sysutils/gksu and sysutils/libgksu: Fix gksudo not running command
This fixes an issue where gksudo would successfully authenticate the user, but fail to run the requested command. This was caused by gksudo forking a new PTY, meaning that different TTY was used for the "sudo -v" command and subsequent "sudo -n ..." command. Whilst this used to work, newer versions of sudo used per TTY authentication caching. Patch taken from Arch Linux: https://aur.archlinux.org/packages/libgksu/ Also fixed: - Made Nautilus plugin optional, so gksu can be installed without GNOME - Added license details, pet portlint - Tidied patches: move path fixes into port Makefile
This commit is contained in:
parent
9b65a2f688
commit
1747513894
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=473672
7 changed files with 400 additions and 67 deletions
|
@ -3,25 +3,38 @@
|
|||
|
||||
PORTNAME= gksu
|
||||
PORTVERSION= 2.0.2
|
||||
PORTREVISION= 6
|
||||
PORTREVISION= 7
|
||||
CATEGORIES= sysutils
|
||||
MASTER_SITES= http://people.debian.org/~kov/gksu/
|
||||
|
||||
MAINTAINER= ports@FreeBSD.org
|
||||
COMMENT= Graphical frontend to su
|
||||
|
||||
LIB_DEPENDS= libgksu2.so:sysutils/libgksu \
|
||||
libnautilus-extension.so:x11-fm/nautilus \
|
||||
libgnome-keyring.so:security/libgnome-keyring
|
||||
LICENSE= GPLv2+
|
||||
LICENSE_FILE= ${WRKSRC}/COPYING
|
||||
|
||||
LIB_DEPENDS= libfontconfig.so:x11-fonts/fontconfig \
|
||||
libfreetype.so:print/freetype2 \
|
||||
libgksu2.so:sysutils/libgksu \
|
||||
libgnome-keyring.so:security/libgnome-keyring \
|
||||
libstartup-notification-1.so:x11/startup-notification
|
||||
|
||||
USES= gettext-tools gmake libtool pathfix pkgconfig
|
||||
USE_GNOME= gconf2 gnomeprefix gtk20 intlhack
|
||||
USE_GNOME= cairo gconf2 gdkpixbuf2 gnomeprefix gtk20 intlhack
|
||||
GNU_CONFIGURE= yes
|
||||
USE_LDCONFIG= yes
|
||||
CPPFLAGS+= -I${LOCALBASE}/include
|
||||
LDFLAGS+= -L${LOCALBASE}/lib
|
||||
INSTALL_TARGET= install-strip
|
||||
|
||||
OPTIONS_DEFINE= NAUTILUS
|
||||
OPTIONS_DEFAULT=NAUTILUS
|
||||
OPTIONS_SUB= yes
|
||||
|
||||
NAUTILUS_DESC= Build extension for GNOME file manager
|
||||
NAUTILUS_CONFIGURE_ENABLE= nautilus-extension
|
||||
NAUTILUS_LIB_DEPENDS= libnautilus-extension.so:x11-fm/nautilus
|
||||
|
||||
post-patch:
|
||||
@${REINPLACE_CMD} -e 's|glib/gkeyfile.h|glib.h|g' \
|
||||
${WRKSRC}/nautilus-gksu/libnautilus-gksu.c
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
bin/gksu
|
||||
bin/gksudo
|
||||
lib/nautilus/extensions-2.0/libnautilus-gksu.so
|
||||
lib/nautilus/extensions-2.0/libnautilus-gksu.a
|
||||
