-
Notifications
You must be signed in to change notification settings - Fork 80
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement --owner
and --perms
#689
Conversation
Codecov ReportPatch coverage has no change and project coverage change:
Additional details and impacted files@@ Coverage Diff @@
## main #689 +/- ##
==========================================
- Coverage 57.66% 57.48% -0.19%
==========================================
Files 68 69 +1
Lines 8960 8985 +25
==========================================
- Hits 5167 5165 -2
- Misses 3793 3820 +27
☔ View full report in Codecov by Sentry. |
Number of dependencies and binary size impact report
Dependencies diff └─ sudo-rs [v0.2.0-dev.20230711]
├─ glob [v0.3.1]
├─ libc [v0.2.147]
└─ log [v0.4.19] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
left some comments but otherwise LGTM
if perms || file_arg.is_none() { | ||
sudoers_file.set_permissions(Permissions::from_mode(0o440))?; | ||
} | ||
let result: io::Result<()> = (|| { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
as an alternative to this closure that gets called immediately ("pseudo try-block"), I think you could create a newtype over a locked file that releases the lock when it's dropped. so long we don't call exit
from here that should release the lock even when an error occurs.
that being said, according to the glibc manual, the locks associated to a file are released when the file is closed and I think that should happen even if the process call exit
because the OS should release all the resources associated to the process.
Describe the changes done on this pull request
This PR adds the required logic to implement the
--owner/-O
and--perms/-P
flags forvisudo
.Pull Request Checklist
visudo
#657 where a proper discussion about a solution has taken place.