mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-22 14:52:41 +01:00
Detect goofy sudo -n
output under OSX
Summary: See rP2fedb6f941d8. We might need a more general version of this since we do some `sudo` stuff elsewhere, but at least on my machine `sudo -n` exits with code 0 when the target user exists but needs a password. Test Plan: - Tried to run daemons as root, with no automatic sudo to root. Got a bad result before (phd believed it had executed the daemons) and a good result afterward (phd recognized that sudo failed). - Tried to run daemons from root, as a non-root user. Got a good result in both cases. Reviewers: btrahan Reviewed By: btrahan Subscribers: fabe, epriestley Differential Revision: https://secure.phabricator.com/D11041
This commit is contained in:
parent
f35a38b086
commit
b3394c53d8
1 changed files with 17 additions and 2 deletions
|
@ -221,7 +221,7 @@ abstract class PhabricatorDaemonManagementWorkflow
|
|||
$command,
|
||||
$daemon_script_dir,
|
||||
$this->runDaemonsAsUser);
|
||||
} catch (CommandException $e) {
|
||||
} catch (Exception $e) {
|
||||
// Retry without sudo
|
||||
$console->writeOut(pht(
|
||||
"sudo command failed. Starting daemon as current user\n"));
|
||||
|
@ -237,6 +237,7 @@ abstract class PhabricatorDaemonManagementWorkflow
|
|||
$daemon_script_dir,
|
||||
$run_as_user = null) {
|
||||
|
||||
$is_sudo = false;
|
||||
if ($run_as_user) {
|
||||
// If anything else besides sudo should be
|
||||
// supported then insert it here (runuser, su, ...)
|
||||
|
@ -244,11 +245,25 @@ abstract class PhabricatorDaemonManagementWorkflow
|
|||
'sudo -En -u %s -- %C',
|
||||
$run_as_user,
|
||||
$command);
|
||||
$is_sudo = true;
|
||||
}
|
||||
$future = new ExecFuture('exec %C', $command);
|
||||
// Play games to keep 'ps' looking reasonable.
|
||||
$future->setCWD($daemon_script_dir);
|
||||
$future->resolvex();
|
||||
list($stdout, $stderr) = $future->resolvex();
|
||||
|
||||
if ($is_sudo) {
|
||||
// On OSX, `sudo -n` exits 0 when the user does not have permission to
|
||||
// switch accounts without a password. This is not consistent with
|
||||
// sudo on Linux, and seems buggy/broken. Check for this by string
|
||||
// matching the output.
|
||||
if (preg_match('/sudo: a password is required/', $stderr)) {
|
||||
throw new Exception(
|
||||
pht(
|
||||
'sudo exited with a zero exit code, but emitted output '.
|
||||
'consistent with failure under OSX.'));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public static function ignoreSignal($signo) {
|
||||
|
|
Loading…
Reference in a new issue