%%NAUTILUS%%lib/nautilus/extensions-2.0/libnautilus-gksu.so
|
||||
%%NAUTILUS%%lib/nautilus/extensions-2.0/libnautilus-gksu.a
|
||||
man/man1/gksu.1.gz
|
||||
man/man1/gksudo.1.gz
|
||||
share/applications/gksu.desktop
|
||||
|
|
|
@ -3,13 +3,16 @@
|
|||
|
||||
PORTNAME= libgksu
|
||||
PORTVERSION= 2.0.12
|
||||
PORTREVISION= 3
|
||||
PORTREVISION= 4
|
||||
CATEGORIES= sysutils
|
||||
MASTER_SITES= http://people.debian.org/~kov/gksu/
|
||||
|
||||
MAINTAINER= ports@FreeBSD.org
|
||||
COMMENT= Library providing su and sudo functionality
|
||||
|
||||
LICENSE= LGPL20+
|
||||
LICENSE_FILE= ${WRKSRC}/COPYING
|
||||
|
||||
LIB_DEPENDS= libgtop-2.0.so:devel/libgtop \
|
||||
libglade-2.0.so:devel/libglade2 \
|
||||
libgnome-keyring.so:security/libgnome-keyring \
|
||||
|
@ -35,5 +38,15 @@ post-patch:
|
|||
${WRKSRC}/libgksu/Makefile.in
|
||||
@${REINPLACE_CMD} '/^libgksuui1_0_la_LIBADD =/s/$$/ -lX11/' \
|
||||
${WRKSRC}/libgksuui/Makefile.in
|
||||
@${REINPLACE_CMD} -E \
|
||||
-e 's|([" ])/bin/su|\1/usr/bin/su|g' \
|
||||
-e 's|/usr/bin/sudo|${LOCALBASE}/bin/sudo|g' \
|
||||
-e 's|/usr/bin/xauth|${LOCALBASE}/bin/xauth|g' \
|
||||
-e 's|/usr/bin/xgettext|${LOCALBASE}/bin/xgettext|g' \
|
||||
-e 's|/usr/bin/xterm|${LOCALBASE}/bin/xterm|g' \
|
||||
${WRKSRC}/libgksu/gksu-run-helper.c \
|
||||
${WRKSRC}/libgksu/libgksu.c \
|
||||
${WRKSRC}/libgksu/test-gksu.c \
|
||||
${WRKSRC}/po/*.po
|
||||
|
||||
.include <bsd.port.mk>
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
--- Makefile.in.o 2011-04-13 15:10:53.221097086 +0000
|
||||
+++ Makefile.in 2011-04-13 15:11:33.181096740 +0000
|
||||
@@ -747,11 +747,11 @@
|
||||
@@ -731,11 +731,11 @@
|
||||
@INTLTOOL_SCHEMAS_RULE@
|
||||
|
||||
@GCONF_SCHEMAS_INSTALL_TRUE@install-data-local:
|
||||
|
|
|
@ -8,14 +8,3 @@
|
|||
fprintf (stderr, "gksu: waiting\n");
|
||||
|
||||
xauth_file = g_strdup_printf ("%s/.Xauthority",
|
||||
@@ -159,8 +160,8 @@
|
||||
/* find out where the xauth binary is located */
|
||||
if (g_file_test ("/usr/bin/xauth", G_FILE_TEST_IS_EXECUTABLE))
|
||||
xauth_bin = "/usr/bin/xauth";
|
||||
- else if (g_file_test ("/usr/X11R6/bin/xauth", G_FILE_TEST_IS_EXECUTABLE))
|
||||
- xauth_bin = "/usr/X11R6/bin/xauth";
|
||||
+ else if (g_file_test ("/usr/local/bin/xauth", G_FILE_TEST_IS_EXECUTABLE))
|
||||
+ xauth_bin = "/usr/local/bin/xauth";
|
||||
else
|
||||
{
|
||||
fprintf (stderr,
|
||||
|
|
|
@ -17,35 +17,6 @@
|
|||
|
||||
#include <glibtop.h>
|
||||
#include <glibtop/procstate.h>
|
||||
@@ -1089,8 +1091,8 @@
|
||||
gchar *xauth = g_new0 (gchar, 256);
|
||||
|
||||
/* find out where the xauth binary is located */
