
This commit is contained in:
Gerald Pinder 2025-03-21 12:30:46 -04:00
parent db9bf78c94
commit 67817fe26d
5 changed files with 14 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

1
Cargo.lock generated
View file

@ -410,7 +410,6 @@ dependencies = [
"jsonschema", "jsonschema",
"log", "log",
"miette", "miette",
"nix",
"oci-distribution", "oci-distribution",
"open", "open",
"os_info", "os_info",

1
Cargo.toml
View file

@ -92,7 +92,6 @@ indexmap.workspace = true
indicatif.workspace = true indicatif.workspace = true
log.workspace = true log.workspace = true
miette = { workspace = true, features = ["fancy", "syntect-highlighter"] } miette = { workspace = true, features = ["fancy", "syntect-highlighter"] }
nix = { workspace = true, features = ["user"] }
oci-distribution.workspace = true oci-distribution.workspace = true
reqwest.workspace = true reqwest.workspace = true
semver.workspace = true semver.workspace = true

8
process/signal_handler.rs
View file

@ -6,7 +6,7 @@ use std::{
thread, thread,
}; };
use blue_build_utils::{constants::SUDO_ASKPASS, has_env_var}; use blue_build_utils::{constants::SUDO_ASKPASS, has_env_var, running_as_root};
use comlexr::cmd; use comlexr::cmd;
use log::{debug, error, trace, warn}; use log::{debug, error, trace, warn};
use nix::{ use nix::{
@ -122,17 +122,17 @@ where
debug!("Killing container {id}"); debug!("Killing container {id}");
let status = cmd!( let status = cmd!(
if cid.requires_sudo { if cid.requires_sudo && !running_as_root() {
"sudo".to_string() "sudo".to_string()
} else { } else {
cid.container_runtime.to_string() cid.container_runtime.to_string()
}, },
if cid.requires_sudo && has_env_var(SUDO_ASKPASS) => [ if cid.requires_sudo && !running_as_root() && has_env_var(SUDO_ASKPASS) => [
"-A", "-A",
"-p", "-p",
format!("Password needed to kill container {id}"), format!("Password needed to kill container {id}"),
], ],
if cid.requires_sudo => cid.container_runtime.to_string(), if cid.requires_sudo && !running_as_root() => cid.container_runtime.to_string(),
"stop", "stop",
id id
) )

8
src/commands/generate_iso.rs
View file

@ -12,7 +12,7 @@ use oci_distribution::Reference;
use tempfile::TempDir; use tempfile::TempDir;
use blue_build_process_management::{ use blue_build_process_management::{
drivers::{opts::RunOpts, types::RunDriverType, Driver, DriverArgs, RunDriver}, drivers::{opts::RunOpts, Driver, DriverArgs, RunDriver},
run_volumes, run_volumes,
}; };
@ -127,12 +127,6 @@ impl BlueBuildCommand for GenerateIsoCommand {
fn try_run(&mut self) -> Result<()> { fn try_run(&mut self) -> Result<()> {
Driver::init(self.drivers); Driver::init(self.drivers);
if !nix::unistd::Uid::effective().is_root()
&& matches!(Driver::get_run_driver(), RunDriverType::Podman)
{
bail!("You must be root to build an ISO!");
}
let image_out_dir = if let Some(ref dir) = self.tempdir { let image_out_dir = if let Some(ref dir) = self.tempdir {
TempDir::new_in(dir).into_diagnostic()? TempDir::new_in(dir).into_diagnostic()?
} else { } else {

