diff options
author | Christian Poessinger <christian@poessinger.com> | 2021-05-18 19:13:34 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2021-05-18 21:30:44 +0200 |
commit | 432e5048db19ddf5a7505866421f77bb01635d08 (patch) | |
tree | 93c29638f3cbe8a808a1895950191c307719df73 | |
parent | 6816d37501aa495d71a441a8e391a1249c4d13f6 (diff) | |
download | vyos-1x-432e5048db19ddf5a7505866421f77bb01635d08.tar.gz vyos-1x-432e5048db19ddf5a7505866421f77bb01635d08.zip |
revert: "util: T2467: add autosudo as an option to command"
Implementing a wrapper which will - based on the command - add a sudo prefix
to the execution string seemed to be a nice idea but unfortunately it did not
only not get momentum but also the codebase somethis added an implicit "sudo"
call a second time.
This resulted in a call: "sudo sudo systemctl"
The entire functionality was removed again and if an op-mode script requires
root priviledges it must be explicitly called with them - no black magic.
(cherry picked from commit b76931e6d3a4bd0cdb74ca447a746ab6855fcf55)
-rw-r--r-- | op-mode-definitions/flow-accounting-op.xml.in | 2 | ||||
-rw-r--r-- | op-mode-definitions/generate-ssh-server-key.xml.in | 24 | ||||
-rw-r--r-- | python/vyos/util.py | 34 |
3 files changed, 29 insertions, 31 deletions
diff --git a/op-mode-definitions/flow-accounting-op.xml.in b/op-mode-definitions/flow-accounting-op.xml.in index b847338f9..7aaae5974 100644 --- a/op-mode-definitions/flow-accounting-op.xml.in +++ b/op-mode-definitions/flow-accounting-op.xml.in @@ -57,7 +57,7 @@ <properties> <help>Restart (net)flow accounting process</help> </properties> - <command>${vyos_op_scripts_dir}/flow_accounting_op.py --action restart</command> + <command>sudo ${vyos_op_scripts_dir}/flow_accounting_op.py --action restart</command> </leafNode> </children> </node> diff --git a/op-mode-definitions/generate-ssh-server-key.xml.in b/op-mode-definitions/generate-ssh-server-key.xml.in index a6ebf1b78..ecea3e5d1 100644 --- a/op-mode-definitions/generate-ssh-server-key.xml.in +++ b/op-mode-definitions/generate-ssh-server-key.xml.in @@ -2,14 +2,30 @@ <interfaceDefinition> <node name="generate"> <properties> - <help>Generate an object</help> + <help>Generate an object/key</help> </properties> <children> - <node name="ssh-server-key"> + <node name="ssh"> <properties> - <help>Regenerate the host SSH keys and restart the SSH server</help> + <help>Generate SSH related keypairs</help> </properties> - <command>${vyos_op_scripts_dir}/generate_ssh_server_key.py</command> + <children> + <node name="server-key"> + <properties> + <help>Re-generate SSH host keys and restart SSH server</help> + </properties> + <command>sudo ${vyos_op_scripts_dir}/generate_ssh_server_key.py</command> + </node> + <tagNode name="client-key"> + <properties> + <help>Re-generate SSH client keypair</help> + <completionHelp> + <list><filename></list> + </completionHelp> + </properties> + <command>ssh-keygen -t rsa -f "$4" -N ""</command> + </tagNode> + </children> </node> </children> </node> diff --git a/python/vyos/util.py b/python/vyos/util.py index 13d0f03be..f9b10c57f 100644 --- a/python/vyos/util.py +++ b/python/vyos/util.py @@ -1,4 +1,4 @@ -# Copyright 2020 VyOS maintainers and contributors <maintainers@vyos.io> +# Copyright 2020-2021 VyOS maintainers and contributors <maintainers@vyos.io> # # This library is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public @@ -22,25 +22,13 @@ import sys # where it is used so it is as local as possible to the execution # - -def _need_sudo(command): - return os.path.basename(command.split()[0]) in ('systemctl', ) - - -def _add_sudo(command): - if _need_sudo(command): - return 'sudo ' + command - return command - - from subprocess import Popen from subprocess import PIPE from subprocess import STDOUT from subprocess import DEVNULL - def popen(command, flag='', shell=None, input=None, timeout=None, env=None, - stdout=PIPE, stderr=PIPE, decode='utf-8', autosudo=True): + stdout=PIPE, stderr=PIPE, decode='utf-8'): """ popen is a wrapper helper aound subprocess.Popen with it default setting it will return a tuple (out, err) @@ -79,9 +67,6 @@ def popen(command, flag='', shell=None, input=None, timeout=None, env=None, if not debug.enabled(flag): flag = 'command' - if autosudo: - command = _add_sudo(command) - cmd_msg = f"cmd '{command}'" debug.message(cmd_msg, flag) @@ -98,11 +83,8 @@ def popen(command, flag='', shell=None, input=None, timeout=None, env=None, stdin = PIPE input = input.encode() if type(input) is str else input - p = Popen( - command, - stdin=stdin, stdout=stdout, stderr=stderr, - env=env, shell=use_shell, - ) + p = Popen(command, stdin=stdin, stdout=stdout, stderr=stderr, + env=env, shell=use_shell) pipe = p.communicate(input, timeout) @@ -135,7 +117,7 @@ def popen(command, flag='', shell=None, input=None, timeout=None, env=None, def run(command, flag='', shell=None, input=None, timeout=None, env=None, - stdout=DEVNULL, stderr=PIPE, decode='utf-8', autosudo=True): + stdout=DEVNULL, stderr=PIPE, decode='utf-8'): """ A wrapper around popen, which discard the stdout and will return the error code of a command @@ -151,8 +133,8 @@ def run(command, flag='', shell=None, input=None, timeout=None, env=None, def cmd(command, flag='', shell=None, input=None, timeout=None, env=None, - stdout=PIPE, stderr=PIPE, decode='utf-8', autosudo=True, - raising=None, message='', expect=[0]): + stdout=PIPE, stderr=PIPE, decode='utf-8', raising=None, message='', + expect=[0]): """ A wrapper around popen, which returns the stdout and will raise the error code of a command @@ -183,7 +165,7 @@ def cmd(command, flag='', shell=None, input=None, timeout=None, env=None, def call(command, flag='', shell=None, input=None, timeout=None, env=None, - stdout=PIPE, stderr=PIPE, decode='utf-8', autosudo=True): + stdout=PIPE, stderr=PIPE, decode='utf-8'): """ A wrapper around popen, which print the stdout and will return the error code of a command |