|
||||
- if (g_file_test ("/usr/bin/xauth", G_FILE_TEST_IS_EXECUTABLE))
|
||||
- xauth_bin = "/usr/bin/xauth";
|
||||
+ if (g_file_test ("/usr/local/bin/xauth", G_FILE_TEST_IS_EXECUTABLE))
|
||||
+ xauth_bin = "/usr/local/bin/xauth";
|
||||
else if (g_file_test ("/usr/X11R6/bin/xauth", G_FILE_TEST_IS_EXECUTABLE))
|
||||
xauth_bin = "/usr/X11R6/bin/xauth";
|
||||
else
|
||||
@@ -1976,7 +1978,7 @@
|
||||
gchar **cmd = g_malloc (sizeof(gchar*)*7);
|
||||
|
||||
setsid(); // make us session leader
|
||||
- cmd[i] = g_strdup ("/bin/su"); i++;
|
||||
+ cmd[i] = g_strdup ("/usr/bin/su"); i++;
|
||||
if (context->login_shell)
|
||||
{
|
||||
cmd[i] = g_strdup ("-"); i++;
|
||||
@@ -1998,7 +2000,7 @@
|
||||
if (execv (cmd[0], cmd) == -1)
|
||||
{
|
||||
fprintf (stderr,
|
||||
- "Unable to run /bin/su: %s",
|
||||
+ "Unable to run /usr/bin/su: %s",
|
||||
strerror(errno));
|
||||
}
|
||||
|
||||
@@ -2190,8 +2192,6 @@
|
||||
write (fdpty, line, strlen(line));
|
||||
g_free (line);
|
||||
|
@ -55,21 +26,3 @@
|
|||
bzero (buf, 256);
|
||||
read (fdpty, buf, 255);
|
||||
|
||||
@@ -2503,7 +2503,7 @@
|
||||
if (context->always_ask_password)
|
||||
{
|
||||
gint exit_status;
|
||||
- g_spawn_command_line_sync("/usr/bin/sudo -K", NULL, NULL, &exit_status, NULL);
|
||||
+ g_spawn_command_line_sync("/usr/local/bin/sudo -K", NULL, NULL, &exit_status, NULL);
|
||||
}
|
||||
|
||||
|
||||
@@ -2533,7 +2533,7 @@
|
||||
argcount = 0;
|
||||
|
||||
/* sudo binary */
|
||||
- cmd[argcount] = g_strdup("/usr/bin/sudo");
|
||||
+ cmd[argcount] = g_strdup("/usr/local/bin/sudo");
|
||||
argcount++;
|
||||
|
||||
if (!context->keep_env)
|
||||
|
|
365
sysutils/libgksu/files/patch-revert-forkpty
Normal file
365
sysutils/libgksu/files/patch-revert-forkpty
Normal file
|
@ -0,0 +1,365 @@
|
|||
This patch fixes an issue where gksudo would successfully authenticate
|
||||
the user, but fail to run the requested command. This was caused by
|
||||
gksudo forking a new PTY, meaning that different TTY was used for the
|
||||
"sudo -v" command and subsequent "sudo -n ..." command. Whilst this used
|
||||
to work, newer versions of sudo used per TTY authentication caching.
|
||||
Patch taken from Arch Linux: https://aur.archlinux.org/packages/libgksu/
|
||||
|
||||
--- libgksu/libgksu.c.orig 2009-06-29 13:48:24.000000000 -0400
|
||||
+++ libgksu/libgksu.c 2010-01-12 07:32:10.450657456 -0500
|
||||
@@ -1,7 +1,6 @@
|
||||
/*
|
||||
* Gksu -- a library providing access to su functionality
|
||||
* Copyright (C) 2004-2009 Gustavo Noronha Silva
|
||||
- * Portions Copyright (C) 2009 VMware, Inc.
