summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-05-18 19:13:34 +0200
committerChristian Poessinger <christian@poessinger.com>2021-05-18 21:30:44 +0200
commit432e5048db19ddf5a7505866421f77bb01635d08 (patch)
tree93c29638f3cbe8a808a1895950191c307719df73
parent6816d37501aa495d71a441a8e391a1249c4d13f6 (diff)
downloadvyos-1x-432e5048db19ddf5a7505866421f77bb01635d08.tar.gz
vyos-1x-432e5048db19ddf5a7505866421f77bb01635d08.zip
revert: "util: T2467: add autosudo as an option to command"
Implementing a wrapper which will - based on the command - add a sudo prefix to the execution string seemed to be a nice idea but unfortunately it did not only not get momentum but also the codebase somethis added an implicit "sudo" call a second time. This resulted in a call: "sudo sudo systemctl" The entire functionality was removed again and if an op-mode script requires root priviledges it must be explicitly called with them - no black magic. (cherry picked from commit b76931e6d3a4bd0cdb74ca447a746ab6855fcf55)
-rw-r--r--op-mode-definitions/flow-accounting-op.xml.in2
-rw-r--r--op-mode-definitions/generate-ssh-server-key.xml.in24
-rw-r--r--python/vyos/util.py34
3 files changed, 29 insertions, 31 deletions
diff --git a/op-mode-definitions/flow-accounting-op.xml.in b/op-mode-definitions/flow-accounting-op.xml.in
index b847338f9..7aaae5974 100644
--- a/op-mode-definitions/flow-accounting-op.xml.in
+++ b/op-mode-definitions/flow-accounting-op.xml.in
@@ -57,7 +57,7 @@
<properties>
<help>Restart (net)flow accounting process</help>
</properties>
- <command>${vyos_op_scripts_dir}/flow_accounting_op.py --action restart</command>
+ <command>sudo ${vyos_op_scripts_dir}/flow_accounting_op.py --action restart</command>
</leafNode>
</children>
</node>
diff --git a/op-mode-definitions/generate-ssh-server-key.xml.in b/op-mode-definitions/generate-ssh-server-key.xml.in
index a6ebf1b78..ecea3e5d1 100644
--- a/op-mode-definitions/generate-ssh-server-key.xml.in
+++ b/op-mode-definitions/generate-ssh-server-key.xml.in
@@ -2,14 +2,30 @@
<interfaceDefinition>
<node name="generate">
<properties>
- <help>Generate an object</help>
+ <help>Generate an object/key</help>
</properties>
<children>
- <node name="ssh-server-key">
+ <node name="ssh">
<properties>
- <help>Regenerate the host SSH keys and restart the SSH server</help>
+ <help>Generate SSH related keypairs</help>
</properties>
- <command>${vyos_op_scripts_dir}/generate_ssh_server_key.py</command>
+ <children>
+ <node name="server-key">
+ <properties>
+ <help>Re-generate SSH host keys and restart SSH server</help>
+ </properties>
+ <command>sudo ${vyos_op_scripts_dir}/generate_ssh_server_key.py</command>
+ </node>
+ <tagNode name="client-key">
+ <properties>
+ <help>Re-generate SSH client keypair</help>
+ <completionHelp>
+ <list>&lt;filename&gt;</list>
+ </completionHelp>
+ </properties>
+ <command>ssh-keygen -t rsa -f "$4" -N ""</command>
+ </tagNode>
+ </children>
</node>
</children>
</node>
diff --git a/python/vyos/util.py b/python/vyos/util.py
index 13d0f03be..f9b10c57f 100644
--- a/python/vyos/util.py
+++ b/python/vyos/util.py
@@ -1,4 +1,4 @@
-# Copyright 2020 VyOS maintainers and contributors <maintainers@vyos.io>
+# Copyright 2020-2021 VyOS maintainers and contributors <maintainers@vyos.io>
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
@@ -22,25 +22,13 @@ import sys
# where it is used so it is as local as possible to the execution
#
-
-def _need_sudo(command):
- return os.path.basename(command.split()[0]) in ('systemctl', )
-
-
-def _add_sudo(command):
- if _need_sudo(command):
- return 'sudo ' + command
- return command
-
-
from subprocess import Popen
from subprocess import PIPE
from subprocess import STDOUT
from subprocess import DEVNULL
-
def popen(command, flag='', shell=None, input=None, timeout=None, env=None,
- stdout=PIPE, stderr=PIPE, decode='utf-8', autosudo=True):
+ stdout=PIPE, stderr=PIPE, decode='utf-8'):
"""
popen is a wrapper helper aound subprocess.Popen
with it default setting it will return a tuple (out, err)
@@ -79,9 +67,6 @@ def popen(command, flag='', shell=None, input=None, timeout=None, env=None,
if not debug.enabled(flag):
flag = 'command'
- if autosudo:
- command = _add_sudo(command)
-
cmd_msg = f"cmd '{command}'"
debug.message(cmd_msg, flag)
@@ -98,11 +83,8 @@ def popen(command, flag='', shell=None, input=None, timeout=None, env=None,
stdin = PIPE
input = input.encode() if type(input) is str else input
- p = Popen(
- command,
- stdin=stdin, stdout=stdout, stderr=stderr,
- env=env, shell=use_shell,
- )
+ p = Popen(command, stdin=stdin, stdout=stdout, stderr=stderr,
+ env=env, shell=use_shell)
pipe = p.communicate(input, timeout)
@@ -135,7 +117,7 @@ def popen(command, flag='', shell=None, input=None, timeout=None, env=None,
def run(command, flag='', shell=None, input=None, timeout=None, env=None,
- stdout=DEVNULL, stderr=PIPE, decode='utf-8', autosudo=True):
+ stdout=DEVNULL, stderr=PIPE, decode='utf-8'):
"""
A wrapper around popen, which discard the stdout and
will return the error code of a command
@@ -151,8 +133,8 @@ def run(command, flag='', shell=None, input=None, timeout=None, env=None,
def cmd(command, flag='', shell=None, input=None, timeout=None, env=None,
- stdout=PIPE, stderr=PIPE, decode='utf-8', autosudo=True,
- raising=None, message='', expect=[0]):
+ stdout=PIPE, stderr=PIPE, decode='utf-8', raising=None, message='',
+ expect=[0]):
"""
A wrapper around popen, which returns the stdout and
will raise the error code of a command
@@ -183,7 +165,7 @@ def cmd(command, flag='', shell=None, input=None, timeout=None, env=None,
def call(command, flag='', shell=None, input=None, timeout=None, env=None,
- stdout=PIPE, stderr=PIPE, decode='utf-8', autosudo=True):
+ stdout=PIPE, stderr=PIPE, decode='utf-8'):
"""
A wrapper around popen, which print the stdout and
will return the error code of a command