UTAH

Merge lp://staging/~nuclearbob/utah/bug1073617 into lp://staging/utah

  1. bug1073617
  2. Merge into dev
Proposed by Max Brustkern
Status: Work in progress
Proposed branch: lp://staging/~nuclearbob/utah/bug1073617
Merge into: lp://staging/utah
Diff against target: 48 lines (+18/-4)
2 files modified
utah/client/common.py (+4/-4)
utah/client/tests/test_common.py (+14/-0)
To merge this branch: bzr merge lp://staging/~nuclearbob/utah/bug1073617
Reviewer Review Type Date Requested Status
Max Brustkern (community) Needs Fixing
Javier Collado (community) Needs Fixing
Joe Talbott (community) Needs Information
Review via email: mp+135239@code.staging.launchpad.net

Description of the change

This branch adds -i to the sudo command used to execute commands using run_as. This preserves the environment of the intended user.

A test for this environment preservation is also added, and an existing test that was broken by this change is updated to work.

To post a comment you must log in.
Revision history for this message
Max Brustkern (nuclearbob) wrote :

This is intended to fix this:
https://bugs.launchpad.net/utah/+bug/1073617

Reply
Revision history for this message
Joe Talbott (joetalbott) wrote :

Your fix for the existing test reveals a problem. I think -i will only work for users with a valid shell. We will either need to fallback to non -i if the user doesn't have a valid shell or explicitly forbid using non-shell users with 'run_as'.

review: Needs Information
Reply
Revision history for this message
Joe Talbott (joetalbott) wrote :

"sudo su - nobody -c 'ls'" might be another alternative that doesn't require a valid shell.

Reply
lp://staging/~nuclearbob/utah/bug1073617 updated
757. By Max Brustkern

Merged latest changes from dev branch

758. By Max Brustkern

Changed manner of privilege switching so all tests pass, including the old test reverted back to the nobody user

Revision history for this message
Max Brustkern (nuclearbob) wrote :

I've implemented that solution and it seems to test okay.

review: Needs Resubmitting
Reply
Revision history for this message
Javier Collado (javier.collado) wrote :

When running the test cases, I get a couple of errors that I don't get when
running the test cases from trunk. The affected test cases are:
- test_load_state_partial
- test_load_state_partial_run_all

Joe, by the way, since there are a few test cases with the same docstring, it
isn't straightforward to figure out the method for the test case that failed.

Aside from that, please escape curly braces doubling them. For example, instead
of this:
cmd_wrapper = "sudo su - {} -c '{}'".format(run_as, '{}')

use this:
cmd_wrapper = "sudo su - {} -c '{{}}'".format(run_as)

review: Needs Fixing
Reply
lp://staging/~nuclearbob/utah/bug1073617 updated
759. By Max Brustkern

Fixed formatting per Javier's suggestion

Revision history for this message
Max Brustkern (nuclearbob) wrote :

I fixed the formatting. The problem with the test cases is that when we switch to the user nobody, we're losing the directory we're currently in, so commands that are supposed to run relative to that directory are failing. I'm not sure of the best way to get around that. I tried prepending a cd to the cwd passed into run_cmd, but that doesn't seem to be helping.

review: Needs Fixing
Reply

Unmerged revisions

759. By Max Brustkern

Fixed formatting per Javier's suggestion

758. By Max Brustkern

Changed manner of privilege switching so all tests pass, including the old test reverted back to the nobody user

757. By Max Brustkern

Merged latest changes from dev branch

756. By Max Brustkern

Added test for run_as environment and updated existing test to work with environment setting

755. By Max Brustkern

Added -i option to sudo to get user's environment

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
The diff is not available at this time. You can reload the page or download it.

Subscribers

People subscribed via source and target branches