|
||||
*
|
||||
* This library is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU Lesser General Public
|
||||
@@ -56,9 +55,6 @@
|
||||
static void
|
||||
gksu_context_launch_complete (GksuContext *context);
|
||||
|
||||
-static void
|
||||
-read_line (int fd, gchar *buffer, int n);
|
||||
-
|
||||
GType
|
||||
gksu_error_get_type (void)
|
||||
{
|
||||
@@ -2009,8 +2005,6 @@ gksu_su_fuller (GksuContext *context,
|
||||
for (i = 0 ; cmd[i] != NULL ; i++)
|
||||
g_free (cmd[i]);
|
||||
g_free(cmd);
|
||||
-
|
||||
- _exit(1);
|
||||
}
|
||||
else if (pid == -1)
|
||||
{
|
||||
@@ -2125,10 +2119,10 @@ gksu_su_fuller (GksuContext *context,
|
||||
/* drop the \n echoed on password entry if su did request
|
||||
a password */
|
||||
if (password_needed)
|
||||
- read_line (fdpty, buf, 255);
|
||||
+ read (fdpty, buf, 255);
|
||||
if (context->debug)
|
||||
fprintf (stderr, "DEBUG (run:post-after-pass) buf: -%s-\n", buf);
|
||||
- read_line (fdpty, buf, 255);
|
||||
+ read (fdpty, buf, 255);
|
||||
if (context->debug)
|
||||
fprintf (stderr, "DEBUG (run:post-after-pass) buf: -%s-\n", buf);
|
||||
}
|
||||
@@ -2142,9 +2136,7 @@ gksu_su_fuller (GksuContext *context,
|
||||
{
|
||||
int retval = 0;
|
||||
|
||||
- /* Red Hat's su shows the full path to su in its error messages. */
|
||||
- if (!strncmp (buf, "su:", 3) ||
|
||||
- !strncmp (buf, "/bin/su:", 7))
|
||||
+ if (!strncmp (buf, "su", 2))
|
||||
{
|
||||
gchar **strings;
|
||||
|
||||
@@ -2155,11 +2147,7 @@ gksu_su_fuller (GksuContext *context,
|
||||
}
|
||||
|
||||
strings = g_strsplit (buf, ":", 2);
|
||||
-
|
||||
- /* Red Hat and Fedora use 'incorrect password'. */
|
||||
- if (strings[1] &&
|
||||
- (g_str_has_prefix(strings[1], " Authentication failure") ||
|
||||
- g_str_has_prefix(strings[1], " incorrect password")))
|
||||
+ if (strings[1] && !strncmp (strings[1], " Authentication failure", 23))
|
||||
{
|
||||
if (used_gnome_keyring)
|
||||
g_set_error (error, gksu_quark,
|
||||
@@ -2473,12 +2461,6 @@ gksu_sudo_fuller (GksuContext *context,
|
||||
{
|
||||
char **cmd;
|
||||
char buffer[256] = {0};
|
||||
- char *child_stderr = NULL;
|
||||
- /* This command is used to gain a token */
|
||||
- char *const verifycmd[] =
|
||||
- {
|
||||
- "/usr/bin/sudo", "-p", "GNOME_SUDO_PASS", "-v", NULL
|
||||
- };
|
||||
int argcount = 8;
|
||||
int i, j;
|
||||
|
||||
@@ -2489,8 +2471,9 @@ gksu_sudo_fuller (GksuContext *context,
|
||||
|
||||
pid_t pid;
|
||||
int status;
|
||||
- FILE *fdfile = NULL;
|
||||
- int fdpty = -1;
|
||||
+ FILE *infile, *outfile;
|
||||
+ int parent_pipe[2]; /* For talking to the parent */
|
||||
+ int child_pipe[2]; /* For talking to the child */
|
||||
|
||||
context->sudo_mode = TRUE;
|
||||
|
||||
@@ -2565,10 +2548,6 @@ gksu_sudo_fuller (GksuContext *context,
|
||||
cmd[argcount] = g_strdup("-S");
|
||||
argcount++;
|
||||
|
||||
- /* Make sudo noninteractive (we should already have a token) */