30
src/commands/switch.rs
View file

@ -14,12 +14,10 @@ use blue_build_utils::{
}; };
use bon::Builder; use bon::Builder;
use clap::Args; use clap::Args;
use colored::Colorize;
use comlexr::cmd; use comlexr::cmd;
use indicatif::ProgressBar; use indicatif::ProgressBar;
use log::{debug, trace, warn}; use log::{debug, trace};
use miette::{bail, IntoDiagnostic, Result}; use miette::{bail, IntoDiagnostic, Result};
use nix::unistd::Uid;
use tempfile::TempDir; use tempfile::TempDir;
use crate::{commands::build::BuildCommand, rpm_ostree_status::RpmOstreeStatus}; use crate::{commands::build::BuildCommand, rpm_ostree_status::RpmOstreeStatus};
@ -91,15 +89,6 @@ impl BlueBuildCommand for SwitchCommand {
let temp_file_path = tempdir.path().join(&image_file_name); let temp_file_path = tempdir.path().join(&image_file_name);
let archive_path = Path::new(LOCAL_BUILD).join(&image_file_name); let archive_path = Path::new(LOCAL_BUILD).join(&image_file_name);
if !Uid::effective().is_root() {
warn!(
"{notice}: {} {sudo} {}",
"The next few steps will require".yellow(),
"You may have to supply your password".yellow(),
notice = "NOTICE".bright_red().bold(),
sudo = "`sudo`.".italic().bright_red().bold(),
);
}
Self::clean_local_build_dir()?; Self::clean_local_build_dir()?;
Self::move_archive(&temp_file_path, &archive_path)?; Self::move_archive(&temp_file_path, &archive_path)?;
@ -171,12 +160,12 @@ impl SwitchCommand {
} else { } else {
"sudo" "sudo"
}, },
if running_as_root() && has_env_var(SUDO_ASKPASS) => [ if !running_as_root() && has_env_var(SUDO_ASKPASS) => [
"-A", "-A",
"-p", "-p",
format!("Password needed to move {from:?} to {to:?}"), format!("Password needed to move {from:?} to {to:?}"),
], ],
if running_as_root() => "mv", if !running_as_root() => "mv",
from, from,
to, to,
); );
@ -207,7 +196,6 @@ impl SwitchCommand {
if local_build_path.exists() { if local_build_path.exists() {
debug!("Cleaning out build dir {LOCAL_BUILD}"); debug!("Cleaning out build dir {LOCAL_BUILD}");
trace!("sudo ls {LOCAL_BUILD}");
let mut command = { let mut command = {
let c = cmd!( let c = cmd!(
if running_as_root() { if running_as_root() {
@ -215,12 +203,12 @@ impl SwitchCommand {
} else { } else {
"sudo" "sudo"
}, },
if running_as_root() && has_env_var(SUDO_ASKPASS) => [ if !running_as_root() && has_env_var(SUDO_ASKPASS) => [
"-A", "-A",
"-p", "-p",
format!("Password required to list files in {LOCAL_BUILD}"), format!("Password required to list files in {LOCAL_BUILD}"),
], ],
if running_as_root() => "ls", if !running_as_root() => "ls",
LOCAL_BUILD LOCAL_BUILD
); );
trace!("{c:?}"); trace!("{c:?}");
@ -249,12 +237,12 @@ impl SwitchCommand {
} else { } else {
"sudo" "sudo"
}, },
if running_as_root() && has_env_var(SUDO_ASKPASS) => [ if !running_as_root() && has_env_var(SUDO_ASKPASS) => [
"-A", "-A",
"-p", "-p",
format!("Password required to remove files: {files:?}"), format!("Password required to remove files: {files:?}"),
], ],
if running_as_root() => "rm", if !running_as_root() => "rm",
"-f", "-f",
for files, for files,
); );
@ -283,12 +271,12 @@ impl SwitchCommand {
} else { } else {
"sudo" "sudo"
}, },
if running_as_root() && has_env_var(SUDO_ASKPASS) => [ if !running_as_root() && has_env_var(SUDO_ASKPASS) => [
"-A", "-A",
"-p", "-p",
format!("Password needed to create directory {local_build_path:?}"), format!("Password needed to create directory {local_build_path:?}"),
], ],
if running_as_root() => "mkdir", if !running_as_root() => "mkdir",
"-p", "-p",
local_build_path, local_build_path,
); );