Richard W.M. Jones
2017-Oct-11 14:16 UTC
[Libguestfs] [PATCH] p2v: Test for sudo requiring a password first (RHBZ#1500673).
When testing if sudo -n requires a password, we tested for the prompt earlier than testing for the magic sudo message ‘a password is required’. Since the shell will print the prompt just after the sudo message: prompt$ sudo -n virt-v2v --version sudo: a password is required prompt$ the prompt nearly always matched and we missed the magic sudo message. (The exception is in the case where we are running everything on localhost where the sudo message could be read in a single call to read(2) without seeing the prompt immediately afterwards. Even this exception was non-deterministic.) By swapping the priority of the sudo message and prompt we avoid this. Looking at the debug output (enabled by editing common/miniexpect) makes this clearer: DEBUG: writing: sudo -n virt-v2v --version DEBUG: buffer content: sudo: a password is required ESC]0;rjones@hamr:~^G###bphcxtq5### Thanks: Ming Xie. --- p2v/ssh.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/p2v/ssh.c b/p2v/ssh.c index bfeb80661..991888348 100644 --- a/p2v/ssh.c +++ b/p2v/ssh.c @@ -792,8 +792,8 @@ test_connection (struct config *config) switch (mexp_expect (h, (mexp_regexp[]) { { 100, .re = version_re }, - { 101, .re = prompt_re }, - { 102, .re = sudo_password_re }, + { 101, .re = sudo_password_re }, + { 102, .re = prompt_re }, { 0 } }, ovector, ovecsize)) { case 100: /* Got version string. */ @@ -805,15 +805,15 @@ test_connection (struct config *config) #endif break; - case 101: /* Got the prompt. */ - goto end_of_version; - - case 102: + case 101: set_ssh_error ("sudo for user \"%s\" requires a password. Edit /etc/sudoers on the conversion server to ensure the \"NOPASSWD:\" option is set for this user.", config->username); mexp_close (h); return -1; + case 102: /* Got the prompt. */ + goto end_of_version; + case MEXP_EOF: set_ssh_unexpected_eof ("\"virt-v2v --version\" output"); mexp_close (h); -- 2.13.2
Pino Toscano
2017-Oct-11 15:06 UTC
Re: [Libguestfs] [PATCH] p2v: Test for sudo requiring a password first (RHBZ#1500673).
On Wednesday, 11 October 2017 16:16:32 CEST Richard W.M. Jones wrote:> When testing if sudo -n requires a password, we tested for the prompt > earlier than testing for the magic sudo message ‘a password is > required’. > > Since the shell will print the prompt just after the sudo message: > > prompt$ sudo -n virt-v2v --version > sudo: a password is required > prompt$ > > the prompt nearly always matched and we missed the magic sudo message. > (The exception is in the case where we are running everything on > localhost where the sudo message could be read in a single call to > read(2) without seeing the prompt immediately afterwards. Even this > exception was non-deterministic.) > > By swapping the priority of the sudo message and prompt we avoid this. > > Looking at the debug output (enabled by editing common/miniexpect) > makes this clearer: > > DEBUG: writing: sudo -n virt-v2v --version > DEBUG: buffer content: sudo: a password is required > ESC]0;rjones@hamr:~^G###bphcxtq5### > > Thanks: Ming Xie. > ---LGTM. Thanks, -- Pino Toscano
Maybe Matching Threads
- [PATCH] p2v: improve error message for sudo with password
- [PATCH] p2v: require a non-interative sudo (RHBZ#1340809)
- Re: [PATCH] p2v: require a non-interative sudo (RHBZ#1340809)
- [PATCH] p2v: show error dialog if virt-v2v fails (RHBZ#1167601)
- [PATCH] p2v: check results of strndup and sscanf