|
||||
- cmd[argcount] = g_strdup("-n");
|
||||
- argcount++;
|
||||
-
|
||||
/* Make sudo use next arg as prompt */
|
||||
cmd[argcount] = g_strdup("-p");
|
||||
argcount++;
|
||||
@@ -2647,21 +2626,26 @@ gksu_sudo_fuller (GksuContext *context,
|
||||
fprintf (stderr, "cmd[%d]: %s\n", i, cmd[i]);
|
||||
}
|
||||
|
||||
- pid = forkpty(&fdpty, NULL, NULL, NULL);
|
||||
- if (pid == 0)
|
||||
+ if ((pipe(parent_pipe)) == -1)
|
||||
{
|
||||
- // Child
|
||||
- setsid(); // make us session leader
|
||||
-
|
||||
- execv(verifycmd[0], verifycmd);
|
||||
+ g_set_error (error, gksu_quark, GKSU_ERROR_PIPE,
|
||||
+ _("Error creating pipe: %s"),
|
||||
+ strerror(errno));
|
||||
+ sudo_reset_xauth (context, xauth, xauth_env);
|
||||
+ return FALSE;
|
||||
+ }
|
||||
|
||||
- g_set_error (error, gksu_quark, GKSU_ERROR_EXEC,
|
||||
- _("Failed to exec new process: %s"),
|
||||
+ if ((pipe(child_pipe)) == -1)
|
||||
+ {
|
||||
+ g_set_error (error, gksu_quark, GKSU_ERROR_PIPE,
|
||||
+ _("Error creating pipe: %s"),
|
||||
strerror(errno));
|
||||
sudo_reset_xauth (context, xauth, xauth_env);
|
||||
return FALSE;
|
||||
}
|
||||
- else if (pid == -1)
|
||||
+
|
||||
+ pid = fork();
|
||||
+ if (pid == -1)
|
||||
{
|
||||
g_set_error (error, gksu_quark, GKSU_ERROR_FORK,
|
||||
_("Failed to fork new process: %s"),
|
||||
@@ -2669,26 +2653,56 @@ gksu_sudo_fuller (GksuContext *context,
|
||||
sudo_reset_xauth (context, xauth, xauth_env);
|
||||
return FALSE;
|
||||
}
|
||||
+ else if (pid == 0)
|
||||
+ {
|
||||
+ // Child
|
||||
+ setsid(); // make us session leader
|
||||
+ close(child_pipe[1]);
|
||||
+ dup2(child_pipe[0], STDIN_FILENO);
|
||||
+ dup2(parent_pipe[1], STDERR_FILENO);
|
||||
|
||||
+ execv(cmd[0], cmd);
|
||||
+
|
||||
+ g_set_error (error, gksu_quark, GKSU_ERROR_EXEC,
|
||||
+ _("Failed to exec new process: %s"),
|
||||
+ strerror(errno));
|
||||
+ sudo_reset_xauth (context, xauth, xauth_env);
|
||||
+ return FALSE;
|
||||
+ }
|
||||
else
|
||||
{
|
||||
gint counter = 0;
|
||||
gchar *cmdline = NULL;
|
||||
- struct termios tio;
|
||||
|
||||
// Parent
|
||||
- fdfile = fdopen(fdpty, "w+");
|
||||
+ close(parent_pipe[1]);
|
||||
|
||||
- /* make sure we notice that ECHO is turned off, if it gets
|
||||
- turned off */
|
||||
- tcgetattr (fdpty, &tio);
|
||||
- for (counter = 0; (tio.c_lflag & ECHO) && counter < 15; counter++)
|
||||
- {
|
||||
- usleep (1000);
|
||||
- tcgetattr (fdpty, &tio);
|
||||
- }
|
||||
+ infile = fdopen(parent_pipe[0], "r");
|
||||
+ if (!infile)
|
||||
+ {
|
||||
+ g_set_error (error, gksu_quark, GKSU_ERROR_PIPE,
|
||||
+ _("Error opening pipe: %s"),
|
||||
+ strerror(errno));
|
||||
+ sudo_reset_xauth (context, xauth, xauth_env);
|
||||
+ return FALSE;
|
||||
+ }
|
||||
|
||||
- fcntl (fdpty, F_SETFL, O_NONBLOCK);
|
||||
+ outfile = fdopen(child_pipe[1], "w");
|
||||
+ if (!outfile)
|
||||
+ {
|
||||
+ g_set_error (error, gksu_quark, GKSU_ERROR_PIPE,
|
||||
+ _("Error opening pipe: %s"),
|
||||
+ strerror(errno));
|
||||
+ sudo_reset_xauth (context, xauth, xauth_env);
|
||||
+ return FALSE;
|
||||
+ }
|
||||
+
|
||||
+ /*
|
||||
+ we are expecting to receive a GNOME_SUDO_PASS
|
||||
+ if we don't there are two possibilities: an error
|
||||
+ or a password is not needed
|
||||
+ */
|
||||
+ fcntl (parent_pipe[0], F_SETFL, O_NONBLOCK);
|
||||
|
||||
{ /* no matter if we can read, since we're using
|
||||
O_NONBLOCK; this is just to avoid the prompt
|
||||
@@ -2697,11 +2711,11 @@ gksu_sudo_fuller (GksuContext *context,
|
||||
struct timeval tv;
|
||||
|
||||
FD_ZERO(&rfds);
|
||||
- FD_SET(fdpty, &rfds);
|
||||
+ FD_SET(parent_pipe[0], &rfds);
|
||||
tv.tv_sec = 1;
|
||||
tv.tv_usec = 0;
|
||||
|
||||
- select (fdpty + 1, &rfds, NULL, NULL, &tv);
|
||||
+ select (parent_pipe[0] + 1, &rfds, NULL, NULL, &tv);
|
||||
}
|
||||
|
||||
/* Try hard to find the prompt; it may happen that we're
|
||||
@@ -2713,7 +2727,7 @@ gksu_sudo_fuller (GksuContext *context,
|
||||
if (strncmp (buffer, "GNOME_SUDO_PASS", 15) == 0)
|
||||
break;
|
||||
|
||||
- read_line (fdpty, buffer, 256);
|
||||
+ read_line (parent_pipe[0], buffer, 256);
|
||||
|
||||
if (context->debug)
|
||||
fprintf (stderr, "buffer: -%s-\n", buffer);
|
||||
@@ -2747,17 +2761,18 @@ gksu_sudo_fuller (GksuContext *context,
|
||||
|
||||
usleep (1000);
|
||||
|
||||
- write (fdpty, password, strlen(password) + 1);
|
||||
- write (fdpty, "\n", 1);
|
||||
+ fprintf (outfile, "%s\n", password);
|
||||
+ fclose (outfile);
|
||||
|
||||
nullify_password (password);
|
||||
|
||||
- fcntl(fdpty, F_SETFL, fcntl(fdpty, F_GETFL) & ~O_NONBLOCK);
|
||||
+ /* turn NONBLOCK off */
|
||||
+ fcntl(parent_pipe[0], F_SETFL, fcntl(parent_pipe[0], F_GETFL) & ~O_NONBLOCK);
|
||||
/* ignore the first newline that comes right after sudo receives
|
||||
the password */
|
||||
- fgets (buffer, 255, fdfile);
|
||||
- /* this is the status we are interested in */
|
||||
- fgets (buffer, 255, fdfile);
|
||||
+ fgets (buffer, 255, infile);
|
||||
+ /* this is the status we are interessted in */
|
||||
+ fgets (buffer, 255, infile);
|
||||
}
|
||||
else
|
||||
{
|
||||
@@ -2766,7 +2781,7 @@ gksu_sudo_fuller (GksuContext *context,
|
||||
fprintf (stderr, "No password prompt found; we'll assume we don't need a password.\n");
|
||||
|
||||
/* turn NONBLOCK off, also if have no prompt */
|
||||
- fcntl(fdpty, F_SETFL, fcntl(fdpty, F_GETFL) & ~O_NONBLOCK);
|
||||
+ fcntl(parent_pipe[0], F_SETFL, fcntl(parent_pipe[0], F_GETFL) & ~O_NONBLOCK);
|
||||
|
||||
should_display = gconf_client_get_bool (context->gconf_client,
|
||||
BASE_PATH "display-no-pass-info", NULL);
|
||||
@@ -2785,9 +2800,14 @@ gksu_sudo_fuller (GksuContext *context,
|
||||
fprintf (stderr, "%s", buffer);
|
||||
}
|
||||
|
||||
- if (g_str_has_prefix (buffer, "Sorry, try again."))
|
||||
+ if (!strcmp (buffer, "Sorry, try again.\n"))
|
||||
g_set_error (error, gksu_quark, GKSU_ERROR_WRONGPASS,
|
||||
_("Wrong password."));
|
||||
+ else if (!strncmp (buffer, "Sorry, user ", 12))
|
||||
+ g_set_error (error, gksu_quark, GKSU_ERROR_NOT_ALLOWED,
|
||||
+ _("The underlying authorization mechanism (sudo) "
|
||||
+ "does not allow you to run this program. Contact "
|
||||
+ "the system administrator."));
|
||||
else
|
||||
{
|
||||
gchar *haystack = buffer;
|
||||
@@ -2805,10 +2825,6 @@ gksu_sudo_fuller (GksuContext *context,
|
||||
}
|
||||
}
|
||||
|
||||
- /* If we have an error, let's just stop sudo right there. */
|
||||
- if (error)
|
||||
- close(fdpty);
|
||||
-
|
||||
cmdline = g_strdup("sudo");
|
||||
/* wait for the child process to end or become something other
|
||||
than sudo */
|
||||
@@ -2825,23 +2841,17 @@ gksu_sudo_fuller (GksuContext *context,
|
||||
if (context->sn_context)
|
||||
gksu_context_launch_complete (context);
|
||||
|
||||
+ while (read (parent_pipe[0], buffer, 255) > 0)
|
||||
+ {
|
||||
+ fprintf (stderr, "%s", buffer);
|
||||
+ bzero(buffer, 256);
|
||||
+ }
|
||||
+
|
||||
/* if the process is still active waitpid() on it */
|
||||
if (pid_exited != pid)
|
||||
waitpid(pid, &status, 0);
|
||||
sudo_reset_xauth (context, xauth, xauth_env);
|
||||
|
||||
- /*
|
||||
- * Did token acquisition succeed? If so, spawn sudo in
|
||||
- * non-interactive mode. It should either succeed or die
|
||||
- * immediately if you're not allowed to run the command.
|
||||
- */
|
||||
- if (WEXITSTATUS(status) == 0)
|
||||
- {
|
||||
- g_spawn_sync(NULL, cmd, NULL, 0, NULL, NULL,
|
||||
- NULL, &child_stderr, &status,
|
||||
- error);
|
||||
- }
|
||||
-
|
||||
if (exit_status)
|
||||
{
|
||||
if (WIFEXITED(status)) {
|
||||
@@ -2853,13 +2863,6 @@ gksu_sudo_fuller (GksuContext *context,
|
||||
|
||||
if (WEXITSTATUS(status))
|
||||
{
|
||||
- if (g_str_has_prefix(child_stderr, "Sorry, user "))
|
||||
- {
|
||||
- g_set_error (error, gksu_quark, GKSU_ERROR_NOT_ALLOWED,
|
||||
- _("The underlying authorization mechanism (sudo) "
|
||||
- "does not allow you to run this program. Contact "
|
||||
- "the system administrator."));
|
||||
- }
|
||||
if(cmdline)
|
||||
{
|
||||
/* sudo already exec()ed something else, don't report
|
||||
@@ -2868,7 +2871,6 @@ gksu_sudo_fuller (GksuContext *context,
|
||||
if (!g_str_has_suffix (cmdline, "sudo"))
|
||||
{
|
||||
g_free (cmdline);
|
||||
- g_free (child_stderr);
|
||||
return FALSE;
|
||||
}
|
||||
g_free (cmdline);
|
||||
@@ -2881,11 +2883,11 @@ gksu_sudo_fuller (GksuContext *context,
|
||||
}
|
||||
}
|
||||
|
||||
- fprintf(stderr, child_stderr);
|
||||
- g_free(child_stderr);
|
||||
-
|
||||
/* if error is set we have found an error condition */
|
||||
- return (error == NULL);
|
||||
+ if (error)
|
||||
+ return FALSE;
|
||||
+
|
||||
+ return TRUE;
|
||||
}
|
||||
|
||||
/**
|
Loading…
Reference in a new issue